Cool. In a little over a month, I hit 3 years.

Was about to cite TNG Tech Manual as well - although that also said that holodeck characters’ bodies were replicated meat puppets, which I think they didn’t stick with.

If it doesn’t simulate a connected monitor, it looks like there are little HDMI shims that do called EDID emulators that are available for relatively cheap.

(Note: Anything I say could be B.S. I could be completely misunderstanding this.)

Clevis isn’t too difficult to set up - Arch Wiki documents the process really well. I’ve found it works better with dracut that mkinitcpio.

As for PCR registers (which I haven’t set up yet but should), what I can tell, it sets the hash of the boot partition and UEFI settings in the TPM PCR register so it can check for tampering on the unencrypted boot partition and refuse to give the decryption keys if it does. That way, someone can’t doctor your boot partition and say, put the keys on a flash drive - I think they’d have to totally lobotomize your machine’s hardware to do it, which only someone who has both stolen your device and has the means/budget to do that would do.

You do need to make sure these registers are updated every kernel update, or else you’ll have to manually enter the LUKS password the next boot and update it then. I’m wondering if there’s a hook I can set up where every time the boot partition is updated, it updates PCR registers.

You’re somewhat right in the sense that the point of disk encryption is not to protect from remote attackers. However, physical access is a bigger problem in some cases (mostly laptops). I don’t do it on my desktop because I neither want to reinstall nor do I think someone who randomly breaks in is going to put in the effort to lug it away to their vehicle.

Clevis pretty much does TPM encryption and is in most distros’ repos. I use it on my Thinkpad. It would be nice if it had a GUI to set it up; more distros should have this as a default option.

You do have to have an unencrypted boot partition, but the issues with this can at least in be mitigated with PCR registers, which I need to set up.

It’s a smidge more difficult on Debian if you want to use a non-ext4 filesystem - granted for most people, ext4’s probably still fine. I use it on my desktop, which doesn’t have encryption.

Yes, fellow OpenTTD player.

I’m using LVM. The BIOS solution would be a bad idea because it would be more difficult to access the drive on other systems if you had to; LVM allows you to enter your password on other systems to decrypt.

Do your servers have TPM? Clevis might be the way to go; I use it on my Thinkpad and it makes my life easy. If the servers don’t have TPM, Clevis also supports this weird thing called Tang, which from what I can tell basically assures that the servers can only be automatically decrypted on your local network. If Clevis fails, you can have it fall back to letting you enter the LVM password.

Well, it was worth a shot.

I don’t do it for my desktop because 1) I highly doubt my desktop would get stolen. 2) I installed Linux before I was aware of encryption, and don’t have any desire to do a reinstall on my desktop at this time.

For my laptop, yes, I do (with exception of the boot partition), since it would be trivial to steal and this is a more recent install. I use clevis to auto-unlock the drive by getting keys from the TPM. I need to better protect myself against evil maids, though - luckily according to the Arch Wiki Clevis supports PCR registers.

I wouldn’t necessarily say that - Debian and FreeBSD releases have roughly the same support lifespan, meaning if installed on release day, you’d get a few (~5 years) years of support without major upgrades.

I’d say both systems have a high chance of success at upgrading to the immediate next version, so that becomes maybe 7 or 8 years when adding the years of support left on the now older immediate next version.

For a second immediate next upgrade, you might be right that a BSD has a better chance of surviving.

I wouldn’t know about Open SD, though, as they operate on point releases and I don’t know to what extent they prevent breaking changes.

I think you might win.

That might me it - when I search older media, say The Andy Griffith show, sure enough there are a crap ton of plates.

It might be a sort of Venn diagram thing - Trek/Wars plates came at the dusk of the commemorative plate era, while the fans were more likely than others to buy collectibles like plates, making them seem unique from other fandoms.

I just realized another thing about April - assuming humans live 120 years on average in the Trek universe and April got turned roughly 20 in Counter/Clock, an elderly April could still be alive in the 2360s or 70s.

I would love that! Give the lost part of the Monster Maroon era (mid 2290s-2340s) some love.

The weird thing is April from SNW should canonically still be alive due to TAS:”Counter-clockwise Incident”.

TLDR: The Commission probably wouldn’t like it, and the Federation even more so. Even so, there are practical hurtles such as genetic diversity and whether medical knowledge of symbionts is advanced enough to keep a large population healthy and happy.

For one, a fundamental tenet of the ideology of the commission is to protect the well-being of the symbionts, sentient beings, from suffering abuse due to potential competition between Trill over a limited number of symbionts.

If we take the well-being argument further, cloning symbionts has many issues to their well-being. Cloning them would be indignant because it would reduce them to a commodity that every Trill should have rather than a sentient being that chooses a relationship.

Even if the idea got through the commission, I feel like the rest of the Federation might frown on this for those reasons in addition to another: I think there’s already a slight bias in Federation culture against the cloning process.

This can be seen in TNG:“Up The Long Ladder” (in addition to revealing that cloning on a large scale has negative implications, Riker is so mad about cloning he murders his own clone and Pulaski’s) and TNG:“Second Chances”/LD:“Kayshon, His Eyes Open” (Transporter cloning is seen as a suboptimal circumstance). This suggest culturally, the Federation finds cloning inconvenient at best and a violation at worst. This might be partially negated if the symbionts were to give consent, but it would still feel iffy to most planets

On another note, exact cloning symbiont genomes could have drastic consequences. For one, it would vastly reduce the genetic diversity of the symbionts; this means if there was say, 1 million Daxs with all the same DNA, there’s a higher chance that a virus could evolve that’s really good at spreading between Daxs, allowing the virus to spread in those Daxs and evolve, probably ultimately killing a lot of symbionts.

The above might be able to be averted if say, you sequenced the DNA of all the (willing) symbionts and generated distinct genome sequences by simulated breeding between symbionts (if they sexually reproduce) or maybe simulating mutations if they reproduce asexually. You could then synthesize the genome and grow a symbiont from it.

Even this better solution might prevent problems, though - what happens when symbionts have genetic defects? With symbionts being so rare, is the medical knowledge of them enough that a large population could be kept healthy?

I feel like I had a problem very much like this with Debian Testing on my Surface Go 1 (and I think my desktop too) a couple years back, and it turned out there was issues with /etc/nsswitch.conf. I can’t remember exactly what I did, but this is the current contents of that file:

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         files systemd
group:          files systemd
shadow:         files
gshadow:        files

hosts:          files mdns4_minimal [NOTFOUND=RETURN] dns myhostname
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

Compare yours - maybe even post it so I can try to reproduce the issue on my machine. Anyhow, hope it helps, and good luck.

It depends. Sometimes I shut it down every night. Occasionally, I’ll leave it in sleep mode for a few days.

I think the longest uptime I’ve had on anything I’ve owned is probably a month or so on a Raspberry Pi 4 server I used to have running with a personal Mediawiki instance (I still have the Pi, but if I ran a server in my dorm, I have the feeling someone might come to bite off my hand).