Statistics Canada numbers say wealth gap getting bigger
Statistics Canada numbers say wealth gap getting bigger
Bottom 40 per cent of Canadians combined for 17.2 per cent of national incomeIsaac Phan Nay, Local Journalism Initiative Reporter, The Tyee (The Chilliwack Progress)
Kiev loses 1,220 troops along engagement line in past day — Russia’s top brass
Kiev loses 1,220 troops along engagement line in past day — Russia’s top brass
Russia’s Battlegroup Center inflicted roughly 400 casualties on Ukrainian troops and destroyed seven enemy armored combat vehicles in its area of responsibility over the past dayTASS
like this
Israel Wants U.S. Greenlight To Attack Iran Again ‘Pre-Emptively’
Israel Wants U.S. Greenlight To Attack Iran Again 'Pre-Emptively’
Israeli Colonel Jacques Neriah, a former intelligence official and a special analyst for the Middle East, warned on August 24...Anonymous1199 (South Front)
Horrifying testimonies seek to lift shroud of silence around ritual sex abuse claims in Israel
Several women alleged that religious and community leaders had participated in the abuse. One woman named Yael Ariel testified that she had heard accounts from several women alleging that “doctors, educators, police officers, and both former and current Knesset members” took part.
“I was around 15, tied to a torture bed in basements in the Tel Aviv area,” said one women, recalling an incident in which her abusers — including family members — slaughtered a snake, mixed its blood with hers and drank it, while raping her and calling her a “holy vessel.”
“They tied me up in every possible way, using whips and electric shocks, raping me,” said another survivor, who testified that she was 5 years old when she began suffering “unbearable abuse,” including by religious leaders and educators who told her that she was “defective” and needed to be “fixed.”
like this
Ritual abuse is prevalent in most countries.
There is still an aversion to talking about it, even when the abusers hold little influence in society.
Everything is many times worse when the perpetrators hold real power
Russia orders state-backed Max messenger app to be pre-installed on new phones
A Russian state-backed messenger application called Max, a rival to WhatsApp that critics say could be used to track users, must be pre-installed on all mobile phones and tablets bought in the country starting next month, the Russian government said on Thursday.The decision to promote Max comes as Moscow, locked in a standoff with the west over Ukraine, is seeking greater control over the internet. The Kremlin said in a statement that Max, which will be integrated with government services, would be on a list of mandatory pre-installed apps on all “gadgets”, including mobile phones and tablets, sold in Russia from 1 September.
Russia orders state-backed Max messenger app to be pre-installed on new phones
Critics say Max, a WhatsApp rival, could be used to track users, though state media says it is not a spying appGuardian staff reporter (The Guardian)
There's no russophobia when that country would want you killed for opposing authoritarianism. Or when that country routinely invades Europe. Or when it shoots down a plane and doesn't apologise nor extradite the criminals who did it (Girkin and Putler).
Or when it opposes your very existence as a person. Or when it infects your people with the disease of far-right hatred. And I could go on. Fuck Putler's Russia.
routinely invades Europeshoots down a plane and doesn’t apologise
Citations needed
Putler
Love to see nato propaganda language on leftist platform ( ゚ー゚)
For those of us with ADHD, if you are thinking about a task every second you're not doing it and desperately want to do the task more than anything else and are devastated that you can't do it so much that you use all your energy just on trying to make yourself do the thing that you want to do but can't, that is NOT procrastination. That is executive dysfunction. It only seems like procrastination to people who have never experienced executive dysfunction and those who have only ever experienced executive dysfunction.
Procrastination is when you fully have the ability to do something and choose not to do it but to do the thing you prefer doing instead. I hadn't experienced this until very recently, after a lot of therapy and medication.
Rozaŭtuno likes this.
reshared this
Trial of Brazil’s Bolsonaro enters verdict phase over alleged coup plot
Trial of Brazil’s Bolsonaro enters verdict phase over alleged coup plot
The former president is charged with five counts, including plotting the assassination of senior officials.Al Jazeera
What is the best Android browser for privacy?
PrivacyBrowser is a really good browser in my opinion. But I cant do an analysis on its privacy.
I will add that I love how they handle bookmarks.
CBP Had Access to More than 80,000 Flock AI Cameras Nationwide
CBP Had Access to More than 80,000 Flock AI Cameras Nationwide
Customs and Border Protection (CBP) regularly searched more than 80,000 Flock automated license plate reader (ALPR) cameras, according to data released by three police departments. The data shows that CBP’s access to Flock’s network is far more robust and widespread than has been previously reported. One of the police departments 404 Media spoke to said it did not know or understand that it was sharing data with CBP, and Flock told 404 Media Monday that it has “paused all federal pilots.”In May, 404 Media reported that local police were performing lookups across Flock on behalf of ICE, because that part of the Department of Homeland Security did not have its own direct access. Now, the newly obtained data and local media reporting reveals that CBP had the ability to perform Flock lookups by itself.
Last week, 9 News in Colorado reported that CBP has direct access to Flock’s ALPR backend “through a pilot program.” In that article, 9 News revealed that the Loveland, Colorado police department was sharing access to its Flock cameras directly with CBP. At the time, Flock said that this was through what 9 News described as a “one-to-one” data sharing agreement through that pilot program, making it sound like these agreements were rare and limited:
“The company now acknowledges the connection exists through a previously publicly undisclosed program that allows Border Patrol access to a Flock account to send invitations to police departments nationwide for one-to-one data sharing, and that Loveland accepted the invitation,” 9 News wrote. “A spokesperson for Flock said agencies across the country have been approached and have agreed to the invitation. The spokesperson added that U.S. Border Patrol is not on the nationwide Flock sharing network, comprised of local law enforcement agencies across the country. Loveland Police says it is on the national network.”
New data obtained using three separate public records requests from three different police departments gives some insight into how widespread these “one-to-one” data sharing agreements actually are. The data shows that in most cases, CBP had access to more Flock cameras than the average police department, that it is regularly using that access, and that, functionally, there is no difference between Flock’s “nationwide network” and the network of cameras that CBP has access to.
According to data obtained from the Boulder, Colorado Police Department by William Freeman, the creator of a crowdsourced map of Flock devices called DeFlock, CBP ran at least 118 Flock network searches between May 13 and June 13 of this year. Each of these searches encompassed at least 6,315 individual Flock networks (a “network” is a specific police department or city’s cameras) and at least 82,000 individual Flock devices. Data obtained in separate requests from the Prosser Police Department and Chehalis Police Department, both in Washington state, also show CBP searching a huge number of networks and devices.
A spokesperson for the Boulder Police Department told 404 Media that “Boulder Police Department does not have any agreement with U.S. Border Patrol for Flock searches. We were not aware of these specific searches at the time they occurred. Prior to June 2025, the Boulder Police Department had Flock's national look-up feature enabled, which allowed other agencies from across the U.S. who also had contracts with Flock to search our data if they could articulate a legitimate law enforcement purpose. We do not currently share data with U.S. Border Patrol. In June 2025, we deactivated the national look-up feature specifically to maintain tighter control over Boulder Police Department data access. You can learn more about how we share Flock information on our FAQ page.”
A Flock spokesperson told 404 Media Monday that it sent an email to all of its customers clarifying how information is shared from agencies to other agencies. It said this is an excerpt from that email about its sharing options:
“The Flock platform provides flexible options for sharing:
National sharing
- Opt into Flock’s national sharing network. Access via the national lookup tool is limited—users can only see results if they perform a full plate search and a positive match exists within the network of participating, opt-in agencies. This ensures data privacy while enabling broader collaboration when needed.
- Share with agencies in specific states only
- Share with agencies with similar laws (for example, regarding immigration enforcement and data)
- Share within your state only or within a certain distance
- You can share information with communities within a specified mile radius, with the entire state, or a combination of both—for example, sharing with cities within 150 miles of Kansas City (which would include cities in Missouri and neighboring states) and / or all communities statewide simultaneously.
- Share 1:1
- Share only with specific agencies you have selected
- Don’t share at all”
In a blog post Monday, Flock CEO Garrett Langley said Flock has paused all federal pilots.
“While it is true that Flock does not presently have a contractual relationship with any U.S. Department of Homeland Security agencies, we have engaged in limited pilots with the U.S. Customs and Border Protection (CBP) and Homeland Security Investigations (HSI), to assist those agencies in combatting human trafficking and fentanyl distribution,” Langley wrote. “We clearly communicated poorly. We also didn’t create distinct permissions and protocols in the Flock system to ensure local compliance for federal agency users […] All federal customers will be designated within Flock as a distinct ‘Federal’ user category in the system. This distinction will give local agencies better information to determine their sharing settings.”
A Flock employee who does not agree with the way Flock allows for widespread data sharing told 404 Media that Flock has defended itself internally by saying it tries to follow the law. 404 Media granted the source anonymity because they are not authorized to speak to the press.
“They will defend it as they have been by saying Flock follows the law and if these officials are doing law abiding official work then Flock will allow it,” they said. “However Flock will also say that they advise customers to ensure they have their sharing settings set appropriately to prevent them from sharing data they didn’t intend to. The question more in my mind is the fact that law in America is arguably changing, so will Flock just go along with whatever the customers want?”
The data shows that CBP has tapped directly into Flock’s huge network of license plate reading cameras, which passively scan the license plate, color, and model of vehicles that drive by them, then make a timestamped record of where that car was spotted. These cameras were marketed to cities and towns as a way of finding stolen cars or solving property crime locally, but over time, individual cities’ cameras have been connected to Flock’s national network to create a huge surveillance apparatus spanning the entire country that is being used to investigate all sorts of crimes and is now being used for immigration enforcement. As we reported in May, Immigrations and Customs Enforcement (ICE) has been gaining access to this network through a side door, by asking local police who have access to the cameras to run searches for them.
9 News’s reporting and the newly released audit reports shared with 404 Media show that CBP now has direct access to much of Flock’s system and does not have to ask local police to run searches. It also shows that CBP had access to at least one other police department system in Colorado, in this case Boulder, which is a state whose laws forbid sharing license plate reader data with the federal government for immigration enforcement. Boulder’s Flock settings also state that it is not supposed to be used for immigration enforcement.
This story and our earlier stories, including another about a Texas official who searched nationwide for a woman who self-administered an abortion, were reported using Flock “Network Audits” released by police departments who have bought Flock cameras and have access to Flock’s network. They are essentially a huge spreadsheet of every time that the department’s camera data was searched; it shows which officer searched the data, what law enforcement department ran the search, the number of networks and cameras included in the search, the time and date of the search, the license plate, and a “reason” for the search. These audit logs allow us to see who has access to Flock’s systems, how wide their access is, how often they are searching the system, and what they are searching for.
The audit logs show that whatever system Flock is using to enroll local police departments’ cameras into the network that CBP is searching does not have any meaningful pushback, because the data shows that CBP has access to as many or more cameras as any other police department. Freeman analyzed the searches done by CBP on June 13 compared to searches done by other police departments on that same day, and found that CBP had a higher number of average cameras searched than local police departments.“The average number of organizations searched by any agency per query is 6,049, with a max of 7,090,” Freeman told 404 Media. “That average includes small numbers like statewide searches. When I filter by searches by Border Patrol for the same date, their average number of networks searched is 6,429, with a max of 6,438. The reason for the maximum being larger than the national network is likely because some agencies have access to more cameras than just the national network (in-state cameras). Despite this, we still see that the count of networks searched by Border Patrol outnumbers that of all agencies, so if it’s not the national network, then this ‘pilot program’ must have opted everyone in the nation in by default.”
CBP did not immediately respond to a request for comment.
A Texas Cop Searched License Plate Cameras Nationwide for a Woman Who Got an Abortion
The sheriff said the woman self-administered the abortion and her family were concerned for her safety, so authorities searched through Flock cameras.Joseph Cox (404 Media)
They're advertised to the public as "license plate readers" but can do way more than that. Fingerprinting cars based on bumper stickers, colors, dents, scratches, etc.
And if the ability to do all of that is baked into these cameras, it would be trivial to do the same for humans.
nvidia 470 on debian trixie (kernel 6.12). any ideas?
the context is: the 470 legacy driver doesn't compile on the linux 6.12 kernel. because of that, debian decided to officially drop support to that driver. i tried installing the driver myself using nvidia's official installer, but the installation indeed fails during the module compilation stage.
this means i am stuck with nouveau. it got better since i last tested it on bookworm, but one major pain in the ass is that nouveau has no support for performance levels for my card and it runs at the lowest clock bc of that (~400 megahertz instead of its max ~900 mhz).
this causes a noticeable performance hit, even for desktop usage, but it's good enough for work. waching full hd 60 fps video is a bit painful, but it's possible. but gaming, which was possible, got way worse. even a lightweight game like celeste got frustrating to play due to stuttering.
i guess i'll have to deal with it and maybe this is the cue to buy another graphics card and never buy nvidia again, but i'm thinking about what my options would be here:
- downgrade to bookworm. not easy to do, would only delay the problem.
- install an older kernel and use only that. not sure how, the official repos only have the 6.12 kernel. i could get the older kernel from the bookworm backports and pin it to prevent any updates, but mixing repos from different versions makes me uneasy.
- patch the driver. there are a few patches floating around that make nvidia's driver compile on the 6.12 kernel. applying the patch by hand is annoying and i would have to re-apply it at every kernel update.
- cope.
any ideas?
edit
and it runs at the lowest clock bc of that (~400 megahertz instead of its max ~900 mhz).
that was a mistake. i was reading the clock off of my onboard video chip, which also happens to be nvidia. the onboard chip is at .../dri/0; my graphics card is at .../dri/1. nouveau seems to support reclocking for my card, but i'm trying to change the clock and the video signal goes crazy when i do it
GitHub - polhdez/nouveau-reclocking-guide: How to reclock nvidia cards at boot on Linux using nouveau.
How to reclock nvidia cards at boot on Linux using nouveau. - polhdez/nouveau-reclocking-guideGitHub
you're right. i thought my card didn't support it because i might have misread the feature matrix. adding to the confusion, /dri/0 is my onboard video (which also happens to be nvidia) and that's where i got the 400 mhz number from
still, i just tried it reclocking seems to drive the video signal crazy
edit: yeah it's definitely unsupported, the display turns completely into scrambled eggs. i'll try a newer kernel just in case
edit 2: tried it on the 6.16 kernel (i have an opensuse tumbleweed installation laying around) just in case it had some development on that front compares to 6.12 (debian's version) and it's still a mess. so reclocking for my card is definitely a no-no on nouveau
I gave it some thought, I think that you are getting slowdowns because of some kind of a bug and not due to slow speed of the GPU.
I have actually daily-driven a MacBook Pro 15-inch 2009 with a GeForce 9600M GT and even at 279 Mhz core, it was usable on Manjaro KDE, animations were a bit laggy, but nothing compared to what you are describing.
I still remember trying kernel 6.7 or 6.8 and immediately seeing MUCH worse performance with constant lags. I have only consistently used kernels 6.1, 6.6 and 6.12 on Manjaro on that machine, all of them with decent experience. I would try some other kernel if that's possible, but considering that you have tried 6.12 and 6.16 at this point, I am not too hopeful.
“Add initial support for preinstalling flatpaks” merged
Add initial support for preinstalling flatpaks, v2 by swick · Pull Request #6116 · flatpak/flatpak
This is based on work by Kalev, taking over the PR: #5832 The configuration format and priority has been changed. Tests have been added. This version is already in use in RHEL. This adds new Flatp...GitHub
Selhosted P2P File Transfer & Messaging
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. They are for testing and demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* These are NOT meant to replace robust solutions like VeraCrypt, Simplexchat, Signal, Whatsapp, wetransfer. It's a proof-of-concept to show what's possible with browser APIs.
* Cyber security is full of caveats, so reach out for clarity on any details if they can't be found in the docs.
Aiming to create the worlds most secure messaging app.
positive-intentions.com/docs/p…
- Open Source
- Cross Platform
- PWA
- iOS, Android, Desktop (self compile)
- App store, Play store (coming soon)
- Desktop
- Windows, MacOS, Linux (self compile)
- Run
index.htmlon any modern #browser
- Decentralized
- Secure
- No Cookies
- P2P E2EE encrypted
- Forward secrecy
- No registration
- No installing
- Messaging
- Group Messaging (coming soon)
- Text Messaging
- Multimedia Messaging
- Screensharing (on desktop browsers)
- Offline Messaging (in research phase)
- File Transfer
- Video Calls
- Data Ownership
- SelfHosted
- GitHub pages Hosting
- Local-only storage
For more information on "how it works", check out:
positive-intentions.com/blog/d…
(Degoogled links to the apps)
- P2P Chat: chat.positive-intentions.com/
- P2P File: file.positive-intentions.com/
- Encrypted drive storage: dim.positive-intentions.com/?p…
More:
- GitHub: github.com/positive-intentions
- Mastodon: infosec.exchange/@xoron
- Reddit: reddit.com/r/positive_intentio…
Decentralized Microfrontend Architecture
In the ever-evolving landscape of digital communication, decentralization has emerged as a powerful concept with diverse interpretations and applications.xoron (positive-intentions)
“private and secure chat app”
I don't think it's a solved problem. There are countless nuances to it. So it's good to have various approaches.
Recommendations on a home alarm system
I am in the process of purchasing a home, and the house that it’s looking like I am likely to buy has a Ring alarm system and camera installed. I like the idea of having burglar alarms on the windows and doors, but I do not want to use Ring. Between their ownership from Amazon and sharing data with the cops, I don’t trust them.
Are there privacy-friendly home security systems out there that don’t require an ongoing subscription? Bonus points if the devices are HomeAssistant compatible.
For cameras look for NVRs that let you hook up wired cameras to. I have yet to try it but have heards that installing Frigate lets you have complete control over the recordings. Riolink and Lorex both offer systems that dont require subscriptions and supposedly let you keep your data local.
So you mean to tell me these camera companies usually do not allow you to keep you data local? And you put them in or around your house?
Many home camera companies use subscriptions as an excuse to store your recordings in the cloud and allow you to view or access them remotely on a phone app. I havent put up any that do that, but a shitload of other people have.
Frigate is a custom OS for NVRs. The NVR stores the recordings, and the OS ideally puts you in complete control of the cameras and associated data. I am working on getting hardware that will let me install it, so I am only saying its worth taking a look at but am not endorsing it since I have not successfully uses it yet.
The reason I say to use wired cameras is because they are more secure and can get continuous power instead of worrying about rechargung batteries. You can run them with no internet connection and control your local recordings that way. The drawback is that its only accessible by direct physical means. If someone breaks in and steals that hard drive then the whole system is worthless.
Does it get better?
I've tried switching to Linux from Windows 10 twice now. The first time went wonderfully (on Mint) until I found out that secure boot was stuck in the enabled mode and I had to completely reinstall my bios. This was absolutely necessary as everything was unbelievably slow, especially gaming (on a decent laptop). I understand this is totally my fault as almost every Linux guide says to make sure secure boot is disabled. After fighting with that for literal days, I finally reinstalled Linux mint. WiFi was suddenly completely nonfunctional, no networks were detected, and none of the proposed solutions I saw online worked. I have very little experience with Linux and other complicated tech nerd stuff besides that which comes with tinkering with computers occasionally. I do however have a great deal of patience and stubbornness. I spent maybe a week or 2 just working on this first attempt at making Mint work, until I ran out of patience. After coming back to it a month or 2 later, I decided to try Pop!_OS. Once again, it went incredibly at the start. Because I fixed the secure boot situation, I could now game better than I ever could when I had windows installed. Very few compatibility issues showed up that I couldn't conquer.
Suddenly, I try playing Enter the Gungeon after having already played it a couple of times. Nothing out of the ordinary, I had done this before. Suddenly the entire computer freezes and I can still hear just fine. I restart my computer and... no sound. Nothing from any possible source, not Discord, not Firefox, not even the media I have downloaded. I look up the problem, I see several people have had it before, and only a couple ever got a solution. I try EVERY proposed solution on any forum with even similar issues, and still nothing. I have been fighting with my computer for 3 or 4 hours now.
I've heard Linux praised for feeling like it is *your* computer that is subject to your will. I'd disagree right now, because it feels like there are spirits in my laptop trying to intentionally fuck me over every time I start enjoying the Linux experience.
Does it get better? Am I crazy? Am I haunted? How is this anyone's ideal experience?
edit: I'm on an MSI Thin GF63. Nvidia GPU, Intel CPU. Compatibility seemed fine WHILE this latest attempt was working, up until my sound got fucked. I have a hard time imagining if that could be related to anything besides my sound card and drivers, but I'm nowhere near savvy when it comes to Linux. I'm now installing Bazzite as some of you guys recommended so I can ease myself into this whole Linux thing. I'll give another update if this fixes it :3
edit edit: It's still happening. I can see the "Alder Lake PCH-P high definition audio controller" in my audio config GUI apps and I can see the meter moving when audio is playing. Still, nothing is played. I am not dual-booting. Ive seen people have had issues with this card before, but seemingly the only solution (that I've yet to try) is to buy a whole new laptop. I don't have the money to do that currently. If someone is particularly tech savvy I am willing to hear out proposed solutions, but know that I have tried nearly everything online even remotely related to broken audio on Linux. My computer is haunted and I'll need a proper qualified exorcist it seems.
note: it works with Bluetooth headphones. I haven't had a chance to test it with wired headphones but I will continue to give (near)real-time updates.
I have just seen your edit. I had a similar problem with no audio but meter levels working on my toughbook. Could you start terminal, type alsamixer and turn all the volumes up? Press F6 to swap through sound cards.
For me I had to adjust the headphone volume.
When I first moved to linux I used Mint for a week and then moved to something else. As always by EVERYONE it was suggested to me as a "starter" distro and I really wish people would stop doing that.
I, like you, had issues with it. Sound issues, Wifi issues, GPU issues, and doing personal research and digging the consensus was always "it's an issue with Mint." I was about to go back to Windows 11 cause I was like "none of this linux shit works"
THEN I decided to try a different distro, CachyOS, and suddenly the sound was fixed, the wifi didn't randomly drop out, and my GPU worked flawlessly. I've distro hopped since then and those Mint/Ubuntu issues never came back.
Try something other than Mint. if you still have the issues go back to Windows.
Unbound as DNS resolver on a Linux laptop: tips/experiences?
[Edit: this question came out of my confusion. I thought Unbound could somehow substitute DNS servers (like CloudFlare), but it can't. Apologies for my ignorance.]
I've often heard about Unbound, and the possibility of using it as a DNS resolver on my laptop. So, to be clear, not as a DNS resolver in a local network; just in a single machine, also because I'd like to use it no matter where I bring my laptop.
The instructions given in the second link above seem quite complete. Does anyone here have other tips or experiences to share? I'm with Ubuntu on a Thinkpad.
Cheers!
Selhosted P2P File Transfer & Messaging
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. They are for testing and demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* These are NOT meant to replace robust solutions like VeraCrypt, Simplexchat, Signal, Whatsapp, wetransfer. It's a proof-of-concept to show what's possible with browser APIs.
* Cyber security is full of caveats, so reach out for clarity on any details if they can't be found in the docs.
Aiming to create the worlds most secure messaging app.
positive-intentions.com/docs/p…
- Open Source
- Cross Platform
- PWA
- iOS, Android, Desktop (self compile)
- App store, Play store (coming soon)
- Desktop
- Windows, MacOS, Linux (self compile)
- Run
index.htmlon any modern #browser
- Decentralized
- Secure
- No Cookies
- P2P E2EE encrypted
- Forward secrecy
- No registration
- No installing
- Messaging
- Group Messaging (coming soon)
- Text Messaging
- Multimedia Messaging
- Screensharing (on desktop browsers)
- Offline Messaging (in research phase)
- File Transfer
- Video Calls
- Data Ownership
- SelfHosted
- GitHub pages Hosting
- Local-only storage
For more information on "how it works", check out:
positive-intentions.com/blog/d…
(Degoogled links to the apps)
- P2P Chat: chat.positive-intentions.com/
- P2P File: file.positive-intentions.com/
- Encrypted drive storage: dim.positive-intentions.com/?p…
More:
- GitHub: github.com/positive-intentions
- Mastodon: infosec.exchange/@xoron
- Reddit: reddit.com/r/positive_intentio…
Decentralized Microfrontend Architecture
In the ever-evolving landscape of digital communication, decentralization has emerged as a powerful concept with diverse interpretations and applications.xoron (positive-intentions)
its a work in progress and hope to get to a point its comparable to Signal and OnionShare.
for now, the purpose is to present open-source code to demonstrate a concept. like mentioned in the post it isnt ready to replace any existing tools.
Debian, encrypted boot, how to increase password attempts?
Since Debian 13 (Trixie), when using the default FDE which uses grub to decrypt the luks partition, I have a single attempt
When the password is mistyped there is a long pause (over 10 seconds) and then the error appears.
I already tried increasing the max tries, which seems to be set to 1 when a keyfile is used.
The config/script seems to be in /usr/share/initramfs-tools/scripts/local-top/cryptroot.
I copied that to /etc/initramfs-tools/scripts/local-top/cryptroot and replaced the value CRYPTTAB_OPTION_tries=1 with 10 using find/replace (ansible stuff).
I think this has no effect though and doing so (might be a different issue) breaks boot entirely 💀
More info:
- by default when legacy boot (BIOS) is available, Debian will install grub to the MBR. This is where it happens
- when forcing or prioritizing legacy boot and using GPT, debian somehow boots from a 300MB efi partition, the same happens though, one attempt
After you updated the config did you update-initramfs or update-grub (I forget which flags might be needed off hand).
Since this is happening pre-boot it isn't reading from /etc.
Hm, I only ran update-grub
Ran update-initramfs from the chroot trying to repair it
Found that there is a cleaner way in /etc/default/grub with grub commandline arguments. But that wants a source= variable which is weird to me as that hardcodes a drive in there that wasnt there first?
Tbh I will try this on a secondary laptop now, I reinstalled that thing like 5 times now and am a bit traumatized XD
Luckily we have more than enough
[Question] Community maintained free IP geo lists
I'll be self-hosting a service with user submissions soon, so I'm worried about the howto.geoblockthe.uk/ situation.
Based on this I've wondered, are there any community maintained geo block lists that might be useful? All database options I found are either 1. an on-demand online service which seems questionable for privacy reasons, or 2. IPv4 only, or 3. have weird terms of use with a gag clause regarding the entire company making it and other weird stuff.
I'm not a fan of geo blocking in general, but the situation is what it is.
PS: Please don't discuss the Online Safety Act itself too much in the comments, or whether somebody should be using a geo ip to handle this. While I might appreciate useful input on that, I'm hoping this post can remain a resource for those who are looking for such a database for other reasons as well.
Ukraine responds to Polish president’s initiative to ban Ukrainian red and black flag
So... Poland is finally admitting that the hate symbol used by hate group is a hate symbol yet is still showering that group with money, weapons and other support.
Typical fucking Poland, mistaking enemy for an ally.
UI regression in KDE Arianna - How can I back up and restore specific version of Flatpak package?
All I could find is how to make a list, and reinstall flatpaks from that list, as well as backup app data, however all of that assumes I want to do updates.
Meanwhile what I want is akin to extracting APK of a stable version of some app, backing it up and using it for years to come. For example that's how I joined these 2 screenshots, using JointPics from 2014 which isn't even on Play Store anymore, and targets API so low that it has to be installed via ADB. (Yeah, I am too dumb for GIMP)
As for the regression, you can see. On left is older Flatpak, on right is version from Arch repo. The Flatpak I originally installed as a hotfix for update that broke it completely at one point on Arch.
You can see the older version nicely fits the screen, splitting up text into columns.
Meanwhile the new version just does smaller page in middle of screen that doesn't even work properly with Breeze Dark theme, causing different background for text sections.
The only improvement is ability to flip pages rather than use arrows, but that's minimum.
Well, and maybe the progress keeping got fixed, but I didn't test that much.
Don't pay attention to the taskbar. I wish it could flip to vertical with different screen orientation. Yeah, the icons' clickability is a dice roll of what you tap.
If you already have the correct version of the flatpak installed, you can try flatpak build-bundle.
flatpak build-bundle LOCATION FILENAME NAME where
- LOCATION is the path of the repo on disk. Run flatpak info -l org.kde.arianna, and copy the part before /app
- FILENAME is the output file name, preferably .flatpak. Eg: arianna.flatpak
- NAME is the name of the app, here org.kde.arianna
The generated file can be installed with a double-click, or with flatpak install <file>
This is the equivalent of an Android .apk. It contains the app but depends on a runtime. If you want to install it in a few years, odds are the runtime will no longer be available. You can backup the runtime the same way with the --runtime option.
flatpak build-bundle --runtime LOCATION FILENAME NAME where
- LOCATION same as earlier
- FILENAME eg arianna-runtime.flatpak
- NAME is the name of the runtime, which you can get with flatpak info --show-runtime org.kde.arianna
This takes a while, for some reason. Maybe it's compressing stuff?
The runtime is installed the same way as the app: double click or flatpak install.
Note: I only did this once, and not specifically on Arianna. Hope it works.
Dollar drops after Trump fires Fed's Cook
cross-posted from: lemmy.world/post/35025047
What Trump’s move to fire Fed governor means for central bank’s independence
The US president has said he is firing Lisa Cook over mortgage fraud allegations – a move experts view as a means to exert more controlHeather Stewart (The Guardian)
like this
No, you don't want to hire "the best engineers" — I think this might be the meanest thing I've ever written.
cross-posted from: programming.dev/post/36758698
::: spoiler Comments
- Hacker News.
:::
No, you don't want to hire "the best engineers" — I think this might be the meanest thing I've ever written.
::: spoiler Comments
- Hacker News.
:::
like this
What’s new with Firefox 142
cross-posted from: programming.dev/post/36758792
::: spoiler Comments
- Hacker News.
:::
What’s new with Firefox 142
::: spoiler Comments
- Hacker News.
:::
What’s new with Firefox 142
cross-posted from: programming.dev/post/36758792
::: spoiler Comments
- Hacker News.
:::
What’s new with Firefox 142
::: spoiler Comments
- Hacker News.
:::
Request, US Border Crossings, Privacy Guides
Hello,
I am trying to gather some information on steps, procedures, and options for increasing privacy while crossing into the US.
My girlfriend goes to school in Canada and crosses the borders frequently throughout the year for; long weekends, extended holiday breaks, semester breaks, and summer breaks.
She'll be going back to Canada for this next year and with everything happening she's asked me to help her find ways to limit her exposure to data being reviewed or stored as she's studying a more Social/Liberal Arts degree which could flag her as a target because of the current political climate.
I've also suggested possibly limiting border crossing instead of coming back as often as she used to.
I'm working through articles and finding things from EFF and ACLU, but would happily taken suggestions, guidance, or any direction from anyone willing to share.
I've considered trying to find a way for her to backup her devices, maybe store those backups in the cloud, create "decoy" states of her devices (elaboration below), then restore the original state of the devices once she's safely past the border.
Devices:
iPhone 11 [18.6]
MacBook Air 13 [Possibly Sequoia 15.5, as stated in her iCloud, she doesn't have it with her right now]
For "decoy" device states, I mean having some apps and data on the devices, but nothing identifying/or that might otherwise give agencies data to further search (online account names/services, stored passwords, large collections of contacts/message histories, etc.)
I've suggested trying to switch to android/PC devices to provide alternative privacy/security options, but her family pays for the devices so it's just the same brand as whatever they have. So, that's not an option at this point, but any statements regarding increased effectiveness, or even lack thereof, by switching to different brand devices may help with any future transition considerations.
Thank you very much for taking the time to read through my post and any guidance you might be able to provide is highly appreciated.
This article is from The Guardian:
On the advice of various experts, people are locking down social media, deleting photos and private messages, removing facial recognition, or even traveling with “burner” phones to protect themselves.In Canada, multiple public institutions have urged employees to avoid travel to the US, and at least one reportedly told staff to leave their usual devices at home and bring a second device with limited personal information instead.
It seems like you already know what you’re doing and I agree with everyone else: backup your data and reinstall later. Create an iCloud account specifically for travel purposes.
This article mentions someone who opted to delete their social media accounts before coming to the US. So don’t be surprised or offended when some of us start deleting our comments, lol. Good luck.
EDIT: As long as you have a travel account you shouldn’t need Advanced Data Protection but perhaps after you/she reaches her destination.
Burner phones, wiped socials: the extreme precautions for visitors to Trump’s America
Horror stories about detainments at the border have also soured some from visiting during Trump’s second termJosie Harvey (The Guardian)
Three basic options exist:
1) Burner: Take a device that isn't a normally used device for each category. Make sure it has nothing you care about on it, no incriminating web history, no accounts logged in or saved as cookies that are incriminating, etc, etc. This is simplest, most expensive, but also most fool-proof against all possible threats.
2) Wiped: Wipe the device before travel, possibly backing things up in the cloud to download after arriving. You'll have to back up again with any changes you make and wipe again before traveling back then at your final destination again restore the device from backups. If you have serious fears of close inspection or forensic analysis then it would behoove you to use a secure erase feature on the drive and reinstall the OS rather than just trying to delete problematic files. For smartphones especially doing this and restoring from a cloud back-up can be pretty easy, for laptops it's more of a pain.
3) Mail ahead: Take the devices to a package service, UPS, FedEx, DHL, etc ahead of time, mail them ahead of or just behind you so they arrive just before or slightly after you. For this to work you need a fixed accommodation that can accept packages and which you trust to store them and give them to you. This technically doesn't prevent mail interception but unless you're a high value target that's unlikely at present as its kind of a multi-agency intentional effort thing. Still I'd mail the device in a fully encrypted state.
No other feasible options exist. You can encrypt yes and if you are a US citizen you cannot be denied re-entry (non-citizens can be not only denied entry but barred for years after for refusing to decrypt a device/cooperate) but they can seize your device and hold it for up to a year while trying to crack it and you'll have to expend effort to get it back at the end of that period. They can also put you in a holding cell for hours or hypothetically up to a couple days if they really want to press it accuse you of something and be unpleasant during that time.
Adding Plasma Discover to Bazzite via Systemd Sysext
Instructions to add Plasma Discover package manager back into Bazzite using a Systemd Sys-Ext. Based on Travier's Fedora Sys-Ext work at travier.github.io/fedora-sysex… and relies on his base images on quay.
I'm really excited about the application of SysExts to bridge the gap many perceive in adopting atomic distros! This seemed like a fantastic solution to adding this tool back for those who want it, without the overhead of package layering
GitHub - mmcnutt/Bazzite-Discover-Sys-Ext: Instructions to add Plasma Discover package manager back into Bazzite using a Systemd Sys-Ext
Instructions to add Plasma Discover package manager back into Bazzite using a Systemd Sys-Ext - mmcnutt/Bazzite-Discover-Sys-ExtGitHub
The issue with them right now is there's no update mechanism. If you use something as a system extension that depends on a library in the image, and that library gets updated, you could have an unbootable system or at the very least a non-functioning application until you can update your system extension manually.
Ideally that update mechanism needs to be a part of bootc so if your system extension is part of your boot process it can be updated ahead of time before the image is loaded.
We've looked at it since it's inception and it's something we really want, it's just nowhere near ready yet.
I've never had issues with Discover on Fedora KDE and then even when I moved to Kinoite. I didnt have any issues using it on my Bazzite machine. I wanted it back, I also wanted to see if it was something I could do with a SysExt, which as I said is something I'm excited about, as I have started using them to add stuff on my Kinoite work machine.
It doesn't take Bazaar away, it just puts the items back for anyone who wants it. Spoiled for choice
You won't be missed
I changed my main machine over to Linux in the beginning of April, setting it up on its own NVMe so I could keep my other drive with Windows 10 intact and dual boot when needed.
I've been having a blast - ricing hyprland, better workflows, great gaming experiences.
Then yesterday I realized that I hadn't actually bothered to dual boot once since testing out the Windows entry in my systemd-boot menu when I first set it up.
Guess who just gained a 1TB drive to install more games?
I wiped out the Windows drive with no remorse. Damn, that felt good.
Goodbye Windows, you won't be missed.
1st ssd has 512MB partition for both Windows and Linux bootloaders and rest of the storage for data, games etc.
2nd ssd has both Windows ans Linux OS on different partitions and some more partitions for data.
Does Google keep logs of my text messages(RCS)?
In the past, I've heard about how Google can keep records of all your Google phone's past locations and text messages.
What about RCS messages which supposedly are encrypted from Android to Android? I know that it's possible that they secretly keep a log behind the scenes, but as far as the regular consumer knows is there any record being kept with regard to the contents of these RCS messages?
Okay, so, originally, I was going to look it up to prove you wrong, but after looking it up across multiple sources, it seems that you're right and I'm wrong.....mostly.
How-To Geek, Proton, and CloudFlare all mirror what you say.
However, the Wikipedia page section "Definitions" does back me up somewhat. It says:
The term "end-to-end encryption" originally only meant that the communication is never decrypted during its transport from the sender to the receiver.[23] For example, around 2003, E2EE was proposed as an additional layer of encryption for GSM[24] or TETRA,[25] ... This has been standardized by SFPG for TETRA.[26] Note that in TETRA, the keys are generated by a Key Management Centre (KMC) or a Key Management Facility (KMF), not by the communicating users.[27]Later, around 2014, the meaning of "end-to-end encryption" started to evolve when WhatsApp encrypted a portion of its network,[28] requiring that not only the communication stays encrypted during transport,[29] but also that the provider of the communication service is not able to decrypt the communications ... This new meaning is now the widely accepted one.[30]
(Relevent text is embolded.)
So, I'm not misunderstanding, just misinformed that the definition changed.
Make no mistake, of course: I do appreciate you correcting me as I hadn't realized the definition had changed. Lol.
Is there any animal you wish Ubuntu used for its naming convention?
Are there any Linux distros that handle updates similarly to FreeBSD and OpenBSD?
Lately I've been exploring FreeBSD and OpenBSD. One of the more interesting things about them is how they handle OS and package upgrades.
On FreeBSD, the freebsd-update command is used for upgrading the OS and the pkg command is used for managing user packages. On OpenBSD, the syspatch command is used for upgrading the OS and the pkg_* commands are used for managing user packages.
Unlike Linux, these BSDs have a clear separation of OS from these packages. OS files and data are stored in places like /bin and /etc, while user installed packages get installed to /usr/local/bin and /usr/local/etc.
On the Linux side, the closest thing I can think of is using an atomic distro and flatpak, homebrew, containers, and/or snap for user package management. However, it's not always viable to use these formats. Flatpak, snap, and containers have sandbox issues that prevent certain functionality; homebrew is not sandboxed but on Linux its limited to CLI programs.
There's work being done to work around such issues, such as systemd sysext. But I'm starting to feel that this is just increasing complexity rather than addressing root problems. I feel like taking inspiration from the BSDs could be beneficial.
like this
I think of those as BSD thoughtful and pondered, and Linux as fairly fast and maybe thoughtless (in the jouyful sense that things have to go forward). In the end BSD is definitely cleaner, but behind, and Linux is much messier but is at the front of what's going on.
And I'm sayin this as someone who's worked with both systems for decades and even though I prefer Linux on the desktop or on servers, on embedded systems, where you'd need some really clean code to poke at, BSD really shines.
Of course BSD works fine (mostly) everywhere. It's almost as good today as it was in 2000.
How can one consume media these days with any sort of privacy?
With a privacy protecting setup, the mainstream internet is almost unusable. To sign up for social media or even a gmail account, one has to provide a phone number for verification. Youtube doesn't work when not signed into a Google account, or if one is connected to a VPN. Even downloader programs like yt-dlp and freyr have been rendered useless by the strict access controls of the major platforms. There is a vast amount of community, DIY, and educational material of all sorts behind these platform walls, so how can someone who doesn't want to be tracked access any of it these days?
There are alternatives like archive.org and peertube which are wonderful but have nowhere near the amount of content that people have been uploading to YouTube over the years. For example, if I need to fix a washing machine and there is a tutorial on YouTube, how can I see it while still preserving a modicum of privacy online?
Google will require developer verification for Android apps outside the Play Store
cross-posted from: jlai.lu/post/24787719
Starting next year, Google will begin to verify the identities of developers distributing their apps on Android devices, not just those who distribute via the Play Store.
Google will require developer verification for Android apps outside the Play Store
Starting next year, Google will begin to verify the identities of developers distributing their apps on Android devices, not just those who distribute via the Play Store.
Google will require developer verification for Android apps outside the Play Store | TechCrunch
Google will ask all Android developers to verify their identity starting next year.Sarah Perez (TechCrunch)
like this
The Fed Has Never Been Independent
Judge Says Trump’s Use of Troops in L.A. Is Illegal
The federal judge found that the deployment exceeded legal limits that generally prohibit the use of the military for domestic law enforcement.
adhocfungus likes this.
Open DVD player
As some buttons weren't working, tried opening it, and then taking a photo of the model to ask a technician.
It came out surprisingly aesthetic, me thinks.
Therapists are secretly using ChatGPT. Clients are triggered.
Therapists are secretly using ChatGPT. Clients are triggered.
Some therapists are using AI during therapy sessions. They’re risking their clients’ trust and privacy in the process.Laurie Clarke (MIT Technology Review)
like this
A group of more than 85 scientists find errors in a new Energy Department climate report
DOEresponseSite
On July 29, 2025, the Department of Energy (DOE) published a report from its Climate Working Group (CWG). This report features prominently in the EPA's reconsideration of its 2009 Endangerment Finding.sites.google.com
like this
HocEnimVeni
in reply to bubblybubbles • • •geneva_convenience doesn't like this.
Dessalines
in reply to HocEnimVeni • • •geneva_convenience likes this.
HocEnimVeni
in reply to Dessalines • • •Nemo's public admirer
in reply to HocEnimVeni • • •Poland was one annexing Czechoslovakia along with the Nazis, right?
en.wikipedia.org/wiki/Munich_A…
Soviets opposed it, but Britain and France acted as facilitators and ignored the Soviet call to create a united front against the Nazis.
Well, after seeing how they ganged up on Czechoslovakia like that, it's not surprising that the Soviets chose to not be the odd one out(markes as next target) and signed a non-aggression pact like those other countries.
1938 cession of German-speaking Czechoslovakia to the German Reich
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)like this
geneva_convenience likes this.
mathemachristian[he]
in reply to HocEnimVeni • • •Cowbee [he/they]
in reply to HocEnimVeni • • •A thread. TL;DR no, lol.
The communists spent the decade prior trying to form an anti-Nazi coalition force, such as the Anglo-French-Soviet Alliance which was pitched by the communists and rejected by the British and French. The communists hated the Nazis from the beginning, as the Nazi party rose to prominence by killing communists and labor organizers, cemented bourgeois rule, and was violently racist and imperialist, while the communists opposed all of that.
When the many talks of alliances with the west all fell short, the Soviets reluctantly agreed to sign a non-agression pact, in order to delay the coming war that everyone knew was happening soon. Throughout the last decade, Britain, France, and other western countries had formed pacts with Nazi Germany, such as the Four-Power Pact, the German-French-Non-Agression Pact, and more. Molotov-Ribbentrop was unique among the non-agression pacts with Nazi Germany in that it was right on the eve of war, and was the first between the USSR and Nazi Germany. It was a last resort, when the west was content from the beginning with working alongside Hitler.
Harry Truman, in 1941 in front of the Senate, stated:
Not only that, but it was the Soviet Union that was responsible for 4/5ths of total Nazi deaths, and winning the war against the Nazis. The Soviet Union did not agree to invade Poland with the Nazis, it was about spheres of influence and red lines the Nazis should not cross in Poland. When the USSR went into Poland, it stayed mostly to areas Poland had invaded and annexed a few decades prior. Should the Soviets have let Poland get entirely taken over by the Nazis, standing idle? The West made it clear that they were never going to help anyone against the Nazis until it was their turn to be targeted.
1933 treaty among Britain, France, Italy, and Germany
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)zarathustra0
in reply to bubblybubbles • • •I'm not sure whether this is just trolling or whether you sincerely believe what's in the meme, so I'm going to push back on it.
I think pretty much everyone is in agreement that the USSR's economic model had fallen to shit by the 1980s. Why on earth do you think they would even entertain switching to anything approaching capitalism?
Ever heard the phrase "We pretend to work and they pretend to pay us" joke? It wasn't for nothing. Centrally directed economies don't tend to work very well.
Cowbee [he/they]
in reply to zarathustra0 • • •Socialism absolutely works. The issues with the soviet economy following WWII were magnified by the immense devastation the war brought, along with huge sanctions and trade embargoes from the west, all while trying to keep up with nuclear arms development so as to not end up completely obliterated by the US. On top of that, the Khruschevite reforms spelled the beginning of contradictions building within the socialist system, introducing elements in the economy working against each other, further magnified by Gorbachev and eventually Yeltsin.
Central planning works astoundingly well when properly implemented, but isn't a perfect panacea. We can look to the immense success it has today in the PRC to see that planned economies do remarkably well, and part of why the PRC is so successful is because they have learned from some of the errors committed by the soviets.
KPRF membership is skyrocketing, as is soviet nostalgia. Trade with socialist countries is pushing the working class in Russia back to socialist sympathies. Capitalism was and is devastating for Russia.