Low on sanctions ammo against Putin, EU pins hopes on Trump
Low on sanctions ammo against Putin, EU pins hopes on Trump
As Brussels waits to see whether the White House will ramp up secondary sanctions, Ukraine is destroying key energy infrastructure in Russia.Gabriel Gavin (POLITICO)
Austin Votes on $2M AI Park Surveillance in 48 Hours - Thursday 10AM City Hall. Show Up
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
like this
Chinese flock to Russian universities in afterglow of Xi-Putin ties
Chinese flock to Russian universities in afterglow of Xi-Putin ties
Close strategic, economic links send students to Russia for language, STEM studiesStaff Writer (Nikkei Asia)
Elon Musk Appears to Be Completely Addicted to Anime Gooner AI Slop
Elon Musk Can't Stop Posting Grok-Generated Anime Gooner Porn
Elon Musk continues to pitch his chatbot Grok with animations of female characters in revealing outfits, and even his fans are getting annoyed.Miles Klee (Rolling Stone)
tmux + nvim + lf integration guidance?
I've recently been getting into really picking and choosing how my computer is set up and what software I use to do certain tasks. Specifically, replacing GUIs (dolphin, [insert gui text editor here ig]) with CLIs (lf, nvim). That and learning how to leverage bash scripting to really have control over my computer.
The thing is, using tmux, nvim, and lf together has proved cumbersome because I have no idea how to integrate them. I can technically do whatever I need to do, but it certainly isn't the fast CLI-ninja experience I was hoping for.
I've gone through each of their manuals and understand them on their own well enough, but with integrating them I'm drawing a blank.
So, Linux enthusiasts in this corner of the internet, do you have any guidance on setting up proper integration between CLI-based file managers, neovim, and tmux? I'm also open to suggestions for new software or a different file manager.
Edit: after making this post I got to searching again and damn cfiles looking pretty good....
Edit2: nvm it's not in nixpkgs... damn...
like this
Briar alternative between Android and iOS?
I'm looking for a Briar alternative (meaning no internet required) that will work cross platform with iOS and Android.
Does anyone know of one?
Report: Apple Demands Suppliers Switch to Robotics for Manufacturing
Report: Apple Demands Suppliers Switch to Robotics for Manufacturing
Apple is significantly accelerating the rollout of automation and robotics across its manufacturing supply chain, DigiTimes reports. While Apple...Hartley Charlton (MacRumors.com)
copymyjalopy likes this.
Static sites enable a good time travel experience
- Hacker News.
:::
Static sites enable a good time travel experience
A static site with version control history enables me to travel into any point in the project’s past and serve the site as it was back in the day.Juha-Matti Santala
Technology Channel reshared this.
Salesforce CEO says it cut 4,000 support jobs - and replaced them with AI
Salesforce CEO Marc Benioff has revealed the company has nearly halved its customer support workforce, replacing thousands of jobs with AI agents.In a podcast interview with Logan Bartlett on YouTube, Benioff brutally stated: “I need less heads,” noting how instead of using human power, Salesforce is now using AI to process around 10,000 leads weekly.
Yet in the same interview, Benioff noted a lack of human resources had caused the company to accrue a backlog of 100 million uncalled leads over 26 years.
Salesforce CEO says it cut 4,000 support jobs - and replaced them with AI
Salesforce has cut 45% of its customer support workersCraig Hale (TechRadar)
Health and aid workers targeted in conflicts around the world, UN agency says | UN News
Health and aid workers targeted in conflicts around the world, UN agency says
From Gaza to Sudan, wars are being waged on the very systems set up to protect civilian populations, with health workers, hospitals, health centres and ambulances being targeted in horrifying numbers, according to the UN agency for reproductive healt…UN News
Russia orders state-backed Max messenger app to be pre-installed on new phones
A Russian state-backed messenger application called Max, a rival to WhatsApp that critics say could be used to track users, must be pre-installed on all mobile phones and tablets bought in the country starting next month, the Russian government said on Thursday.The decision to promote Max comes as Moscow, locked in a standoff with the west over Ukraine, is seeking greater control over the internet. The Kremlin said in a statement that Max, which will be integrated with government services, would be on a list of mandatory pre-installed apps on all “gadgets”, including mobile phones and tablets, sold in Russia from 1 September.
Russia orders state-backed Max messenger app to be pre-installed on new phones
Critics say Max, a WhatsApp rival, could be used to track users, though state media says it is not a spying appGuardian staff reporter (The Guardian)
There's no russophobia when that country would want you killed for opposing authoritarianism. Or when that country routinely invades Europe. Or when it shoots down a plane and doesn't apologise nor extradite the criminals who did it (Girkin and Putler).
Or when it opposes your very existence as a person. Or when it infects your people with the disease of far-right hatred. And I could go on. Fuck Putler's Russia.
routinely invades Europeshoots down a plane and doesn’t apologise
Citations needed
Putler
Love to see nato propaganda language on leftist platform ( ゚ー゚)
For those of us with ADHD, if you are thinking about a task every second you're not doing it and desperately want to do the task more than anything else and are devastated that you can't do it so much that you use all your energy just on trying to make yourself do the thing that you want to do but can't, that is NOT procrastination. That is executive dysfunction. It only seems like procrastination to people who have never experienced executive dysfunction and those who have only ever experienced executive dysfunction.
Procrastination is when you fully have the ability to do something and choose not to do it but to do the thing you prefer doing instead. I hadn't experienced this until very recently, after a lot of therapy and medication.
Rozaŭtuno likes this.
reshared this
Trial of Brazil’s Bolsonaro enters verdict phase over alleged coup plot
Trial of Brazil’s Bolsonaro enters verdict phase over alleged coup plot
The former president is charged with five counts, including plotting the assassination of senior officials.Al Jazeera
What is the best Android browser for privacy?
PrivacyBrowser is a really good browser in my opinion. But I cant do an analysis on its privacy.
I will add that I love how they handle bookmarks.
CBP Had Access to More than 80,000 Flock AI Cameras Nationwide
CBP Had Access to More than 80,000 Flock AI Cameras Nationwide
Customs and Border Protection (CBP) regularly searched more than 80,000 Flock automated license plate reader (ALPR) cameras, according to data released by three police departments. The data shows that CBP’s access to Flock’s network is far more robust and widespread than has been previously reported. One of the police departments 404 Media spoke to said it did not know or understand that it was sharing data with CBP, and Flock told 404 Media Monday that it has “paused all federal pilots.”In May, 404 Media reported that local police were performing lookups across Flock on behalf of ICE, because that part of the Department of Homeland Security did not have its own direct access. Now, the newly obtained data and local media reporting reveals that CBP had the ability to perform Flock lookups by itself.
Last week, 9 News in Colorado reported that CBP has direct access to Flock’s ALPR backend “through a pilot program.” In that article, 9 News revealed that the Loveland, Colorado police department was sharing access to its Flock cameras directly with CBP. At the time, Flock said that this was through what 9 News described as a “one-to-one” data sharing agreement through that pilot program, making it sound like these agreements were rare and limited:
“The company now acknowledges the connection exists through a previously publicly undisclosed program that allows Border Patrol access to a Flock account to send invitations to police departments nationwide for one-to-one data sharing, and that Loveland accepted the invitation,” 9 News wrote. “A spokesperson for Flock said agencies across the country have been approached and have agreed to the invitation. The spokesperson added that U.S. Border Patrol is not on the nationwide Flock sharing network, comprised of local law enforcement agencies across the country. Loveland Police says it is on the national network.”
New data obtained using three separate public records requests from three different police departments gives some insight into how widespread these “one-to-one” data sharing agreements actually are. The data shows that in most cases, CBP had access to more Flock cameras than the average police department, that it is regularly using that access, and that, functionally, there is no difference between Flock’s “nationwide network” and the network of cameras that CBP has access to.
According to data obtained from the Boulder, Colorado Police Department by William Freeman, the creator of a crowdsourced map of Flock devices called DeFlock, CBP ran at least 118 Flock network searches between May 13 and June 13 of this year. Each of these searches encompassed at least 6,315 individual Flock networks (a “network” is a specific police department or city’s cameras) and at least 82,000 individual Flock devices. Data obtained in separate requests from the Prosser Police Department and Chehalis Police Department, both in Washington state, also show CBP searching a huge number of networks and devices.
A spokesperson for the Boulder Police Department told 404 Media that “Boulder Police Department does not have any agreement with U.S. Border Patrol for Flock searches. We were not aware of these specific searches at the time they occurred. Prior to June 2025, the Boulder Police Department had Flock's national look-up feature enabled, which allowed other agencies from across the U.S. who also had contracts with Flock to search our data if they could articulate a legitimate law enforcement purpose. We do not currently share data with U.S. Border Patrol. In June 2025, we deactivated the national look-up feature specifically to maintain tighter control over Boulder Police Department data access. You can learn more about how we share Flock information on our FAQ page.”
A Flock spokesperson told 404 Media Monday that it sent an email to all of its customers clarifying how information is shared from agencies to other agencies. It said this is an excerpt from that email about its sharing options:
“The Flock platform provides flexible options for sharing:
National sharing
- Opt into Flock’s national sharing network. Access via the national lookup tool is limited—users can only see results if they perform a full plate search and a positive match exists within the network of participating, opt-in agencies. This ensures data privacy while enabling broader collaboration when needed.
- Share with agencies in specific states only
- Share with agencies with similar laws (for example, regarding immigration enforcement and data)
- Share within your state only or within a certain distance
- You can share information with communities within a specified mile radius, with the entire state, or a combination of both—for example, sharing with cities within 150 miles of Kansas City (which would include cities in Missouri and neighboring states) and / or all communities statewide simultaneously.
- Share 1:1
- Share only with specific agencies you have selected
- Don’t share at all”
In a blog post Monday, Flock CEO Garrett Langley said Flock has paused all federal pilots.
“While it is true that Flock does not presently have a contractual relationship with any U.S. Department of Homeland Security agencies, we have engaged in limited pilots with the U.S. Customs and Border Protection (CBP) and Homeland Security Investigations (HSI), to assist those agencies in combatting human trafficking and fentanyl distribution,” Langley wrote. “We clearly communicated poorly. We also didn’t create distinct permissions and protocols in the Flock system to ensure local compliance for federal agency users […] All federal customers will be designated within Flock as a distinct ‘Federal’ user category in the system. This distinction will give local agencies better information to determine their sharing settings.”
A Flock employee who does not agree with the way Flock allows for widespread data sharing told 404 Media that Flock has defended itself internally by saying it tries to follow the law. 404 Media granted the source anonymity because they are not authorized to speak to the press.
“They will defend it as they have been by saying Flock follows the law and if these officials are doing law abiding official work then Flock will allow it,” they said. “However Flock will also say that they advise customers to ensure they have their sharing settings set appropriately to prevent them from sharing data they didn’t intend to. The question more in my mind is the fact that law in America is arguably changing, so will Flock just go along with whatever the customers want?”
The data shows that CBP has tapped directly into Flock’s huge network of license plate reading cameras, which passively scan the license plate, color, and model of vehicles that drive by them, then make a timestamped record of where that car was spotted. These cameras were marketed to cities and towns as a way of finding stolen cars or solving property crime locally, but over time, individual cities’ cameras have been connected to Flock’s national network to create a huge surveillance apparatus spanning the entire country that is being used to investigate all sorts of crimes and is now being used for immigration enforcement. As we reported in May, Immigrations and Customs Enforcement (ICE) has been gaining access to this network through a side door, by asking local police who have access to the cameras to run searches for them.
9 News’s reporting and the newly released audit reports shared with 404 Media show that CBP now has direct access to much of Flock’s system and does not have to ask local police to run searches. It also shows that CBP had access to at least one other police department system in Colorado, in this case Boulder, which is a state whose laws forbid sharing license plate reader data with the federal government for immigration enforcement. Boulder’s Flock settings also state that it is not supposed to be used for immigration enforcement.
This story and our earlier stories, including another about a Texas official who searched nationwide for a woman who self-administered an abortion, were reported using Flock “Network Audits” released by police departments who have bought Flock cameras and have access to Flock’s network. They are essentially a huge spreadsheet of every time that the department’s camera data was searched; it shows which officer searched the data, what law enforcement department ran the search, the number of networks and cameras included in the search, the time and date of the search, the license plate, and a “reason” for the search. These audit logs allow us to see who has access to Flock’s systems, how wide their access is, how often they are searching the system, and what they are searching for.
The audit logs show that whatever system Flock is using to enroll local police departments’ cameras into the network that CBP is searching does not have any meaningful pushback, because the data shows that CBP has access to as many or more cameras as any other police department. Freeman analyzed the searches done by CBP on June 13 compared to searches done by other police departments on that same day, and found that CBP had a higher number of average cameras searched than local police departments.“The average number of organizations searched by any agency per query is 6,049, with a max of 7,090,” Freeman told 404 Media. “That average includes small numbers like statewide searches. When I filter by searches by Border Patrol for the same date, their average number of networks searched is 6,429, with a max of 6,438. The reason for the maximum being larger than the national network is likely because some agencies have access to more cameras than just the national network (in-state cameras). Despite this, we still see that the count of networks searched by Border Patrol outnumbers that of all agencies, so if it’s not the national network, then this ‘pilot program’ must have opted everyone in the nation in by default.”
CBP did not immediately respond to a request for comment.
A Texas Cop Searched License Plate Cameras Nationwide for a Woman Who Got an Abortion
The sheriff said the woman self-administered the abortion and her family were concerned for her safety, so authorities searched through Flock cameras.Joseph Cox (404 Media)
They're advertised to the public as "license plate readers" but can do way more than that. Fingerprinting cars based on bumper stickers, colors, dents, scratches, etc.
And if the ability to do all of that is baked into these cameras, it would be trivial to do the same for humans.
nvidia 470 on debian trixie (kernel 6.12). any ideas?
the context is: the 470 legacy driver doesn't compile on the linux 6.12 kernel. because of that, debian decided to officially drop support to that driver. i tried installing the driver myself using nvidia's official installer, but the installation indeed fails during the module compilation stage.
this means i am stuck with nouveau. it got better since i last tested it on bookworm, but one major pain in the ass is that nouveau has no support for performance levels for my card and it runs at the lowest clock bc of that (~400 megahertz instead of its max ~900 mhz).
this causes a noticeable performance hit, even for desktop usage, but it's good enough for work. waching full hd 60 fps video is a bit painful, but it's possible. but gaming, which was possible, got way worse. even a lightweight game like celeste got frustrating to play due to stuttering.
i guess i'll have to deal with it and maybe this is the cue to buy another graphics card and never buy nvidia again, but i'm thinking about what my options would be here:
- downgrade to bookworm. not easy to do, would only delay the problem.
- install an older kernel and use only that. not sure how, the official repos only have the 6.12 kernel. i could get the older kernel from the bookworm backports and pin it to prevent any updates, but mixing repos from different versions makes me uneasy.
- patch the driver. there are a few patches floating around that make nvidia's driver compile on the 6.12 kernel. applying the patch by hand is annoying and i would have to re-apply it at every kernel update.
- cope.
any ideas?
edit
and it runs at the lowest clock bc of that (~400 megahertz instead of its max ~900 mhz).
that was a mistake. i was reading the clock off of my onboard video chip, which also happens to be nvidia. the onboard chip is at .../dri/0; my graphics card is at .../dri/1. nouveau seems to support reclocking for my card, but i'm trying to change the clock and the video signal goes crazy when i do it
GitHub - polhdez/nouveau-reclocking-guide: How to reclock nvidia cards at boot on Linux using nouveau.
How to reclock nvidia cards at boot on Linux using nouveau. - polhdez/nouveau-reclocking-guideGitHub
you're right. i thought my card didn't support it because i might have misread the feature matrix. adding to the confusion, /dri/0 is my onboard video (which also happens to be nvidia) and that's where i got the 400 mhz number from
still, i just tried it reclocking seems to drive the video signal crazy
edit: yeah it's definitely unsupported, the display turns completely into scrambled eggs. i'll try a newer kernel just in case
edit 2: tried it on the 6.16 kernel (i have an opensuse tumbleweed installation laying around) just in case it had some development on that front compares to 6.12 (debian's version) and it's still a mess. so reclocking for my card is definitely a no-no on nouveau
I gave it some thought, I think that you are getting slowdowns because of some kind of a bug and not due to slow speed of the GPU.
I have actually daily-driven a MacBook Pro 15-inch 2009 with a GeForce 9600M GT and even at 279 Mhz core, it was usable on Manjaro KDE, animations were a bit laggy, but nothing compared to what you are describing.
I still remember trying kernel 6.7 or 6.8 and immediately seeing MUCH worse performance with constant lags. I have only consistently used kernels 6.1, 6.6 and 6.12 on Manjaro on that machine, all of them with decent experience. I would try some other kernel if that's possible, but considering that you have tried 6.12 and 6.16 at this point, I am not too hopeful.
“Add initial support for preinstalling flatpaks” merged
Add initial support for preinstalling flatpaks, v2 by swick · Pull Request #6116 · flatpak/flatpak
This is based on work by Kalev, taking over the PR: #5832 The configuration format and priority has been changed. Tests have been added. This version is already in use in RHEL. This adds new Flatp...GitHub
Selhosted P2P File Transfer & Messaging
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. They are for testing and demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* These are NOT meant to replace robust solutions like VeraCrypt, Simplexchat, Signal, Whatsapp, wetransfer. It's a proof-of-concept to show what's possible with browser APIs.
* Cyber security is full of caveats, so reach out for clarity on any details if they can't be found in the docs.
Aiming to create the worlds most secure messaging app.
positive-intentions.com/docs/p…
- Open Source
- Cross Platform
- PWA
- iOS, Android, Desktop (self compile)
- App store, Play store (coming soon)
- Desktop
- Windows, MacOS, Linux (self compile)
- Run
index.htmlon any modern #browser
- Decentralized
- Secure
- No Cookies
- P2P E2EE encrypted
- Forward secrecy
- No registration
- No installing
- Messaging
- Group Messaging (coming soon)
- Text Messaging
- Multimedia Messaging
- Screensharing (on desktop browsers)
- Offline Messaging (in research phase)
- File Transfer
- Video Calls
- Data Ownership
- SelfHosted
- GitHub pages Hosting
- Local-only storage
For more information on "how it works", check out:
positive-intentions.com/blog/d…
(Degoogled links to the apps)
- P2P Chat: chat.positive-intentions.com/
- P2P File: file.positive-intentions.com/
- Encrypted drive storage: dim.positive-intentions.com/?p…
More:
- GitHub: github.com/positive-intentions
- Mastodon: infosec.exchange/@xoron
- Reddit: reddit.com/r/positive_intentio…
Decentralized Microfrontend Architecture
In the ever-evolving landscape of digital communication, decentralization has emerged as a powerful concept with diverse interpretations and applications.xoron (positive-intentions)
“private and secure chat app”
I don't think it's a solved problem. There are countless nuances to it. So it's good to have various approaches.
Recommendations on a home alarm system
I am in the process of purchasing a home, and the house that it’s looking like I am likely to buy has a Ring alarm system and camera installed. I like the idea of having burglar alarms on the windows and doors, but I do not want to use Ring. Between their ownership from Amazon and sharing data with the cops, I don’t trust them.
Are there privacy-friendly home security systems out there that don’t require an ongoing subscription? Bonus points if the devices are HomeAssistant compatible.
For cameras look for NVRs that let you hook up wired cameras to. I have yet to try it but have heards that installing Frigate lets you have complete control over the recordings. Riolink and Lorex both offer systems that dont require subscriptions and supposedly let you keep your data local.
So you mean to tell me these camera companies usually do not allow you to keep you data local? And you put them in or around your house?
Many home camera companies use subscriptions as an excuse to store your recordings in the cloud and allow you to view or access them remotely on a phone app. I havent put up any that do that, but a shitload of other people have.
Frigate is a custom OS for NVRs. The NVR stores the recordings, and the OS ideally puts you in complete control of the cameras and associated data. I am working on getting hardware that will let me install it, so I am only saying its worth taking a look at but am not endorsing it since I have not successfully uses it yet.
The reason I say to use wired cameras is because they are more secure and can get continuous power instead of worrying about rechargung batteries. You can run them with no internet connection and control your local recordings that way. The drawback is that its only accessible by direct physical means. If someone breaks in and steals that hard drive then the whole system is worthless.
Does it get better?
I've tried switching to Linux from Windows 10 twice now. The first time went wonderfully (on Mint) until I found out that secure boot was stuck in the enabled mode and I had to completely reinstall my bios. This was absolutely necessary as everything was unbelievably slow, especially gaming (on a decent laptop). I understand this is totally my fault as almost every Linux guide says to make sure secure boot is disabled. After fighting with that for literal days, I finally reinstalled Linux mint. WiFi was suddenly completely nonfunctional, no networks were detected, and none of the proposed solutions I saw online worked. I have very little experience with Linux and other complicated tech nerd stuff besides that which comes with tinkering with computers occasionally. I do however have a great deal of patience and stubbornness. I spent maybe a week or 2 just working on this first attempt at making Mint work, until I ran out of patience. After coming back to it a month or 2 later, I decided to try Pop!_OS. Once again, it went incredibly at the start. Because I fixed the secure boot situation, I could now game better than I ever could when I had windows installed. Very few compatibility issues showed up that I couldn't conquer.
Suddenly, I try playing Enter the Gungeon after having already played it a couple of times. Nothing out of the ordinary, I had done this before. Suddenly the entire computer freezes and I can still hear just fine. I restart my computer and... no sound. Nothing from any possible source, not Discord, not Firefox, not even the media I have downloaded. I look up the problem, I see several people have had it before, and only a couple ever got a solution. I try EVERY proposed solution on any forum with even similar issues, and still nothing. I have been fighting with my computer for 3 or 4 hours now.
I've heard Linux praised for feeling like it is *your* computer that is subject to your will. I'd disagree right now, because it feels like there are spirits in my laptop trying to intentionally fuck me over every time I start enjoying the Linux experience.
Does it get better? Am I crazy? Am I haunted? How is this anyone's ideal experience?
edit: I'm on an MSI Thin GF63. Nvidia GPU, Intel CPU. Compatibility seemed fine WHILE this latest attempt was working, up until my sound got fucked. I have a hard time imagining if that could be related to anything besides my sound card and drivers, but I'm nowhere near savvy when it comes to Linux. I'm now installing Bazzite as some of you guys recommended so I can ease myself into this whole Linux thing. I'll give another update if this fixes it :3
edit edit: It's still happening. I can see the "Alder Lake PCH-P high definition audio controller" in my audio config GUI apps and I can see the meter moving when audio is playing. Still, nothing is played. I am not dual-booting. Ive seen people have had issues with this card before, but seemingly the only solution (that I've yet to try) is to buy a whole new laptop. I don't have the money to do that currently. If someone is particularly tech savvy I am willing to hear out proposed solutions, but know that I have tried nearly everything online even remotely related to broken audio on Linux. My computer is haunted and I'll need a proper qualified exorcist it seems.
note: it works with Bluetooth headphones. I haven't had a chance to test it with wired headphones but I will continue to give (near)real-time updates.
I have just seen your edit. I had a similar problem with no audio but meter levels working on my toughbook. Could you start terminal, type alsamixer and turn all the volumes up? Press F6 to swap through sound cards.
For me I had to adjust the headphone volume.
When I first moved to linux I used Mint for a week and then moved to something else. As always by EVERYONE it was suggested to me as a "starter" distro and I really wish people would stop doing that.
I, like you, had issues with it. Sound issues, Wifi issues, GPU issues, and doing personal research and digging the consensus was always "it's an issue with Mint." I was about to go back to Windows 11 cause I was like "none of this linux shit works"
THEN I decided to try a different distro, CachyOS, and suddenly the sound was fixed, the wifi didn't randomly drop out, and my GPU worked flawlessly. I've distro hopped since then and those Mint/Ubuntu issues never came back.
Try something other than Mint. if you still have the issues go back to Windows.
Unbound as DNS resolver on a Linux laptop: tips/experiences?
[Edit: this question came out of my confusion. I thought Unbound could somehow substitute DNS servers (like CloudFlare), but it can't. Apologies for my ignorance.]
I've often heard about Unbound, and the possibility of using it as a DNS resolver on my laptop. So, to be clear, not as a DNS resolver in a local network; just in a single machine, also because I'd like to use it no matter where I bring my laptop.
The instructions given in the second link above seem quite complete. Does anyone here have other tips or experiences to share? I'm with Ubuntu on a Thinkpad.
Cheers!
Selhosted P2P File Transfer & Messaging
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. They are for testing and demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* These are NOT meant to replace robust solutions like VeraCrypt, Simplexchat, Signal, Whatsapp, wetransfer. It's a proof-of-concept to show what's possible with browser APIs.
* Cyber security is full of caveats, so reach out for clarity on any details if they can't be found in the docs.
Aiming to create the worlds most secure messaging app.
positive-intentions.com/docs/p…
- Open Source
- Cross Platform
- PWA
- iOS, Android, Desktop (self compile)
- App store, Play store (coming soon)
- Desktop
- Windows, MacOS, Linux (self compile)
- Run
index.htmlon any modern #browser
- Decentralized
- Secure
- No Cookies
- P2P E2EE encrypted
- Forward secrecy
- No registration
- No installing
- Messaging
- Group Messaging (coming soon)
- Text Messaging
- Multimedia Messaging
- Screensharing (on desktop browsers)
- Offline Messaging (in research phase)
- File Transfer
- Video Calls
- Data Ownership
- SelfHosted
- GitHub pages Hosting
- Local-only storage
For more information on "how it works", check out:
positive-intentions.com/blog/d…
(Degoogled links to the apps)
- P2P Chat: chat.positive-intentions.com/
- P2P File: file.positive-intentions.com/
- Encrypted drive storage: dim.positive-intentions.com/?p…
More:
- GitHub: github.com/positive-intentions
- Mastodon: infosec.exchange/@xoron
- Reddit: reddit.com/r/positive_intentio…
Decentralized Microfrontend Architecture
In the ever-evolving landscape of digital communication, decentralization has emerged as a powerful concept with diverse interpretations and applications.xoron (positive-intentions)
its a work in progress and hope to get to a point its comparable to Signal and OnionShare.
for now, the purpose is to present open-source code to demonstrate a concept. like mentioned in the post it isnt ready to replace any existing tools.
Debian, encrypted boot, how to increase password attempts?
Since Debian 13 (Trixie), when using the default FDE which uses grub to decrypt the luks partition, I have a single attempt
When the password is mistyped there is a long pause (over 10 seconds) and then the error appears.
I already tried increasing the max tries, which seems to be set to 1 when a keyfile is used.
The config/script seems to be in /usr/share/initramfs-tools/scripts/local-top/cryptroot.
I copied that to /etc/initramfs-tools/scripts/local-top/cryptroot and replaced the value CRYPTTAB_OPTION_tries=1 with 10 using find/replace (ansible stuff).
I think this has no effect though and doing so (might be a different issue) breaks boot entirely 💀
More info:
- by default when legacy boot (BIOS) is available, Debian will install grub to the MBR. This is where it happens
- when forcing or prioritizing legacy boot and using GPT, debian somehow boots from a 300MB efi partition, the same happens though, one attempt
After you updated the config did you update-initramfs or update-grub (I forget which flags might be needed off hand).
Since this is happening pre-boot it isn't reading from /etc.
Hm, I only ran update-grub
Ran update-initramfs from the chroot trying to repair it
Found that there is a cleaner way in /etc/default/grub with grub commandline arguments. But that wants a source= variable which is weird to me as that hardcodes a drive in there that wasnt there first?
Tbh I will try this on a secondary laptop now, I reinstalled that thing like 5 times now and am a bit traumatized XD
Luckily we have more than enough
[Question] Community maintained free IP geo lists
I'll be self-hosting a service with user submissions soon, so I'm worried about the howto.geoblockthe.uk/ situation.
Based on this I've wondered, are there any community maintained geo block lists that might be useful? All database options I found are either 1. an on-demand online service which seems questionable for privacy reasons, or 2. IPv4 only, or 3. have weird terms of use with a gag clause regarding the entire company making it and other weird stuff.
I'm not a fan of geo blocking in general, but the situation is what it is.
PS: Please don't discuss the Online Safety Act itself too much in the comments, or whether somebody should be using a geo ip to handle this. While I might appreciate useful input on that, I'm hoping this post can remain a resource for those who are looking for such a database for other reasons as well.
Ukraine responds to Polish president’s initiative to ban Ukrainian red and black flag
So... Poland is finally admitting that the hate symbol used by hate group is a hate symbol yet is still showering that group with money, weapons and other support.
Typical fucking Poland, mistaking enemy for an ally.
UI regression in KDE Arianna - How can I back up and restore specific version of Flatpak package?
All I could find is how to make a list, and reinstall flatpaks from that list, as well as backup app data, however all of that assumes I want to do updates.
Meanwhile what I want is akin to extracting APK of a stable version of some app, backing it up and using it for years to come. For example that's how I joined these 2 screenshots, using JointPics from 2014 which isn't even on Play Store anymore, and targets API so low that it has to be installed via ADB. (Yeah, I am too dumb for GIMP)
As for the regression, you can see. On left is older Flatpak, on right is version from Arch repo. The Flatpak I originally installed as a hotfix for update that broke it completely at one point on Arch.
You can see the older version nicely fits the screen, splitting up text into columns.
Meanwhile the new version just does smaller page in middle of screen that doesn't even work properly with Breeze Dark theme, causing different background for text sections.
The only improvement is ability to flip pages rather than use arrows, but that's minimum.
Well, and maybe the progress keeping got fixed, but I didn't test that much.
Don't pay attention to the taskbar. I wish it could flip to vertical with different screen orientation. Yeah, the icons' clickability is a dice roll of what you tap.
If you already have the correct version of the flatpak installed, you can try flatpak build-bundle.
flatpak build-bundle LOCATION FILENAME NAME where
- LOCATION is the path of the repo on disk. Run flatpak info -l org.kde.arianna, and copy the part before /app
- FILENAME is the output file name, preferably .flatpak. Eg: arianna.flatpak
- NAME is the name of the app, here org.kde.arianna
The generated file can be installed with a double-click, or with flatpak install <file>
This is the equivalent of an Android .apk. It contains the app but depends on a runtime. If you want to install it in a few years, odds are the runtime will no longer be available. You can backup the runtime the same way with the --runtime option.
flatpak build-bundle --runtime LOCATION FILENAME NAME where
- LOCATION same as earlier
- FILENAME eg arianna-runtime.flatpak
- NAME is the name of the runtime, which you can get with flatpak info --show-runtime org.kde.arianna
This takes a while, for some reason. Maybe it's compressing stuff?
The runtime is installed the same way as the app: double click or flatpak install.
Note: I only did this once, and not specifically on Arianna. Hope it works.
Dollar drops after Trump fires Fed's Cook
cross-posted from: lemmy.world/post/35025047
What Trump’s move to fire Fed governor means for central bank’s independence
The US president has said he is firing Lisa Cook over mortgage fraud allegations – a move experts view as a means to exert more controlHeather Stewart (The Guardian)
like this
No, you don't want to hire "the best engineers" — I think this might be the meanest thing I've ever written.
cross-posted from: programming.dev/post/36758698
::: spoiler Comments
- Hacker News.
:::
No, you don't want to hire "the best engineers" — I think this might be the meanest thing I've ever written.
::: spoiler Comments
- Hacker News.
:::
like this
What’s new with Firefox 142
cross-posted from: programming.dev/post/36758792
::: spoiler Comments
- Hacker News.
:::
What’s new with Firefox 142
::: spoiler Comments
- Hacker News.
:::
Request, US Border Crossings, Privacy Guides
Hello,
I am trying to gather some information on steps, procedures, and options for increasing privacy while crossing into the US.
My girlfriend goes to school in Canada and crosses the borders frequently throughout the year for; long weekends, extended holiday breaks, semester breaks, and summer breaks.
She'll be going back to Canada for this next year and with everything happening she's asked me to help her find ways to limit her exposure to data being reviewed or stored as she's studying a more Social/Liberal Arts degree which could flag her as a target because of the current political climate.
I've also suggested possibly limiting border crossing instead of coming back as often as she used to.
I'm working through articles and finding things from EFF and ACLU, but would happily taken suggestions, guidance, or any direction from anyone willing to share.
I've considered trying to find a way for her to backup her devices, maybe store those backups in the cloud, create "decoy" states of her devices (elaboration below), then restore the original state of the devices once she's safely past the border.
Devices:
iPhone 11 [18.6]
MacBook Air 13 [Possibly Sequoia 15.5, as stated in her iCloud, she doesn't have it with her right now]
For "decoy" device states, I mean having some apps and data on the devices, but nothing identifying/or that might otherwise give agencies data to further search (online account names/services, stored passwords, large collections of contacts/message histories, etc.)
I've suggested trying to switch to android/PC devices to provide alternative privacy/security options, but her family pays for the devices so it's just the same brand as whatever they have. So, that's not an option at this point, but any statements regarding increased effectiveness, or even lack thereof, by switching to different brand devices may help with any future transition considerations.
Thank you very much for taking the time to read through my post and any guidance you might be able to provide is highly appreciated.
This article is from The Guardian:
On the advice of various experts, people are locking down social media, deleting photos and private messages, removing facial recognition, or even traveling with “burner” phones to protect themselves.In Canada, multiple public institutions have urged employees to avoid travel to the US, and at least one reportedly told staff to leave their usual devices at home and bring a second device with limited personal information instead.
It seems like you already know what you’re doing and I agree with everyone else: backup your data and reinstall later. Create an iCloud account specifically for travel purposes.
This article mentions someone who opted to delete their social media accounts before coming to the US. So don’t be surprised or offended when some of us start deleting our comments, lol. Good luck.
EDIT: As long as you have a travel account you shouldn’t need Advanced Data Protection but perhaps after you/she reaches her destination.
Burner phones, wiped socials: the extreme precautions for visitors to Trump’s America
Horror stories about detainments at the border have also soured some from visiting during Trump’s second termJosie Harvey (The Guardian)
Three basic options exist:
1) Burner: Take a device that isn't a normally used device for each category. Make sure it has nothing you care about on it, no incriminating web history, no accounts logged in or saved as cookies that are incriminating, etc, etc. This is simplest, most expensive, but also most fool-proof against all possible threats.
2) Wiped: Wipe the device before travel, possibly backing things up in the cloud to download after arriving. You'll have to back up again with any changes you make and wipe again before traveling back then at your final destination again restore the device from backups. If you have serious fears of close inspection or forensic analysis then it would behoove you to use a secure erase feature on the drive and reinstall the OS rather than just trying to delete problematic files. For smartphones especially doing this and restoring from a cloud back-up can be pretty easy, for laptops it's more of a pain.
3) Mail ahead: Take the devices to a package service, UPS, FedEx, DHL, etc ahead of time, mail them ahead of or just behind you so they arrive just before or slightly after you. For this to work you need a fixed accommodation that can accept packages and which you trust to store them and give them to you. This technically doesn't prevent mail interception but unless you're a high value target that's unlikely at present as its kind of a multi-agency intentional effort thing. Still I'd mail the device in a fully encrypted state.
No other feasible options exist. You can encrypt yes and if you are a US citizen you cannot be denied re-entry (non-citizens can be not only denied entry but barred for years after for refusing to decrypt a device/cooperate) but they can seize your device and hold it for up to a year while trying to crack it and you'll have to expend effort to get it back at the end of that period. They can also put you in a holding cell for hours or hypothetically up to a couple days if they really want to press it accuse you of something and be unpleasant during that time.
Adding Plasma Discover to Bazzite via Systemd Sysext
Instructions to add Plasma Discover package manager back into Bazzite using a Systemd Sys-Ext. Based on Travier's Fedora Sys-Ext work at travier.github.io/fedora-sysex… and relies on his base images on quay.
I'm really excited about the application of SysExts to bridge the gap many perceive in adopting atomic distros! This seemed like a fantastic solution to adding this tool back for those who want it, without the overhead of package layering
GitHub - mmcnutt/Bazzite-Discover-Sys-Ext: Instructions to add Plasma Discover package manager back into Bazzite using a Systemd Sys-Ext
Instructions to add Plasma Discover package manager back into Bazzite using a Systemd Sys-Ext - mmcnutt/Bazzite-Discover-Sys-ExtGitHub
The issue with them right now is there's no update mechanism. If you use something as a system extension that depends on a library in the image, and that library gets updated, you could have an unbootable system or at the very least a non-functioning application until you can update your system extension manually.
Ideally that update mechanism needs to be a part of bootc so if your system extension is part of your boot process it can be updated ahead of time before the image is loaded.
We've looked at it since it's inception and it's something we really want, it's just nowhere near ready yet.
I've never had issues with Discover on Fedora KDE and then even when I moved to Kinoite. I didnt have any issues using it on my Bazzite machine. I wanted it back, I also wanted to see if it was something I could do with a SysExt, which as I said is something I'm excited about, as I have started using them to add stuff on my Kinoite work machine.
It doesn't take Bazaar away, it just puts the items back for anyone who wants it. Spoiled for choice
You won't be missed
I changed my main machine over to Linux in the beginning of April, setting it up on its own NVMe so I could keep my other drive with Windows 10 intact and dual boot when needed.
I've been having a blast - ricing hyprland, better workflows, great gaming experiences.
Then yesterday I realized that I hadn't actually bothered to dual boot once since testing out the Windows entry in my systemd-boot menu when I first set it up.
Guess who just gained a 1TB drive to install more games?
I wiped out the Windows drive with no remorse. Damn, that felt good.
Goodbye Windows, you won't be missed.
1st ssd has 512MB partition for both Windows and Linux bootloaders and rest of the storage for data, games etc.
2nd ssd has both Windows ans Linux OS on different partitions and some more partitions for data.
Does Google keep logs of my text messages(RCS)?
In the past, I've heard about how Google can keep records of all your Google phone's past locations and text messages.
What about RCS messages which supposedly are encrypted from Android to Android? I know that it's possible that they secretly keep a log behind the scenes, but as far as the regular consumer knows is there any record being kept with regard to the contents of these RCS messages?
Okay, so, originally, I was going to look it up to prove you wrong, but after looking it up across multiple sources, it seems that you're right and I'm wrong.....mostly.
How-To Geek, Proton, and CloudFlare all mirror what you say.
However, the Wikipedia page section "Definitions" does back me up somewhat. It says:
The term "end-to-end encryption" originally only meant that the communication is never decrypted during its transport from the sender to the receiver.[23] For example, around 2003, E2EE was proposed as an additional layer of encryption for GSM[24] or TETRA,[25] ... This has been standardized by SFPG for TETRA.[26] Note that in TETRA, the keys are generated by a Key Management Centre (KMC) or a Key Management Facility (KMF), not by the communicating users.[27]Later, around 2014, the meaning of "end-to-end encryption" started to evolve when WhatsApp encrypted a portion of its network,[28] requiring that not only the communication stays encrypted during transport,[29] but also that the provider of the communication service is not able to decrypt the communications ... This new meaning is now the widely accepted one.[30]
(Relevent text is embolded.)
So, I'm not misunderstanding, just misinformed that the definition changed.
Make no mistake, of course: I do appreciate you correcting me as I hadn't realized the definition had changed. Lol.
Is there any animal you wish Ubuntu used for its naming convention?
Are there any Linux distros that handle updates similarly to FreeBSD and OpenBSD?
Lately I've been exploring FreeBSD and OpenBSD. One of the more interesting things about them is how they handle OS and package upgrades.
On FreeBSD, the freebsd-update command is used for upgrading the OS and the pkg command is used for managing user packages. On OpenBSD, the syspatch command is used for upgrading the OS and the pkg_* commands are used for managing user packages.
Unlike Linux, these BSDs have a clear separation of OS from these packages. OS files and data are stored in places like /bin and /etc, while user installed packages get installed to /usr/local/bin and /usr/local/etc.
On the Linux side, the closest thing I can think of is using an atomic distro and flatpak, homebrew, containers, and/or snap for user package management. However, it's not always viable to use these formats. Flatpak, snap, and containers have sandbox issues that prevent certain functionality; homebrew is not sandboxed but on Linux its limited to CLI programs.
There's work being done to work around such issues, such as systemd sysext. But I'm starting to feel that this is just increasing complexity rather than addressing root problems. I feel like taking inspiration from the BSDs could be beneficial.
like this
I think of those as BSD thoughtful and pondered, and Linux as fairly fast and maybe thoughtless (in the jouyful sense that things have to go forward). In the end BSD is definitely cleaner, but behind, and Linux is much messier but is at the front of what's going on.
And I'm sayin this as someone who's worked with both systems for decades and even though I prefer Linux on the desktop or on servers, on embedded systems, where you'd need some really clean code to poke at, BSD really shines.
Of course BSD works fine (mostly) everywhere. It's almost as good today as it was in 2000.
How can one consume media these days with any sort of privacy?
With a privacy protecting setup, the mainstream internet is almost unusable. To sign up for social media or even a gmail account, one has to provide a phone number for verification. Youtube doesn't work when not signed into a Google account, or if one is connected to a VPN. Even downloader programs like yt-dlp and freyr have been rendered useless by the strict access controls of the major platforms. There is a vast amount of community, DIY, and educational material of all sorts behind these platform walls, so how can someone who doesn't want to be tracked access any of it these days?
There are alternatives like archive.org and peertube which are wonderful but have nowhere near the amount of content that people have been uploading to YouTube over the years. For example, if I need to fix a washing machine and there is a tutorial on YouTube, how can I see it while still preserving a modicum of privacy online?
Google will require developer verification for Android apps outside the Play Store
cross-posted from: jlai.lu/post/24787719
Starting next year, Google will begin to verify the identities of developers distributing their apps on Android devices, not just those who distribute via the Play Store.
Google will require developer verification for Android apps outside the Play Store
Starting next year, Google will begin to verify the identities of developers distributing their apps on Android devices, not just those who distribute via the Play Store.
Google will require developer verification for Android apps outside the Play Store | TechCrunch
Google will ask all Android developers to verify their identity starting next year.Sarah Perez (TechCrunch)
like this
The Fed Has Never Been Independent
Judge Says Trump’s Use of Troops in L.A. Is Illegal
The federal judge found that the deployment exceeded legal limits that generally prohibit the use of the military for domestic law enforcement.
adhocfungus likes this.
Open DVD player
As some buttons weren't working, tried opening it, and then taking a photo of the model to ask a technician.
It came out surprisingly aesthetic, me thinks.
Therapists are secretly using ChatGPT. Clients are triggered.
Therapists are secretly using ChatGPT. Clients are triggered.
Some therapists are using AI during therapy sessions. They’re risking their clients’ trust and privacy in the process.Laurie Clarke (MIT Technology Review)
like this
A group of more than 85 scientists find errors in a new Energy Department climate report
DOEresponseSite
On July 29, 2025, the Department of Energy (DOE) published a report from its Climate Working Group (CWG). This report features prominently in the EPA's reconsideration of its 2009 Endangerment Finding.sites.google.com
like this
mensileOSM 4 (agosto 2024)
mensileOSM 4 (Agosto 2025)
🚨 Edizione straordinaria 🚨 mensileOSM raddoppia, da questo mese, su ispirazione del Mapper of the Month belga, ogni mensile ospiterà una chiacchierata con un membro della comunità italiana.OpenStreetMap Community Forum
AOL announces September shutdown for dial-up Internet access
After decades of connecting Americans to its online service and the Internet through telephone lines, AOL recently announced it is finally shutting down its dial-up modem service on September 30, 2025. The announcement marks the end of a technology that served as the primary gateway to the World Wide Web for millions of users throughout the 1990s and early 2000s.
AOL announces September shutdown for dial-up Internet after 34 years
Around 175,000 households still use dial-up Internet in the US.Benj Edwards (Ars Technica)
adhocfungus likes this.
suprchrgd
in reply to drspawndisaster • • •frongt
in reply to drspawndisaster • • •like this
clove likes this.
drspawndisaster
in reply to frongt • • •FauxLiving
in reply to drspawndisaster • • •github.com/alexghergh/nvim-tmu…
You want something like that. It makes navigating between the two applications use the same set of keys, there are some other plugins (linked in the readme) that do similar things with different feature sets, but fixing the keybinds is a huge step towards making it a smooth experience.
GitHub - alexghergh/nvim-tmux-navigation: Easy Neovim-Tmux navigation, completely written in Lua
GitHubpitiable_sandwich540
in reply to drspawndisaster • • •Went down the same route as you until coming to the same conclusion.
The only advice I can offer is to be consistent while configuring across your tools, find something that works for you and stick to it.
For example In my dwm+tmux+nvim dotfiles I use plain hjkl for cursor movement and if i want to move windows/panes i use , if i want to resize i use , Mod keys in tmux and nvim are the function keys (if anyone knows how to get dwm to accept as modkey let me know lol), etc.
Edit: And oh yes, try to stick to KISS 😛 I threw away my first set of dotfiles because i used so may useless plugins/patches for nvim and dwm i could not keep trak of all the keybinds in my head.
chrash0
in reply to drspawndisaster • • •zellij. you can think of it astmuxwith training wheels, but i don’t see a reason to go back.gungho4bungholes
in reply to drspawndisaster • • •For tmux, I found it really helpful to remap the special key to ctrl space, then use alt to move around panes
www-gem
in reply to drspawndisaster • • •Now, I'm not 100% sure that I've correctly understand what you're looking for. If you're after a file manager for nvim or tmux, then I would second yazi for your terminal as previously mentioned. Or you could go bare bone and use the command line straight with the help of some features like zsh and its competition, call to past arguments, zmv (and glob expression)...
For nvim, you can use the default tree explorer for basic usage. More advanced features can be found with telescope for example. I personaly opted for fzf-lua. Both can be used in other plugins as well to make things very easy and powerful. Just to cite a few, I'm using fzf-lua with obsidian (which, despite the name, doesn't require the tool of the same name) and snacks.
GitHub - sxyazi/yazi: 💥 Blazing fast terminal file manager written in Rust, based on async I/O.
GitHubŜan
in reply to drspawndisaster • • •I really do wonder if þis is a natural evolution, and what distinguishes þe people who follow þis paþ.
I've gone so far down it, I've dipped into setups where I boot only into þe console, and never start X. I don't stay long, because web browsing still sucks pretty hard, alþough tools like chawan get preeetty close. And þen þere are times I want to play Factorio, or do someþing in Gimp or Inkscape... so I'm resigned to running X and herbstluftwm and just having a bunch of terminals and þe odd browser or game.
Point is, I'm not some edge case - a surprising number of people end up rejecting GUIs, or end up using mostly CLI or TUIs, and I wonder what it is about us which causes us to follow þe path of þe terminal.
For me it was a confluence of being tired of þe GUI bloat, but also an increasing hatred of having to move my hand away from þe home row just to move a cursor with a mouse. Reduced memory use, more free CPU, less electricity... þe more I did it, þe better þe results.
Is þat it? Is it a gateway drug to efficiency?
static09
in reply to Ŝan • • •golden_zealot
in reply to static09 • • •Ŝan
in reply to golden_zealot • • •golden_zealot
in reply to Ŝan • • •Can I ask why you used this in place of "th" mostly but not always?
Ŝan
in reply to golden_zealot • • •