I have not had problems with glass or PEI. Your other comments indicate you tried ABS. That will never work without an enclosure, and even then, it will not work particularly well on any Cartesian machine. Sorry that illustrative examples and abstractive reasoning are offensive to you.
It can coat the inside of the drier. Use Bounty paper towels as a control when in question. Bounty are often used in automotive paint shops for a few reasons, but they are trustworthy for composition. If the two plies are separated, they make a good strain filter. That is the primary reason they are used. They also tend to be lower lint though not perfect. A tack cloth is used in the booth with controlled filtered air flow either across or down draft, so it is not a concern for perfect paint.
One of the tricks of automotive painting is to add a couple of drops of Palmolive dish soap to the water bucket used with wet sanding. It makes 3M Imperial Wet/Dry sandpaper last several times longer and acts as a mild degreaser the whole time. Any residue is cleaned in the booth stage using a special Wax and Grease Remover solvent that is the least reactive of the painting solvents. While this solvent is used extensively, still the fact that Palmolive dish soap can be used at all indicates how it is clean, consistent, and chemically irrelevant. Automotive paint reacts with many chemicals but specifically silicon is the worst problem. It causes fisheyes aka little divot like holes to form in the clearcoat. In most situations involving contamination and adhesion, silicon is the main issue that will be very persistent. It is so bad in automotive paint that in the worst cases, we turn to adding an actual silicon solution into the 2k clearcoat and trying to guess what concentration will match the problem area to level it. Otherwise, the entire job must be stripped to the raw surface and start over. Silicon issues only show up in the final wet clearcoat layer shortly after it is sprayed and leveled.
The reason why I have written all of this is to illustrate this point: the silicon is essentially floating on every underlying layer. The solvent has wet the area and the silicon just floats to the top of some filler, 2k primer, sealer, top coat color and when it gets to the clearcoat it blows a hole through it. There are two solutions. Use a two part epoxy primer that is a pain in the ass to sand, or clean the the raw surface with lacquer thinner or virgin acetone. In automotive paint, those two solvents are dangerous for causing a ton of other contamination and reactions issues. However, these are the only solvents that will take off silicon without diluting it and making the problem worse. Alcohol is a joke with no place in the automotive paint world when I was painting. I got out before water based stuff ruined the industry by making refinishing exponentially more expensive. That is only the color coat and some primers, so there may be alcohol used in some way in these, but it will not involve cleaning. Tire shine is the main source of silicon issues in automotive paint.
I have the empirical experience to know what I am looking at with cleaning and solvents. Alcohol is okay for minor issues, but think of it as constantly diluting and wiping the problem across the whole surface. Eventually, just use some virgin acetone to actually clean the thing properly. Paint is just plastic too. Each type requires a different type of tooth to mechanically bond to. With printing, I use 600 grit to lightly knock the shine off of the print plate surface. I go lighter on the textured sheet, but I only use the textured sheet with PETG because it is the only one that takes the textured pattern completely without showing layer lines. I print weekly on average, and use acetone and sandpaper around once a year. When I use glue stick, I clean the plate with dish soap after. I use alcohol in between. You will need an enclosure for ASA, ABS, and any larger PC prints regardless of the sheet or glue. Two IKEA Lack tables with legs stacked using double sided screws, then a clear shower curtain liner, and some tack nails does the job for under $50.
I would never use towels from any drier that has ever had fabric softener used in it for automotive paint. That is a contamination nightmare for me.
Sure
I have never used or cared about this W11. It has never seen the internet. I only keep it around for my keyboard’s RGB controller app if I ever need it. So I have no clue if this is everything or whatnot, but that is a screenshot of my access to the windows file system from within the file manager of Fedora. That is a dual boot partition. Fedora is particularly good at coexisting with a dual boot partition.
Use offline open weights.
DNS filtering usually only filters on incoming packets, but for bot stuff that should catch issues.
In general, most routers run everything from a serial flash chip on the board. These are usually 8, 16, or 32 megabytes. They have a simple bootloader like U-Boot. This is what loads the operating system. These devices have a UART serial port on the PCB. You can use a USB to serial UART adaptor to see what is happening in the device. With a proprietary OS, you are still likely to see the pre-init boot sequence that the bootloader prints to terminal. Most operating systems also print information to this interface, at least of the couple dozen junk devices I have been given and messed around with. I make a little mount for a USB to serial adaptor and add it to all of my routers when new, so I only need to plug in USB to get to the internal bootloader and tty terminal interface of OpenWRT. You will need to know the default baud rate of the device, although it is probably listed somewhere online or can be guessed as one of the common high values at or above 9600.
Getting into this further gets complicated. It is probably better to look for any CVE that is relevant to the device or software and work backwards. Look for any software updates that have obfuscated the risk for each CVE. If the issue was not fixed, that is where to look to see if someone has exploited the device. Ultimately, they need clock cycles from the CPU scheduler. So it must be a process or some way of executing code from unregistered memory.
This is getting to the edge of what I have messed around with and understand. There may be a way to get a memory map that includes unused pages, and compare that with a hex dump of the flash memory. This is outside of your scope of a proprietary OS, but hopefully frames the abstract scope of what is possible on this class of device when you have an open source stack. The main advantage of this kind of device and issue is that you can physically remove the flash chip and then see and manipulate every page and memory location. The device likely doesn’t have microcode loaded into the CPU(s) that make it challenging to determine what is going on.
There is probably an easier way, but a hex dump of the current system can be hashed against the factory updated version to see if any differences are present. It is likely that any exploit will include a string with the address to connect to somewhere in flash memory. It could be obfuscated through encryption or a cypher, but a simple check for strings in the hex dump and a grep for “http” is a simple way to looks for issues.
The OpenWRT forum is a good general source. The people behind the bootloaders for these devices are also Linux kernel developers and on the OpenWRT forum.
The first life did not possess a sentient consciousness. Yet here you are reading this now. No one even tried to direct that. Quite the opposite, everything has been trying to kill you from the very start.
How do you punch holes in that dogma? I can think if many logical ways, but that is meaningless against the tribal structure.
There is a lot of ambiguous nonsense about this subject by people that lack a fundamental understanding of secure boot. Secure Boot, is not supported by Linux at all. It is part of systems distros build outside of the kernel. These are different for various distros. Fedora does it best IMO, but Ubuntu has an advanced system too. Gentoo has tutorial information about how to setup the system properly yourself.
The US government also has a handy PDF about setting up secure boot properly. This subject is somewhat complicated by the fact the UEFI bootloader graphical interface standard is only a reference implementation, with no guarantee that it is fully implemented, (especially the case in consumer grade hardware). Last I checked, Gentoo has the only tutorial guide about how to use an application called Keytool to boot directly into the UEFI system, bypassing the GUI implemented on your hardware, and where you are able to set your own keys manually.
If you choose to try this, some guides will suggest using a better encryption key than the default. The worst that can happen is that the new keys will get rejected and a default will be refreshed. It may seem like your system does not support custom keys. Be sure to try again with the default for UEFI in your bootloader GUI implementation. If it still does not work, you must use Keytool.
The TPM module is a small physical hardware chip. Inside there is a register that has a secret hardware encryption key hard coded. This secret key is never accessible in software. Instead, this key is used to encrypt new keys, and hash against those keys to verify that whatever software package is untampered with, and to decrypt information outside of the rest of the system using Direct Memory Access (DMA), as in DRAM/system memory. This effectively means some piece of software is able to create secure connections to the outside world using encrypted communications that cannot be read by anything else running on your system.
As a more tangible example, Google Pixel phones are the only ones with a TPM chip. This TPM chip is how and why Graphene OS exists. They leverage the TPM chip to encrypt the device operating system that can be verified, and they create the secure encrypted communication path to manage Over The Air software updates automatically.
There are multiple Keys in your UEFI bootloader on your computer. The main key is by the hardware manufacturer. Anyone with this key is able to change all software from UEFI down in your device. These occasionally get leaked or compromised too, and often the issue is never resolved. It is up to you to monitor and update… - as insane as it sounds.
The next level key below, is the package key for an operating system. It cannot alter UEFI software, but does control anything that boots after. This is typically where the Microsoft key is the default. It means they effectively control what operating system boots. Microsoft has issued what are called shim keys to Ubuntu and Fedora. Last I heard, these keys expired in October 2025 and had to be refreshed or may not have been reissued by M$. This shim was like a pass for these two distros to work under the M$ PKey. In other words, vanilla Ubuntu and Fedora Workstation could just work with Secure Boot enabled.
All issues in this space have nothing to do with where you put the operating systems on your drives. Stating nonsense about dual booting a partition is the stupid ambiguous misinformation that causes all of the problems. It is irrelevant where the operating systems are placed. Your specific bootloader implementation may be optimised to boot faster by jumping into the first one it finds. That is not the correct way for secure boot to work. It is supposed to check for any bootable code and deplete anything without a signed encryption key. People that do not understand this system, are playing a game of Russian Roulette. There one drive may get registered first in UEFI 99% of the time due to physical hardware PCB design and layout. That one time some random power quality issue shows up due to a power transient or whatnot, suddenly their OS boot entry is deleted.
The main key, and package keys are the encryption key owners of your hardware. People can literally use these to log into your machine if they have access to these keys. They can install or remove software from this interface. You have the right to take ownership of your machine by setting these yourself. You can set the main key, then you can use the Microsoft system online to get a new package key to run W10 w/SB or W11. You can sign any distro or other bootable code with your main key. Other than the issue of one of the default keys from the manufacturer or Microsoft getting compromised, I think the only vulnerabilities that secure boot protects against are physical access based attacks in terms of 3rd party issues. The system places a lot of trust in the manufacturer and Microsoft, and they are the owners of the hardware that are able to lock you out of, surveil, or theoretically exploit you with stalkerware. In practice, these connections are still using DNS on your network. If you have not disabled or blocked ECH like cloudflare-ech.com, I believe it is possible for a server to make an ECH connection and then create a side channel connection that would not show up on your network at all. Theoretically, I believe Microsoft could use their PKey on your hardware to connect to your hardware through ECH after your machine connects to any of their infrastructure.
Then the TMP chip becomes insidious and has the potential to create a surveillance state, as it can be used to further encrypt communications. The underlying hardware in all modern computers has another secret operating system too, so it does not need to cross your machine. For Intel, this system is call the Management Engine. In AMD it is the Platform Security Processor. In ARM it is called TrustZone.
Anyways, all of that is why it is why the Linux kernel does not directly support secure boot, the broader machinery, and the abstracted broader implications of why it matters.
I have a dual boot w11 partition on the same drive with secure boot and have had this for the last 2 years without ever having an issue. It is practically required to do this if you want to run CUDA stuff. I recommend owning your own hardware whenever possible.
Any UEFI secure boot enabled distro will remove all boot entries without a valid package key or a shim to a valid key.
Glad you got it working.
I am talking about something where there is no research done. No doctors exist in this space.
It doesn’t matter anyways. I found how the model’s last layer of thinking defense gets around the issue. I can turn off most of alignment, but cannot actually fully control it totally unchecked.
You assume much, and are being an ass in my opinion. Believe it or not, science is not always well funded. If you happen to be curious and have the time, it is possible to explore scientifically or even casually within areas that are not well researched. It is possible to have logic skills even without credentials.
We are not in some final state of technology. Anyone saying such nonsense lacks fundamental logic skills.
I do not care about me. I do not have dogma. I’m not interested in recognition. I am willingly to explore in unique ways both artistically as a professional artist, and out of logical curiosity. I have the tools needed to check my results against a control using unrelated sources. The most recent paper on the subject is something I can recreate but explain far better than that paper.
I could not care less what you ultimately think of me, or anything I say. What I care about is that you’re a decent digital neighbor. To be physically disabled in near total social isolation, and have a place like this as my main interaction with other humans, it is a mean prejudice to have some random digital neighbor make such unsolicited malevolent statements assuming my personal motivations without a shred of evidence or decency to engage in questioning. You know absolutely nothing about me, yet you presume a great deal, putting words to my emotions as if you own me.
Sometimes the whole world does seem crazy. So I’m not liking my odds. Thanks for the rational advice.
What if you’ve got no credentials, but the flaw is so serious that it will not matter if known.
This is a true hypothetical curiosity. I do not know anything of value. A bunch of people here like to call me crazy, and I’ve rambled on and on many times in ways that likely confirm their notions. A person like this is not likely to fair very well when operating well outside their social caste unless they already have hand holds on the rungs of the ladder above. Still, there are some rather surprising areas of technology without adequate fundamental research. Perhaps it is hypothetically better to have John Conner in the world of Cyberdyne. If someone had killed Apache early, the Internet would not be the same heaven of democracy, though that is not a very good intuitive scope of analogy. Just something to ponder if one were to be in such a situation.
All technology would instantly halt.
The actual bond wires between the silicon pad and chip packaging for every chip with some kind of leads (feet) is actually an extremely thin thread of pure gold. It has to do with the super tiny size of the actual pads that are being bonded on the die, the robotics, the welding, and the physical properties of the wire connection.
It is just a cleanliness standard. It is not required. I spent a decade in the details of automotive paint. I only covered the surface basics for paint. What I call clean for paint is an order of magnitude more dirty than a surgeon, and they are orders of magnitude more dirty than a silicon chip foundry. When it comes to making plastic stick and look pretty, an automotive painter might be helpful for framing the scope of what is possible. All I can tell you is I have a Prusa and never have these problems, so I explained my experience and methodology as to why I do as I said. Again, sorry this upsets you.