The coolest project I've worked on was for a certain country's Navy. The project itself was cool and I'll talk about it below but first, even cooler than the project was the place were I worked on it.

I would go to this island off the coast where the navy had its armoury. Then to get into the armoury I'd go through this huge tunnel excavated in solid rock.

Finally, once inside I would have to go thru the thickest metal doors you've ever seen to get to crypto room, which was a tiny room with a bunch of really old men - cryptographers - scribbling math formulae all day long.

I can't give a lot of technical details on the project for security reasons but basically it was a bootable CD with a custom Linux distro on it. Upon booting up the system would connect to the Internet looking for other nodes (other systems booted with that CD). The systems would find each other and essentially create an ad-hoc "dark net".

The scenario was that some foreign force would have occupied the country and either destroyed or taken control of the Navy systems. In this case, some key people would boot these CDs in some PC somewhere not under foreign control (and off the navy grounds.) This would supposedly allow them to establish secure communications between surviving officers. There is a lot more to it but that's a good harmless outline.

As a bonus, I got to tour an active aircraft carrier :)

Downloaded Kubuntu because i couldn't seen to be able to boot from a freshly created KDE Neon bootable usb.

Installed it onto my netbook (Lenovo Thinkpad X121E) and it worked great!

But just the fact that somehow the installer froze when trying to setup hdd encryption kept bugging me.

Took a random flash drive which was laying around and put it in to see what would happen. KDE Neon booted just like this and everything worked very well with hdd encryption.

I now have a very secure netbook 😊

Taking IT classes in college. The school bought us all lynda and office365 accounts but we can't use them because the classroom's network has been severed from the Active Directory server that holds our credentials. Because "hackers." (The non-IT classrooms don't have this problem, but they also don't need lynda accounts. What gives?)

So, I got bored, and irritated, so I decided to see just how secure the classroom really was.

It wasn't.

So I created a text file with the following rant and put it on the desktop of the "locked" admin account. Cheers. :)

1. don't make a show of "beefing up security" because that only makes people curious.
I'm referring of course to isolating the network. This wouldn't be a problem except:

2. don't restrict the good guys. only the bad guys.
I can't access resources for THIS CLASS that I use in THIS CLASS. That's a hassle.
It also gives me legitimate motivation to try to break your security.

3. don't secure it if you don't care. that is ALSO a hassle.
I know you don't care because you left secure boot off, no BIOS password, and nothing
stopping someone from using a different OS with fewer restrictions, or USB tethering,
or some sort malware, probably, in addition to security practices that are
wildly inconsistent, which leads me to the final and largest grievance:

4. don't give admin priveledges to an account without a password.

seriously. why would you do this? I don't understand.
you at least bothered to secure the accounts that don't even matter,
albeit with weak and publicly known passwords (that are the same on all machines),
but then you went and left the LEAST secure account with the MOST priveledges?
I could understand if it were just a single-user machine. Auto login as admin.
Lots of people do that and have a reason for it. But... no. I just... why?

anyway, don't worry, all I did was install python so I could play with scripting
during class. if that bothers you, trust me, you have much bigger problems.

I mean you no malice. just trying to help.

For real. Don't kick me out of school for being helpful. That would be unproductive.
Plus, maybe I'd be a good candidate for your cybersec track. haven't decided yet.

-- a guy who isn't very good at this and didn't have to be
have a nice day <3

oh, and I fixed the clock. you're welcome.

Secure boot -_-. I can't install Linux from live USB boot. And I can't switch off this secure boot...

Tried to dual boot Arch with Windows yesterday.

Everything was going smoothly. Shrunk the C: partition, ran the installer, installed the OS fine. But it was still booting straight to Windows.

So I edited the BCD to point to Grub instead of Wilndows. Then the plan was to boot into Arch, find Windows, and add it to Grub, problem solved.

Wrong. I had forgotten to disable secure boot. Arch and Grub were booting in BIOS mode, but Windows was UEFI. Grub couldn't boot or even see Windows.

So now I was stuck with just Arch. So I flashed a Windows drive, booted from that, automatic startup repair failed. Opened up the command prompt, tried to rebuild the BCD from there. Surely I can just rebuild it and forget about trying to dual boot right? I just want to get back to being able to use my PC.

Wrong again. Didn't find Windows. Had to get rid of the BCD file before I could rebuild it, but couldn't find it. Found out that I could use diskpart to mount the system partition and assign it a drive letter, renamed the BCD, rebuilt it, and finally was able to reboot into Windows.

Learn from my arrogance. First time Linux users should not attempt to install Arch, let alone do it alongside Windows on the same disk.

Finally got a new laptop at work!
The first thing to do: install linux in it so the beast could roar free.

Download mint iso, dd it into an usb drive, boot it up in uefi mode, .... /dev/sda read error: -110. Fuck, must be smth w/ secure-boot. Disable it, rinse and repeat. Same error. Wtf, could my drive be broken?
dd iso into another usb drive, boot live env -- read error. THE FUCK! It's wildly unlikely my both usb drives died on the same fucking day!

Go to it admin to ask for an usb drive. Iso->usb, boot -- live env is up. My my, look who's unfortunate today :)

cryptsetup, install, reboot et voila, the beast is finally roaring!

These ignorant comments about arch are starting to get on my nerves.

You ranted or asked help about something exclusive to windows and someone pointed out they don't have that problem in arch and now you're annoyed?

Well maybe it's for good.

Next comes a very rough analogy, but imagine if someone posts "hey guys, I did a kg of coke and feeling bad, how do I detox?"

It takes one honest asshole to be like "well what if you didn't do coke?".

Replace the coke with windows.
Windows is a (mostly) closed source operating system owned by a for profit company with a very shady legal and ethical history.

What on earth could possibly go wrong?

Oh you get bsod's?
The system takes hours to update whenever the hell it wants, forces reboot and you can't stop it?
oh you got hacked because it has thousands of vulnerabilities?
wannacry on outdated windows versions paralyzed the uk health system?

oh no one can truly scrutinize it because it's closed source?

yet you wonder why people are assholes when you mention it? This thing is fucking cancer, it's hundreds of steps backwards in terms of human progress.

and one of the causes for its widespread usage are the savage marketing tactics they practiced early on. just google that shit up.

but no, linux users are assholes out to get you.

and how do people react to these honest comments? "let's make a meme out of it. let's deligitimize linux, linux users and devs are a bunch of neckbeards, end of story, watch this video of rms eating skin off his foot on a live conference"

short minded idiots.

I'm not gonna deny the challenges or limitations linux represents for the end user.

It does take time to learn how to use it properly.
Nvidia sometimes works like shit.
Tweaking is almost universally required.
A huge amount of games, or Adobe/Office/X products are not compatible.
The docs can be very obscure sometimes (I for one hate a couple of manpages)

But you get a system that:
* Boots way faster
* Is way more stable
* Is way way way more secure.
* Is accountable, as in, no chance to being forced to get exploited by some evil marketing shit.

In other words, you're fucking free.
You can even create your own version of the system, with total control of it, even profit with it.

I'm not sure the average end user cares about this, but this is a developer forum, so I think in all honesty every developer owes open source OS' (linux, freebsd, etc) major respect for being free and not being corporate horseshit.

Doctors have a hippocratic oath? Well maybe devs should have some form of oath too, some sworn commitment that they will try to improve society.

I do have some sympathy for the people that are forced to use windows, even though they know ideally isn't the ideal moral choice.
As in, their job forces it, or they don't have time or energy to learn an alternative.

At the very least, if you don't know what you're talking about, just stfu and read.

But I don't have one bit of sympathy for the rest.

I didn't even talk about arch itself.
Holy fucking shit, these people that think arch is too complicated.

What in the actual fuck.

I know what the problem is, the arch install instructions aren't copy paste commands.
Or they medium tutorial they found is outdated.

So yeah, the majority of the dev community is either too dumb or has very strong ADD to CAREFULLY and PATIENTLY read through the instructions.

I'll be honest, I wouldn't expect a freshman to follow the arch install guide and not get confused several times.
But this is an intermediate level (not megaexpert like some retards out there imply).

Yet arch is just too much. That's like saying "omg building a small airplane is sooooo complicated". Yeah well it's a fucking aerial vehicle. It's going to be a bit tough. But it's nowhere near as difficult as building a 747.

So because some devs are too dumb and talk shit, they just set the bar too low.

Or "if you try to learn how to build a plane you'll grow an aviator neckbeard". I'll grow a fucking beard if I want too.

I'm so thankful for arch because it has a great compromise between control and ease of install and use.

When I have a fresh install I only get *just* what I fucking need, no extra bullshit, no extra programs I know nothing about or need running on boot time, and that's how I boot way faster that ubuntu (which is way faster than windows already).

Configuring nvidia optimus was a major pain in the ass? Sure was, but I got it work the way I wanted to after some time.

Upgrading is also easy as pie, so really scratching my brain here trying to understand the real difficult of using arch.

For all the hate against windows I built over the now 8 years using linux as my main os. Now I feel windows 10 is quite good.

I got a little beefier desktop lately, been using just laptops from the last 8 years(8D) so I got this urge to get a desktop for gaming, I bought an entry level machine. ryzen 5 2400g, put my lovely linux mint and... the fucking machine was hanging up when the load was too high, and the load was too high too often because react/node etc.

I gave up in less than a day, I just did a quick search and some people said about secure boot or whatnot, some other claimed that ryzen cpus had no problem with mint, I got fed up quickly and did not try any solution with linux. Then I installed windows 10, installed the godamned drivers from the provided dvd ... since then it was a breeze.

The dark mode is gorgeous and no hanging up at all... I'm just sad that mint did not worked soo well. I wanted to have consistency between my laptop/desktop and I loved mint above everything. But well, some things improve while you're not looking at them, win 10 is quite good, I'll keep my desktop as gaming/programming pc with win 10, and well, the laptop will be auxiliar programming machine.

¯\_(ツ)_/¯

We code hard in these cubicles

My style’s nerd-chic, I’m a programmin’ freak

We code hard in these cubicles

Only two hours to your deadline?

Don’t sweat my technique.

Sippin’ morning coffee with that JAVA swirl.

Born to code; my first words were “Hello World”

Since 95, been JAVA codin’ stayin’ proud

Started on floppy disks, now we take it to the cloud.

On my desktop, JAVA’s what’s bobbin’ and weavin’

We got another winning app before I get to OddEven.

Blazin’ code like a forest fire, climbin’ a tree

Setting standards like I Triple E….
Boot it on up, I use the force like Luke,

Got so much love for my homeboy Duke.

GNU Public Licensed, it’s open source,

Stop by my desk when you need a crash course

Written once and my script runs anywhere,

Straight thuggin’, mean muggin’ in my Aeron chair.

All the best lines of code, you know I wrote ‘em

I’ll run you out of town on your dial-up modem.

Cause…
We code hard in these cubicles

Me and my crew code hyphy hardcore

We code hard in these cubicles

It’s been more than 10 years since I’ve seen the 404.

Inheriting a project can make me go beeee-serk

Ain’t got four hours to transfer their Framework.

The cleaners killed the lights, Man, that ain’t nice,

Gonna knock this program out, just like Kimbo Slice

I program all night, just like a champ,

Look alive under this IKEA lamp.

I code HARDER in the midnight hour,

E7 on the vending machine fuels my power.

Ps3 to Smartphones, our code use never ends,

JAVA’s there when I beat you in “Words with Friends”.

My developing skills are so fresh please discuss,

You better step your game up on that C++.

We know better than to use Dot N-E-T,

Even Dan Brown can’t code as hard as me.

You know JAVA’s gettin’ bigger, that’s a promise not a threat,

Let me code it on your brain

We code hard in these cubicles,

it’s the core component…of what we implement.

We code hard in these cubicles,
Straight to your JAVA Runtime Environment.

We code hard in these cubicles,
Keep the syntax light and the algorithm tight.

We code hard in these cubicles,

Gotta use JAVA if it’s gonna run right.

We code hard in these cubicles

JAVA keeps adapting, you know it’s built to last.

We code hard in these cubicles,

Robust and secure, so our swag’s on blast

CODE HARD

So i tried installing elementary on my friend's computer

I keep ending up with this error : 'in it ram fs : cannot find a medium with a live file system'

This error can be replicated on one other computer but works without the error on another one.

I'm using a UEFI boot on all of them
What I've tried :
1. Switching USB ports
2. Burning the image using Rufus, lily USB
3.secure boot on/off
4. Converted any dynamic partitions to basic
5. Converted MBR to GPT
6. Disabled Intel PTT

I've tried Ubuntu as well, same results

Because I am very interested in cyber security and plan on doing my masters in it security I always try to stay up to date with the latest news and tools. However sometimes its a good idea to ask similar-minded people on how they approach these things, - and maybe I can learn a couple of things. So maybe people like @linuxxx have some advice :D Let's discuss :D

1) What's your goto OS? I currently use Antergos x64 and a Win10 Dualboot. Most likely you guys will recommend Linux, but if so what ditro, and why? I know that people like Snowden use QubesOS. What makes it much better then other distro? Would you use it for everyday tasks or is it overkill? What about Kali or Parrot-OS?

2) Your go-to privacy/security tools? Personally, I am always conencted to a VPN with openvpn (Killswitch on). In my browser (Firefox) I use UBlock and HttpsEverywhere. Used NoScript for a while but had more trouble then actual use with it (blocked too much). Search engine is DDG. All of my data is stored in VeraCrypt containers, so even if the system is compromised nobody is able to access any private data. Passwords are stored in KeePass. What other tools would you recommend?

3) What websites are you browsing for competent news reports in the it security scene? What websites can you recommend to find academic writeups/white papers about certain topics?

4) Google. Yeah a hate-love relationship, but its hard to completely avoid it. I do actually have a Google-Home device (dont kill me), which I use for calender entries, timers, alarms, reminders, and weather updates as well as IOT stuff such as turning my LED lights on and off. I wouldn"t mind switching to an open source solution which is equally good, however so far I couldnt find anything that would a good option. Suggestions?

5) What actions do you take to secure your phone and prevent things such as being tracked/spyed? Personally so far I havent really done much except for installing AdAway on my rooted device aswell as the same Firefox plugins I use on my desktop PC.

6) Are there ways to create mirror images of my entire linux system? Every now and then stuff breaks, that is tedious to fix and reinstalling the system takes a couple of hours. I remember from Windows that software such as Acronis or Paragon can create a full image of your system that you can backup and restore at any point to get a stable, healthy system back (without the need to install everything by hand).

7) Would you encrypt the boot partition of your system, even tho all data is already stored in encrypted containers?

8) Any other advice you can give :P ?

For all the hate that Java gets, this *not rant* is to appreciate the Spring Boot/Cloud & Netty for without them I would not be half as productive as I am at my job.

Just to highlight a few of these life savers:
- Spring security: many features but I will just mention robust authorization out of the box
- Netflix Feign & Hystrix: easy circuit breaking & fallback pattern.
- Spring Data: consistent data access patterns & out of the box functionality regardless of the data source: eg relational & document dbs, redis etc with managed offerings integrations as well. The abstraction here is something to marvel at.
- Spring Boot Actuator: Out of the box health checks that check all integrations: Db, Redis, Mail,Disk, RabbitMQ etc which are crucial for Kubernetes readiness/liveness health checks.
- Spring Cloud Stream: Another abstraction for the messaging layer that decouples application logic from the binder ie could be kafka, rabbitmq etc
- SpringFox Swagger - Fantastic swagger documentation integration that allows always up to date API docs via annotations that can be converted to a swagger.yml if need be.
- Last but not least - Netty: Implementing secure non-blocking network applications is not trivial. This framework has made it easier for us to implement a protocol server on top of UDP using Java & all the support that comes with Spring.

For these & many more am grateful for Java & the big big community of devs that love & support it.

I've had a Xiaomi Mi 8 for a few months now. Although I'm impressed by what I got for the amount I paid (a phone that cost about $250 for 6GB RAM, Snapdragon 845, Android 9 and premium build quality is quite a steal), it definitely comes with a consequence.

MIUI (specifically MIUI 11) is godawful. It is single-handedly the worst Android ROM I've ever used since my shitty Android 2.2 phone back around 2010. If you're gonna buy a Xiaomi phone, plan to install Lineage OS on it (but even that's a pain which I'll explain why later).

- Navigation buttons don't hide while watching a video.

Why? God only knows. The ONLY way to bypass without root this is to use its garbage fullscreen mode with gestures, which is annoying as all hell.

- 2 app info pages?

Yeah, the first one you can access just by going to its disaster of a settings app, apps, manage apps and tap on any one.

The 2nd one you can access through the app info button in any 3rd party launcher. Try this: Download Nova launcher, go to the app drawer, hold on any app and tap "app info", and you'll see the 2nd one.

Basically, instead of modifying Android's FOSS source code, they made a shitty overlay. These people are really ahead of their time.

- Can only set lock screen wallpapers using the stock Gallery app

It's not that big an issue, until it is, when whatever wallpaper app you're using only allows you to set the wallpaper and not download them. I think this is both a fuckup on Xiaomi and (insert wallpaper app name here), but why Xiaomi can't include this basic essential feature that every other Android ROM ever made has is beyond me.

- Theming on MIUI 11 is broken

Why do they even bother having a section to customize the boot animation and status bar when there's not one goddamn theme that supports it? At this point you're only changing the wallpaper and icon pack which you can do on any Android phone ever. Why even bother?

They really, REALLY want to be Apple.

Just look at their phones. They're well designed and got good specs, but they don't even care anymore about being original. The notch and lack of a headphone jack aren't features, they're tremendous fuckups by the dead rotting horse known as Apple that died when Steve Jobs did.

Xiaomi tries to build a walled garden around an inherently customizable OS, and the end result is a warzone of an Android ROM that begs for mercy from its creator. Launchers integrate horribly (Does any power user actually use anything that isn't Nova or Microsoft launcher?), 3rd party themes and customization apps need workarounds, some apps don't work at all. People buy from Xiaomi to get a high end budget Android phone at the price of some ads and data collection, not a shitter iOS wannabe.

They really, REALLY want you to have a sim card

If you don't have a sim card and you're using your phone for dev stuff, you're a 2nd class citizen to Xiaomi. Without one, you can't:

- Install adb through adb
- Write to secure settings
- Unlock your bootloader and get away from this trash Android ROM

What's the point? Are they gonna shadow ban you? Does anyone contact them to unlock their bootloader saying "yeah I wanna use a custom rom to pirate lizard porn and buy drugs"? They made this 1000000000x harder than it needs to be for no reason whatsoever. Oh yeah and you gotta wait like a week or something for them to unlock it. How they fucked up this bad is beyond me.

So yeah. Xiaomi. Great phones, atrocious OS.

Yeah, nah, I dont want to disable secure boot

The coolest project I ever worked on wasn't programming per second, though it involved a bit of scripting. The company I worked for had an FTP over TLS backup solution and it was put together with glue and paperclips by a guy that hadn't the slightest idea what he was doing. In order to conform with the insurance, data had to be encrypted. I setup a raid-ed server with full disk encryption on the raid volume that fetched the key over the network at boot from another secure server. I wrote a series of scripts for provisioning users and so on. The backup connections was sftp using a ssh tunnel, the users were chrooted to their own home directories, and were unable to open shells. The system was 100x more robust and secure than the original. I set it up on short notice and received absolutely no recognition for saving the company's ass, but it was definitely a fun project.

All I have to say is that ThinkPads are a wonderful piece of hardware that are worth the price but if they have their BIOS locked (if you buy it second hand) they're the worst thing in the world that should just be thrown into the gutter as you can't even reinstall windows in most cases nor install Linux due to secure boot being enabled and BIOS being locked ffs I had great hopes for this one

*sigh*.
back from lunch break, to find my dualboot with Windows 10 & openSUSE uefi having automatically rebooted due to some updates,

and see a busy box message, because secure boot somehow was suddenly enabled (guess the w update)..
good thing i always bring a usb pen with multiple system tools and live distros...

Me yesterday:

"I think I've been too harsh on desktop Linux. Maybe I'll give it one more shot. Ok, debian 9 looks decent."

- Unetbootin fails to recognize usb drive

"Hmmm ok. I'll use ether to to put the iso directly on the drive."

- Bios requires disabling of secure boot

"Uhhh..I guess I'll just disable it in the bios."

- Debian fails to configure network

"Lol fuck this."

What do we do when the WiFi dont work
What do we do when the WiFi don't work
What do we do when the WiFi don't work
On Ubuntu 18.10

Disable secure boot and sign your own driver
Disable secure boot and sign your own driver
Disable secure boot and sign your own driver
Build it from the source code

Trying to install Linux off of a USB drive when motherboard flips put during boot mode and boots back into windows saying that it is not secure. Even though I've tested this drive and installed Linux on other computers. ugh

Currently trying to make a multi boot machine, with a lot of linux distros inside, like debian, fedora, gentoo and arch.

I know I will have to format everything a lot of time, because of stupid mistakes, I want to try to put /home in common, and play with some more SSD, and to put a preempt_rt patched kernel somewhere.

I am starting from debian,
Format counter: 3

Reason 0: because i need to install at least once...
Reason 1: I am stupid
Reason 2: I disconnected the SSD,to connect a disk with windows. Now bootloader doesn't find any os in the SSD anymore... still no clue, and in case of doubt: give windows the fault 😠😠😠

DAMN YOU WINDOWS, how did you find that I want to use debian? What did you do to break it?? (Despite it wasn't even connected?!?)

I have checked everything about secure boot, and I am sure it is disabled...

And every search online gives results about dual boot, but it is not my case... :/

Just installed Fedora Linux on a Toshiba because it's my only option other than Ubuntu, thanks to Microsoft's secure boot

So I've been using Duet on my iPad Pro for a couple years now (lets me use it as an external monitor via Lightning cable) and without issue. Shit, I've been quite happy with it. Then the other day, whilst hooked up to my work laptop, there was a power fluctuation that caused my laptop to stop sending power to connected devices. Which is fine - I have it plugged into a surge protector so these fluctuations shouldn't matter. After a few seconds the laptop resumed normal operation and my connected devices were up and running again.

But the iPad Pro, for some reason, went into an infinite boot loop sequence. It reboots, gets to the white Apple logo, then reboots again.

In the end, after putting the iPad into recovery mode and running Apple's update in iTunes (as they recommend), it proceeds to wipe all my data. Without warning. I lost more than a couple of years of notes, illustrations and photos. All in one fucking swoop.

To be clear, you get 2 options in iTunes when performing a device update:

1. UPDATE - will not mess with your data, will just update the OS (in this case iPadOS)
2. RESTORE - will delete everything, basically a factory reset

I clicked UPDATE. After the first attempt, it still kept bootlooping. So I did it again, I made sure I clicked UPDATE because I had not yet backed up my data. It then proceeds to do a RESTORE even though I clicked UPDATE.

Why, Apple? WHY.

After a solemn weekend lamenting my lost data, I've come a conclusion: fuck you Apple for designing very shitty software. I mean, why can't I access my device data over a cabled connection in the event I can't boot into the OS? If you need some form of authentication to keep out thieves, surely the mutltiple times you ask me to log in with my Apple ID on iTunes upon connecting the damn thing is more than sufficient?! You keep spouting that you have a secure boot chain and shit, surely it can verify a legitimate user using authenticated hardware without having to boot into the device OS?

And on the subject of backing up my data, you really only have 2 manual options here. Either (a) open iTunes, select your device, select the installed app, then selectively download the files onto my system; or (b) do a full device backup. Neither of those procedures is time-efficient nor straightforward. And if you want to do option b wirelessly, it can only be on iCloud. Which is bullshit. And you can't even access the files in the device backup - you can only get to them by restoring to your device. Even MORE bullshit.

Conversely, on my Android phone I can automate backups of individual apps, directories or files to my cloud provider of choice, or even to an external microSD card. I can schedule when the backups happen. I can access my files ANYTIME.

I got the iPad Pro because I wanted the best drawing experience, and Apple Pencil at the time was really the best you could get. But I see now it's not worth compromise of having shitty software. I mean, It's already 2021 but these dated piles of excrement that are iOS and iPadOS still act like it's 2011; they need to be seriously reviewed and re-engineered, because eventually they're going to end up as nothing but all UI fluff to hide these extremely glaring problems.

Though I’ve seen devices like the following I’ve only ever seen them used for horrible purposes.

I was envisioning facility control being made capable by the use of a larger tablet device or tablet computer. The device would have no internet connection. It would not attach to the outside world at all.

It would not receive non manual software updates

It could view all air flow, temperature, lights, locks, electrical outlets, power draw, water usage, heaters, air conditioners, computer statins etc
And control and report statistics on them all.

Impractical you people said last time. But I would say cool if the device is kept super secure . That being said who knows how to do that since everything sucks once someone who knows what they’re doing has physical access lol

Personally all I don’t know how to break into is smart phones
Comps I could always figure out even if they had disk encryption given enough time.

The only reason phones are hard is you’re limited to network attacks and the boot loader is on the chip page.

Cause in the end a computer is just it’s hard drive in terms of security lol

Bought two hp z230 and one hp z210 to setup as a kubernetes cluster at home.
The first two worked as expected to install Ubuntu 18.04 but the z210 just fails installation just at the end of.
I've updated the bios, I've tried different hard drive, (obvious I've turned off secure boot), I've downgraded the bios, I've cursed, spoken harch language at it and sprinkled it with holy water, still it fails.
A Google search the problem, one hit similar to my problem but it did not help me.
Currently I'm on my 5:the glass of wine, if not solved tomorrow I'm hiding it at work until the next "downsizing" and it will have an accedent from the 9:the floor.
I've spent 150$ on it but I have the economy to nurture my mental health... Not all the time but this time it feels worth it!!!

!dev (kinda)

Warning: Might contain (be) stupid rambling.

So I got my new toy and want to play around with it. Just in case I have to return it I first want to make a full disk backup, so I try to boot clonezilla. I press the power button and mash F2, F8, F9 - and it boots straight into the windows setup. Nope, not what I wanted. Try again. And again. Eventually I look it up and apparently I have to hammer the ESC key to get where I want to. Alright, now it works. Boot from USB. Failed. Try again. Failed. Check the BIOS, disable secure boot, reboot. I need to type 4 digits to confirm disabling secure boot. Alright. Reboot, try again, failed. Secure boot is on again. Wtf? After some more infuriating tries I see that NumLock is disabled. AAAARGH. BIOS: Enable NumLock on boot, disable secure boot, enable legacy boot. Input the 4 digits - works! Try to boot from USB: Failed! Grab another USB stick, did the clonezilla image, try again: Finally! It! Works!

Format disk, install Qubes OS. Success!