It’s clearly a move to gain control of what people’s computers will be allowed to run and what information they’ll be allowed to see.
There were already attempts to implement this at the start of the consumer internet days by Microsoft and others, which failed then because many early internet users were paying attention and knew what was being attempted. This time I’m not sure that we’ll be able to stop it without structural changes to society.
As I understand it, it wasn’t arbitrary. Microsoft has wanted to require TPMs for two decades at this point. Once there’s high enough adoption they can roll out their version of trusted computing.
Memory is fine. I ran a couple disk checks as well and it’s also fine. I was also using two SSDs during the process with no difference in the problems experiences.
The RAM is fine (Memtest ran 4 times without faults), and cooling seems to work well enough. Storage is ok and I used two different SSDs through this whole process and saw the same problems on both.
I tried the previous known-good kernel options on the Manjaro install and it seems to be OK now. According to the Arch Wiki the Intel 8th Gen mobile CPUs and especially iGPUs are known to be a little problematic on Linux so the kernel options to disable some power saving options are basically non-optional. It’s weird though that it works now and didn’t on the Tumbleweed reinstall.
Even if it’s as simple as choosing which Root CA’s we want to trust, how many people will know to do that and be able to do that? A couple percent at most.
Of course we need full ownership of our devices, and trusted computing has always referred to the trust of for-profit corporations, but this in itself doesn’t help the vast majority of people who either don’t know that they’re compromised, think they have nothing to hide, are unable to do anything about it, or a mix of all three.
Privacy and security are already a privilege. Proposals like eIDAS only make it even more unaccessible.
You can use the container names to address containers. Whether this is a randomly generated name (docker run… with no --name flag), the compose working dir and service name, or the compose container_name var.
I also rarely use the container command. docker is sufficient, or docker compose … while in the working dir of a given compose stack.
Mint on my desktop, decided to try out Tumbleweed on a cheap laptop. KDE wasn’t for me / wasn’t reliable enough, but I’m happy with Gnome. I haven’t needed to use Flatpacks though.
Might try MicroOS on the servers, I like the idea of an immutable distro so less can go wrong during updates, and I run all services as containers anyway.