If you scroll down in journalctl, it can go later in time. Also, you can check different boots by changing the b parameter, with -b 0 being the current boot, -b -1 being the previous boot, b -2 being the boot before that, etcetera.

For UFW, I’d just try unblocking the Proton ports if it says they’re blocked in Proton settings. Also, check to make sure you don’t have two firewalls installed; while this once again shouldn’t crash the system, my PC did some very weird things when both UFW and firewalld were installed.

Alright then. That probably eliminates the lp thing. Can I ask: what journalctl command (or logging command in general, if not journalctl) did you use? I’d recommend giving the results of journalctl -b -1 -p 3 and dmesg.

Also, it’d probably be a good idea to tell us what ports are getting blocked; that shouldn’t be personally identifying in any way. After doing research on what those ports are and what ProtonVPN requires, try experimenting with unblocking some of them if you can; a blocked port shouldn’t crash your system, but it’s worth a shot.

I might also recommend looking at a task manager, just to make sure some application isn’t taking up all your memory and causing the system to freeze.

Finally, take a look at your CPU temps in case this is some kind of cooling failure.

I don’t think it’s ProtonVPN, at least not directly, as those happened over 20 minutes before the crash (I’m assuming it happened somewhere around 9:32:30)

That last one looks really odd, and I’m wondering what that kernel module is used for. I’m looking around real quick.

EDIT: Looks like it’s for line printers. I’m trying to think why your kernel would randomly load that. Can we see the contents of the following?:

• /etc/modules-load.d/modules.conf
• /usr/lib/modules-load.d/modules.conf
• /usr/local/lib/modules-load.d/modules.conf (if it exists)
• /run/modules-load.d/modules.conf (if it exists)

Also, can you give us more information about your hardware, just to be sure?

xkcd 1085:

You’re not going to like how I-Chaya the Red-Nosed Sehlat ends…

No, not Santa.

“Attempt to calculate answer to your question: Why you want dried leaves in boiling water.”

“Because I happen to like it. That’s why.”

Let’s give him a statuette of Gul Dukat called “National Award for Supreme Attainment in Bajoran Statue Nonextancy”.

Although we haven’t really started it yet beyond session 0 yet, the chief medical officer I made in Star Trek Adventures campaign I have with my siblings is a Pandronian who really hates being asked about the three parts thing.

Oh, my gosh. That video is hilarious. Makes the episode 10 times funnier, and it was already beautifully campy to begin with.

And don’t forget the sequel episode in TAS, in which the planet tries to kill them because it’s depressed about its creator dying. Although it’s not as hilarious an episode as the one where Captain Kirk literally defends the human rights of Satan.

I was talking less install a bootkit and giving it back to be and more just straight-up stealing the laptop and seeing if they can get any personal info they can sell before formatting it and eBaying it.

Still, your points are totally valid.

So an ancient alien technology that can literally bring people back from the dead doesn’t count as “fancy”?

The password thing is pretty based, honestly. What you say is probably not possible, as the NT kernel would have to support LUKS, I’m pretty sure, which it doesn’t.

Precisely. I just use probably as a catch all.

Maybe Muppet Orville would be more viable, since they’re both Disney?

And we have Seth McFarlane play the Kermit the Frog plush on his desk. Not a plush of Seth McFarlane, but a full-size Seth McFarlane wearing a Kermit onsie and sitting on the desk. (Although then, it breaks what makes Muppet adaptations good - the humans taking their roles entirely seriously.$

Although Kermit’s too nice to be Ed, and Mrs. Piggy is a really bad fit for Kelly. Okay, maybe a lot of the characters on The Orville would be really hard to map to Muppets.

Me waiting for Star Trek Lower Decks Volume 2, or at least a repressing of volume 1:

It really shouldn’t matter. I know what they’re talking about and it’s true.

It’s not malicious or “ransomware”, and this is perfectly normal, default behavior for most devices - both macOS and Windows implement full disk encryption in a default install these days, and your key is almost always in your Microsoft Account on the Microsoft website. While Microsoft does a lot of crap wrong, in this case, Windows’s failure to decrypt under GRUB is security features actually kind of doing their job. Basically, trying to boot Windows through GRUB confuses the TPM, causing it to not want to give the keys in case the Windows boot partition has been tampered with by bad actors. Thus, you have to boot directly through Windows Boot Manager, not GRUB

Also, secure boot and TPM aren’t just some conspiracy by Microsoft to block Linux; they are attempts at implementing legitimately necessary security features. Full disk encryption supported by correctly implemented secure boot and an encryption chip are essential to having modern security. Linux is not blocked by TPM and Secure Boot; it is certainly possible for Linux distributions to take advantage of them to enhance their own security. I have implemented automatic LUKS full disk encryption that similarly fails to unlock if the partition has been tampered with on my Debian install. In theory, they can actually be used to help improve your security.

That is not to say I think TPM and secure boot are good, though. The really obnoxious thing about secure boot is that all the certificates are controlled by Microsoft rather than a standards body or a group of certificate authorities. While so far, Microsoft has kept it relatively open by providing the third party CA and the shim binary in order to avoid having its neck snapped by the FTC, considering the current administration, we don’t know how much longer they’ll keep it up, and they could actualize the much-feared blocking of Linux.

The other big problem with TPMs and secure boot is that often, there are so many different implementations and frequently major security flaws in their implementations that weaken their protection. A typical petty thief stealing your laptop still probably won’t be able to decrypt your drive, but a nation state can probably find a way. It doesn’t help that Windows doesn’t encrypt communication between the CPU and the TPM (luckily, the Linux kernel does that by default). Despite these issues, I’d say TPM and Secure Boot is better than nothing for most devices; not using them (EDIT: or a non-M$-controlled alternative, like a memorized drive password AND/OR FIDO keys, which may be better) at least in part means your device is more vulnerable to physical access and bootkit attacks than even most Windows laptops, and they are often the only tools at your defense

EDIT: An addendum: Now the really smart thing I’ve heard people do is to keep the boot partition on a flash drive (possibly with a keypad or biometrics) that you keep with you at all times.

Yes, all 100 years of them, because that’s the only thing they can look forward to in their careers.

?