I want to share an interesting cryptography paper which introduces "anamorphic encryption", where the ciphertext encrypts two messages. One is a message to reveal to a dictator, who wants the secret key and message to control the narrative. Behind it lies a hidden message, guarded behind a "double key", which is to communicate messages of intent secretly.
It's kind of like having a duress key to reveal, but instead you can send real messages with the real key.
For instance, an investigative journalist could encrypt a fake message "Everyone is content in our utopia" as a smokescreen to show to the dictator, while true messages like "Minorities are forced into labor camps" can be hidden in the anamorphically encrypted ciphertexts to notify the outside free press.
The authors argue that cryptosystems already in use supports the anamorphic mode, where you encrypt a normal-looking ciphertext which contains the hidden message.
Given that it has been 3 years since this paper, I think there would have been some applications of this technology. Do you guys know of any?
Cryptosystems have been developed over the years under the typical prevalent setting which assumes that the receiver’s key is kept secure from the adversary, and that the choice of the message to be sent is freely performed by the sender and is kept …
Isn't steganography hiding encryption in plain sight? Þis appears to be encrypting wiþ two passwords, boþ of which decrypt to valid content, but only one of which is þe real secret. It's protection against being forced to give your password to brown shirts.
Interesting. One potential difficulty in implementation would be the creation of a believable decoy conversation (for the dictator to read) -- but LLMs might be able to automate this.
I posed this in another 'obfuscation' thread, but in the case of steganography, wouldn't AI have the ability to 'see' that the a file, say a image' has odd bits in it that shouldn't be in an image? Even further, would it be able to ascertain that you have two levels of messages hidden inside the image? It sounds similar to what you can do with ~~VeraCrypt~~ Cryptomater in that you have two 'levels' of encrypted data. One to reveal to the authorities and one that's for the intended target of the data packet.
That's if you are using a file to store additional data. Also JPEG and other lossy formats can have all sorts of artifacts that may (depending on the size of hidden data) seem typical.
What I thought they were referring to was encryption at the filesystem level which doesn't require file blocks to be contiguous, allowing blocks to be interlaced with the hidden data.
This is kind of how VeraCrypts hidden partition feature works.
You start the process of the volume's encryption and set a "false" password for it. It creates a partition that is encrypted with that password. When it finishes, you mount it and store "fake" files, the files you would reveal under duress. Veracrypt then takes in a second password and creates a "hidden partition" in the remaining free space of the disk - to be clear, that memory space still reports as unused/free if investigated, but the partition is there.
You can then mount that with your second password and store your actual files. You can work with files and folders in the hidden partition as needed, however if anything is added or changed etc in that first fake partition, the data in the hidden partition will be corrupted by those actions.
This means that so long as you plan ahead, someone can literally put a gun to your head and demand the password to the encrypted disk, and you can give them one that works without revealing the data to them.
In theory, since the data in the hidden partition is encrypted and unreadable, it is impossible to detect that it exists in the "unused" space of the disk, even by a forensic analyst. To them it would just look like old, randomly flipped bits that came from previous usage followed by a quick format.
Now, what's really cool about this is that if you use the veracrypt bootloader, you can store and boot from an undetectable OS you store in that hidden partition, while having a decoy operating system on the visible partition:
VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability.
the way it works is that the veracrypt container basically contains 2 encrypted partitions. if it can't decrypt the first one with the password, it will try the second one, but always pretend to try both so that the time it takes to unlock it does not give it away. by writing to either, you risk overwriting data in the other one (except that you can input both the hidden and main partition passwords and it will make sure to keep the hidden partition unaffected), but otherwise both partitions are fully functional
But if two different messages are encrypted with the same key, doesn't it by nature produce two different ~~'plaintext'~~ ciphertext? Unless the real secret is much smaller than the decoy message as in the example of the ww2 artist
plaintext is the unencrypted form of data. encryption produces ciphertext. encrypting the same data with the same key twice results in the same ciphertext, unless additional steps were taken to insert additional data that does not match (like a nonce) to the plaintext
Not sure about that, but this is basically a few clever tricks where you have two file systems in one volume. Obviously if the volume is, say, 10 gigs, you can only store 10 gigs in total on those filesystems, as they share the space.
You also, likely, wouldn't want to fill up the drive too much
I don't know what happened to it, I recall that, years ago, they found various weaknesses in the system but instead of fixing it, it seemed to be abandoned. I'll start looking around if he there are updated open source versions
It's nothing new, steganographic encryption is used as long I remeber, to hide messages into texts, images, videos and even music. There are a lot of tools out there which everyone can use. The advantage is, that an normal encrypted message can cause suspicions, but not so an inocent selfi from the beach, a cat photo, an mp3 of an summerhit, or an "unencrypted" text message, all these can be a container for hidden messages. It can also be used for invisible watermarks for an copy protection, but also for evil uses in autoexecutables malware in images or mp3 files, as seen in the past.
Official DeepSound repository migrated from jpinsoft.net. DeepSound is a freeware steganography tool and audio converter that hides secret data into audio files. The application also enables you to...
Don't count on the police not doing their job here. I think they might well do it, and if they do and evidence of this accusation is found, this asshole's fall may well continue all the way to prison
Is there a simple GUI application that will monitor running processes periodically and alert the user when a process is not running? The ones I have found are far too complex (eg Monit). I am sure this is trivial to achieve with a script, but I'd rather use a GUI.
A use case would look like this: every 60 minutes check if Syncthing is running and display a notification if it's not. In my experience, Syncthing is very reliable when it launches successfully but there may be an issue with conflicting versions that may prevent it from running at boot. Syncthing has no way to alert the GUI user when something goes wrong and you may find after you left home that your laptop hasn't synced. Checking manually is a headache, prone to errors and goes against the idea of fit and forget.
Hello! I don’t know of a desktop watchdog application that will do this for you, but you may be able to achieve this with a simple cron job. Probably just an hourly crontab entry that looks for a running process with the right name, and uses something like notify-send to send an alert if it’s not found. I’ll jump on the computer and have a quick play, though I run gnome not plasma so I don’t know how well it will translate.
I know you're looking for a desktop solution, but here's something that you can try in case you can't find one -- I'm betting that having a solution is better than having none!
So I just had a quick muck around:
You can use pgrep to detect if a process with a given name is running
You can write to /dev/pts/0 to trigger a desktop notification
You can drop it into a cron job to run it automatically on a schedule
As a test, the following command will look for a process called syncthing and send a desktop notification if it can't find it:
pgrep syncthing || echo "Syncthing is not running > /dev/pts/0"
To set up a cron job: 1. open a terminal 2. open the editor with crontab -e (if you need to pick an editor, nano will probably be your best bet, it's easiest to use) 3. in the editor, add the following line to the end of the file: 0 * * * * pgrep syncthing || echo "Syncthing is not running" > /dev/pts/0 * The 0 * * * * sets up the schedule (on the 0th minute of every hour, every day of the month, every month, on every day of the week) * Everything after that is the command to run 4. save and quit
If you ever want to get rid of it, just open the cron file again (crontab -e) and remove the line.
I gave this a go on KDE under Wayland and it seems to do the trick. Good luck, I hope you find what you're looking for!
[edit-1] added step (2) to install libnotify-bin in case you don't have it already. [edit-2] added XDG_RUNTIME_DIR to step (4) [edit-3] removed references to libnotify, replace with /dev/pts/0 (Nice one, @sun_is_ra@sh.itjust.works !)
I went for this one and it works with both notify-send and /dev/pts/0. Not sure why it is better, but I opted for the latter. Simple, lightweight and versatile, suitable for any process.
Any KDE Plasma users reading this, to enable notifications history for these you can follow the instructions here. Many thanks everyone.
I’ve got a script I want to get notifications via KDE connect and on my desktop. And I’m having trouble getting it to appear here. What do I need to do?
i use syncthing, and start it via the systems service. i found it reliable. systems has a feature by which you can get notified on error (look up the onerror key), you might be able to do what u need with that.
alternately, you can run a systemd timer that runs periodically and notifies you when your condition is met. if u want a pop-up, use zenity etc.
Yeah, autocorrect isn't great with technical terms. I meant systemd. I followed Arch's instruction, and just enabled the services via systemctl --user enable syncthing.service
I have tried Syncthingtray and Syncthingy. I found the former did too much that I never used, and the latter was an unnecessary process doing very little while always running and adding another icon to the tray. For me periodic checking with a script is enough and more efficient for the rare situation where Syncthing crashes of fails to start.
Specifically for Syncthing, there's Syncthing Tray. It'll put a little icon on your icon tray (or since you're on KDE you can use the Plasmoid and put it wherever you want) and you can configure it to change colors depending on the status of Syncthing, send notifications when it finishes a sync or can't connect, see a detailed view of the sync status and the folders, etc. It's very customizable, I've been using it for a while. Check it out!
True for most scenarios. Specifically with Syncthing, I find that it rarely fails and when it does there are good reasons and I need to do something about it (eg I used the wrong version config.xml recently trying to migrate between Syncthing setups).
Stampi in 3D su Linux? OctoPrint è la piattaforma open source che ti permette di controllare e monitorare la tua stampante direttamente dal browser. Webcam, GCODE, plugin e accesso remoto: ecco come funziona #Linux #3DPrinter #Docker #Server
Fa sempre ridere vedere le persone di origini straniere che, nonostante vivono da anni o decenni in Italia, e hanno assorbito gran parte della cultura italiana, ancora non riescono a capire certe specifiche cose che accadono nel nostro paese, perché… queste particolari cose sono in realtà oggettivamente assurde, e a dirla tutta non comprensibili nemmeno […]
“Vedo gente con piumino e canottiera – SOLO in Italia?!”
Fa sempre ridere vedere le persone di origini straniere che, nonostante vivono da anni o decenni in Italia, e hanno assorbito gran parte della cultura italiana, ancora non riescono a capire certe specifiche cose che accadono nel nostro paese, perché… queste particolari cose sono in realtà oggettivamente assurde, e a dirla tutta non comprensibili nemmeno per la maggioranza degli italiani di nascita. Il punto è che almeno loro ne discutono sui propri [video]blog, mentre normalmente per tutti gli altri queste cose sono lasciate passare in sordina, e quindi grazie a loro possiamo riflettere un po’, come piace a me… 😘
Stavolta allora Erikottero solleva un dubbio interessante: in Italia fa caldo o fa freddo?Direi che fa sia caldo che freddo contemporaneamente — o meglio, il clima cambia così repentinamente, svariate volte al giorno ogni giorno, che all’atto pratico per semplificare si può dire che ci sono più climi allo stesso momento — ma in realtà non è questo il punto, quanto più che altro che, allo stesso momento, per certa gente sembra far freddo, e per altre sembra far caldo… e come ogni autunno questo dibattito ritorni più o meno puntuale. E quindi, nelle stesse vie, si trova gente che pare stia per scalare l’Everest accanto a gente che ha boh, il 35% di pelle scoperta. 😶
Lei dice che in Giappone non c’è questo caos come invece si vede in Italia, e che lì in genere, quando iniziano le giornate fredde, si cambia vestiario anche solo per allineare le proprie vibe a quelle della stagione, che in effetti è spiritualmente carino come concetto; quindi, anche se si potrebbe stare a maniche, corte non lo si fa più… Ma poi dice anche che gli adolescenti (o forse perlopiù le adolescenti) giapponesi praticamente hanno la stessa abitudine di totale contrasto al clima che fin troppo spesso si vede qui da noi, quindi questo cercare una differenza tra le due culture mi sa che lascia un po’ il tempo che trova (…perdonatemi per questa freddura); o, forse, una cultura diversa lì c’è davvero, ma le nuovissime generazioni non la seguono. 🤥
Io a mia volta non capisco tutto questo fatto, ed è per ciò che ne approfitto per parlarne… ma non perché non riesco a comprendere il processo che ci sta dietro, per cui magari si, senti freddo, però vuoi comunque vestirti in un certo modo, perché wow e viva lo stile, e allora ti fai coraggio e sopporti il freddo… Io lo riesco anche a sopportare mentalmente il freddo, se sono fuori, ma il problema è che mi basta prendere freddo una volta e mezza per così finire, dal giorno dopo fino a intere settimane a seguire, col raffreddore, la sinusite, poco ci manca per la bronchite, e la cosa è talmente grave che i miei genitori dicono che nella mia infanzia sarei non ironicamente morta per queste schifezze, se non fosse esistita la medicina moderna!!! Il problema allora è semplicemente che gli altri non hanno questa cosa che io ho, o che? 💔
A parte che viene a questo punto da chiedermi se esista solo in casa mia il concetto di cambio di stagione dell’armadio — per cui si toglie di mezzo la roba fresca e si mette in mezzo quella calda, o viceversa in primavera, visto che l’armadio è diviso in parti facilmente accessibili e parti di archiviazione — e quindi comunque, anche se il clima permettesse, un giorno a caso di dicembre non mi vestirei in modo corto, perché la roba corta è messa via… Ma come cazzo è possibile essere in molte cose una ragazza magica, per poi avere una debolezza letteralmente così mortale al freddo… mentre le ragazze non-magiche no??? Se fossi un Pokémon, tenuto conto delle mie caratteristiche principali, ancora non ho capito se sarei di tipo psico o folletto, ma nessuno di questi è particolarmente vulnerabile al tipo ghiaccio, quindi davvero… non capisco come mai in forma umana ho proprio anche questo punto debole, tra i tanti. 😫
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Here's my attempt to explain the situation in a brief way. DHH, the creator of Ruby on Rails, wrote some things which are considered racist by some people. This caused a prominent Ruby programmer to withdraw his large sponsorship of Ruby Central, a non-profit which organises Ruby conferences, because DHH spoke at one of their conferences. Therefore Ruby Central ended up very dependent on Shopify, a large company, for funding. One theory (mentioned in the article) is that Shopify (where DHH is a board member) then pressured Ruby Central to perform a "hostile takeover" of the RubyGems GitHub organisation, where they revoked the maintainer privileges of long-time contributors. What is RubyGems? It's a website which is the de facto standard source for "gems", which are Ruby packages. I guess this is equivalent to NPM in the Node/JavaScript world.
If you want to know the potentially racist stuff said by DHH, he essentially seemed to be unhappy that London is "no longer full of native Brits". He says "native Brits" now make up "about a third" of London. So by "native Brits" he seems to mean the White British ethnic group, because they made up 37% of London in the 2021 census.
The "hostile takeover" of RubyGems has led to some Ruby programmers to create an alternative to the RubyGems website. This alternative is gem.coop. Also there is an open letter signed by influential Ruby programmers which calls for Ruby on Rails to be forked so that DHH no longer has an association with it.
The article that this post links to is an update to the situation: Ruby Central is now taking steps to try and cool the controversy.
Israeli fighter jets carried out air strikes on Rafah, in the southern Gaza Strip, on Sunday, in the latest reported violation of the ceasefire.
Israel’s Channel 12 reported the strikes were intended to protect members of the Yasser Abu Shabab militia - an Israeli-backed gang accused of stealing humanitarian aid and attacking Palestinian civilians during Israel's two-year genocidal war on Gaza.
Palestinian outlet Quds Network cited an unnamed source saying a Hamas‑led internal security unit carried out an operation targeting a hideout belonging to Yasser Abu Shabab east of Rafah.
Israeli fighter jets carried out air strikes on Rafah, in the southern Gaza Strip, on Sunday, in the latest reported violation of the ceasefire.
Israel’s Channel 12 reported the strikes were intended to protect members of the Yasser Abu Shabab militia - an Israeli-backed gang accused of stealing humanitarian aid and attacking Palestinian civilians during Israel's two-year genocidal war on Gaza.
Palestinian outlet Quds Network cited an unnamed source saying a Hamas‑led internal security unit carried out an operation targeting a hideout belonging to Yasser Abu Shabab east of Rafah.
A lotta vapes are reportedly chock full of lead, so kids probably shouldn't be puffing clouds in the bathroom stall, but was there any reason to design the most exploitable version of a product to alert school administrators about it? The manufacturer was happy to expand to Section 8 (USA, subsidized) housing in spite of script kiddies, rogue employees, or legit employees working under new guidelines being able to root into the Motorola Halo 3C and use its fully-functioning microphones to invade privacy. The frog is boiling slowly: pay more for your car insurance when your insurer buys your driving data today; risk your home insurance when you don't install this "fire prevention" spyware tomorrow.
DEF CON 33 - Unmasking the Snitch Puck: IoT surveillance tech in the school bathroom - Reynaldo, nyx: 83,126 views, Oct 10, 2025
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
c. 1400, chokkeful "crammed full;" the first element is possibly from choke "cheek" (see cheek (n.)). Or it may be from Old French choquier "collide, crash, hit" (13c., Modern French choquer), which is probably from Germanic (compare Middle Dutch schokken, and see shock (n.1)).
Probably < choke v. + full adj. (with an underlying sense ‘full to the point of choking’), in later use (especially in α forms) probably reinforced by association with chock n.^1^ and chock v.^1^
Charottez chokkefull charegyde with golde, yadadamean?
Awesome! Etymology is a fascination of mine, where language derives itself from and how words and phrases have changed and even been bastardized to mean something else. One of my favorites being 'Pull yourself up by your bootstraps'.
The phrase also derives from a mid 1800 child's physics book that had review questions at the end of each chapter to check if you understood the information. One of the questions was 'Can a man pull himself up by his bootstraps?', which is of course impossible because he is being acted upon by forces greater than himself....namely gravity.
The minute the Pi4 compute module showed up, the jig was up.
For the secure boot scheme to be really secure, you have to generate a unique key for each device. Most vendors don't bother because it means each firmware update has to be signed and encrypted for each unique device. This also means you have to have the infrastructure for device attestation. You can't just stick an update file on a public S3 bucket or FTP site like the good old days.
Some end up reusing the same product key, so if it's compromised, all devices in that family can be hacked. But even that's too much for some vendors.
Instead, they just wing it, and go back to the bad old habits (no encryption, or symmetric keys embedded in firmware) that get them featured in DefCon presentations.
Remember that if you pay your insurance regularly, then you (at least in my country) don't have to pay for healthcare and for damages you did to the other person in an car crash.
Students smoking where they shouldn't is a PITA to me, a librarian, because it can set off some fire alarms.
I do not appreciate needing to help a less mobile coworker down the stairs to evacuate the building. I don't like spending in the rain while we wait for the fire department to declare the "all clear".
We don't use spy pucks to tattle on students, though: we know what alarm was triggered and we know who checked out that study room. Or we know who came out of the single seat bathroom.
Edit: and generally students have been contrite when they return the study room key after the building was evacuated. Very "I didn't do it but I'll let my friends who were studying with me know...." and we've not had repeat offenders. Tbh, they're [young] adults so as long as no one is hurt and I don't hear about it I'm cool with it.
Un testo cruciale che affronta il paradosso della lotta femminista: come coinvolgere gli uomini nel loro processo di liberazione emotiva dal patriarcato. bell hooks svela il prezzo del potere maschile – la disconnessione dall’amore e da sé – e offre un potente antidoto basato sull’autostima sana e sulla vulnerabilità come vera forza.
bell hooks non si smentisce mai. La caratteristica di bell hooks è la capacità di integrare l’indignazione, la rabbia, gli stati di ingustizia, alchemizzarli, e sintetizzarli in una pratica di liberazione fondata sull’amore nel senso più concreto del termine.
La volontà di cambiare affronta uno dei punti ciechi di gran parte del pensiero e della letteratura femminista, ossia: la realtà del cambiamento emotivo maschile nel superamento di un sistema di relazioni patriarcale. Il femminismo, bell hooks ci dice, ha creato forze essenziali di denuncia, rivendicazione e cambiamento, e spazi di supporto per la liberazione femminile. Quello che ha faticato, e fatica tuttora a creare, è lo spazio per il processo di cambiamento dell’identità maschile, che paradossalmente è il suo obiettivo principale. Trovo che 20 anni dopo, pur con cambiamenti, questo paradosso resti ancora attuale.
La liberazione dal patriarcato, bell hooks ci dice, deve necessariamente essere un processo di liberazione anche per gli uomini. Il prezzo di appartenenza al patriarcato, il prezzo dei suoi (molto reali) vantaggi di potere, è per gli uomini una rottura nel rapporto con se stessi, la possibilità di amare e ricevere amore, e di vivere in relazione. È questa negazione, bell hooks ci dice, che sta alla radice di gran parte della rabbia e violenza maschile che è così endemica nella nostra società. Il patriarcato grantisce immunità in questa espressione perversa del bisogno di connessione e autostima, mentre con l’altra mano punisce le sue espressioni più autentiche.
L’antidoto alla logica della dominazione, bell hooks ci dice, oltre e al di là della lotta rivendicativa, è quindi che ci sia la possibilità culturale e relazionale di sviluppare un’autostima sana, per gli uomini che cercano, più o meno consciamente, di liberarsi dal terrore patriarcale della vulnerabilità (e dalla conseguente falsa equazione di forza con invulnerabilità). Questa liberazione a sua volta diventa una liberazione dai meccanismi comportamentali patriarcali di soddisfazione surrogata del bisogno umano di connessione, come il sesso oggettificato, il lavoro come unica fonte di autostima, la disconnessione relazionale attraverso la divisione del lavoro domestico, la prevaricazione, l’uso del femminile per la propria sublimazione emotiva, le dipendenze, la disconnessione dalla propria capacità di creare, sentire, curarsi di se stessi. Bell hooks non lo menziona, ma generalmente parlando, tra le persone cisgenere neurotipiche si stima che a livello globale gli uomini si tolgano la vita circa 1.8 volte più spesso delle donne. Questo fatto, di suo, è un sintomo del patriarcato, ma anche del vuoto di supporto per gli uomini che ne hanno bisogno.
Parte di questo processo, per il lato femminile, è a sua volta liberarsi dal dogma patriarcale dell’invulnerabilità maschile, e sviluppare la capacità di accogliere l’espressione emotiva maschile, pur senza ricadere in asimmetrie relazionali patriarcali. Ancora una volta, bell hooks fa luce sulle contraddizioni tra il livello politico e il livello emotivo che ancora spesso persistono nel femminismo: spesso il messaggio per gli uomini diventa, “cambia, ma arrangiati”, o “cambia, ma resta l’uomo forte, invulnerabile e indipendente”, o “cambia, ma senza spazi di supporto collettivo”. Per le donne, accettare la possibilità questo cambiamento, ci dice bell hooks, è anche potenzialmente dover ammettere la ferita lasciata da un bisogno di amare ed essere amate dagli uomini, che il patriarcato ha deluso.
Questo libro apre molte possibilità di riflessione, tra cui, per esempio, come coniugare la necessità di supporto emotivo maschile con la necessità di parità emotiva nelle relazioni, l’esplorazione del ruolo dell’omofobia nel mantenimento dell’identità maschile patriarcale, ed esempi attuali di mascolinità non patriarcali, ad esempio nella comunità transgenere, o in altri contesti. Resta un libro eccellente che articola realtà e possibilità emotive che permettono di vedere oltre la critica politica per sviluppare una visione concreta di un mondo alternativo.
bell hooks
bell hooks (Gloria Jean Watkins, 1952-2021) è stata una delle voci più influenti della critica culturale e del femminismo radicale. Scrittrice prolifica, attivista e accademica, il suo lavoro ha analizzato in profondità le intersezioni tra razza, classe e genere. La sua teoria si fonda sull’etica dell’amore e della comunità come pratica di liberazione e resistenza al sistema di dominazione, rendendola una figura fondamentale non solo per il pensiero femminista, ma per l’attivismo sociale globale.
‘Hey hey! Ho ho! Donald Trump has got to go!’ protesters across the country chanted
Nearly 7 million demonstrators in small towns and cities across the country showed up for No Kings protests to rally against Donald Trump’s presidency, according to organizers.
The president declared he was “not a king” on Fox News Friday, but that didn’t stop millions of rally-goers in more than 2,500 locations across the United States from protesting the second Trump administration.
Saturday’s event marked the third mass mobilization since Trump reclaimed the White House — and one of the largest single-day nationwide demonstrations in U.S. history, surpassing the more than 5 million demonstrators who turned up to the first iteration of “No Kings” protests in June, organizers said.
Two new videos have revealed that the Israeli military is actively supporting anti-Hamas terrorist groups in Gaza with weapons and provisions, according to a report.
The videos, recorded earlier this month and authenticated by Sky News, capture a nighttime convoy of pickup trucks transporting supplies from the direction of an Israeli military base to militia-controlled areas in northern Gaza.
The footage places the convoy about 1.4 kilometers inside Israeli-controlled territory near the Erez border crossing, an area where, according to official data, no humanitarian aid has passed since February.
The vehicles, carrying fuel, water, and food, move through devastated streets before arriving at an abandoned school identified as the headquarters of the so-called People’s Army, led by Ashraf al-Mansi.
Al-Mansi recently released a video warning Hamas against entering areas under his control, saying his group is one of four anti-Hamas militias operating inside Gaza, all within zones still monitored by Israel.
Sky News had previously reported that Israel facilitated the supply of weapons, vehicles, cash, and food to another faction, the so-called Popular Forces, led by Yasser Abu Shabab in southern Gaza.
The new evidence strongly suggests that Israel is now extending the same support to northern factions, flagrantly undermining the ceasefire agreement reached with Hamas on October 9.
The two videos, uploaded by a member of al-Mansi’s group on October 9 and 11, show convoys following the same route from a location less than 400 meters from an Israeli military base.
Although the footage does not show the loading of supplies, several containers on the trucks display the SOS Energy logo, an Israeli fuel supplier.
Neither the Israeli military nor representatives of the so-called People’s Army responded to Sky News’ requests for comment.
Israel’s support for Gaza-based terrorist groups continues as Hamas strives to restore order in the region following the ceasefire.
On Thursday, the Israeli news outlet Mako reported that Hamas had seized 45 pickup trucks, large sums of cash, and hundreds of weapons from Israeli-backed terrorist militias, citing unnamed sources within the Israeli military.
A video has revealed the Israeli regime supplying arms and resources to anti-resistance terrorist groups, directly undermining peace and stability in Gaza.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
I'm not going to pretend I know wall the electrical shit going on here, but this is overall pretty badass. It's always cool when YouTube actually suggests something interesting.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
What Mamdani is really testing is whether Democrats can still generate attention through conflict on their own terms. The modern political media landscape only amplifies what bleeds—culture wars, celebrity-like feuds—while ignoring the conflicts that actually define people’s lives: rent that keeps rising, child care that drains a paycheck, transit that doesn’t come. Most Democrats, wary of being cast as divisive, retreat from confrontation altogether or get pulled into the wrong fights.
Mamdani understands that attention is produced through conflict, and that the answer is not to avoid it but to redirect it. He builds it around affordability—who pays, who benefits, and how power works—making economic struggle visible and emotionally legible. For him, conflict isn’t a distraction from governing; it’s the entry point for persuasion. The goal is not to perform anger but to focus it, to remind people that politics can still change the price of the things that govern their days.
Mamdani’s appeal has little to do with just his youthful vibe. It lies in his answer to two questions the party keeps ducking. Can a Democrat hold attention without turning into a caricature? And once attention is captured, can it be used to make politics legible as a system that changes what people pay and how they live? His method blends traditions that rarely coexist: Sanders’s moral clarity, Ocasio-Cortez’s digital and movement cadence, the “abundance” instinct to build and unblock, the grounded competence of effective executives, and the narrative craft of cultural workers who know how to reach an audience. The point is not style for its own sake. It is persuasion as craft—showing that Democrats can hold the stage on the economy again, speak plainly about power, and still mean what they say.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Per chi lo visita direttamente dal sito, Citiverse è un Forum; ma per chi lo usa dal Fediverso, Citiverse è un'istanza qualsiasi, con le "categorie" del Forum che diventano "gruppi Activitypub", come le comunità Lemmy.
Per gli utenti Lemmy poi la questione è ancora più facile: le categorie NodeBB sono indistinguibili dalle comunità Lemmy!
Al momento abbiamo creato una settantina di comunità, suddivise per macrocategorie.
Volete visualizzarle dal vostro account Lemmy? Eccole qua:
NB: alcune potrebbero sembrarvi vuote, perché i messaggi che "contengono" si vedono solo dopo che le avete seguite.
Vogliamo far diventare Citiverse un'alternativa ai gruppi Facebook, ma per farlo abbiamo bisogno che sia una comunità attiva: Se la discussione è scarsa, nessuno prenderà in considerazione citiverse.it! Quindi:
1) seguite le comunità e partecipate alle discussioni con il vostro account federato 2) se volete una nuova comunità, chiedetecela 3) e se volete iscrivervi direttamente al forum con un account NodeBB, fatelo pure!
Citiverse, la città dei social liberi, è l'alternativa aperta e italiana ai gruppi di Facebook dove è possibile parlare con persone della tua città o della tua tua organizzazione.
La spettacolarizzazione del cattivo del presente passa dall’ignoranza: i mass media si confrontano sempre più spesso con le cronache informatiche. E programmaticamente generano mostri stereotipati.
Le AlternativeEtica Digitale Devol Fediverso Feddit.it
La Repubblica La Stampa Giornalettismo Wired Guerre di Rete Fridays For Future Italia Linux.it
I NOSTRI SUGGERIMENTI
Strumenti Exodus Privacy e ClassyShark3xodus controlla i traccianti presenti nelle appBlacklight controlla i traccianti presenti nei siti webF-Droid, store alternativo al Play Store con solo applicazioni open source
PERDERE TEMPO ONLINE Rassegna di progetti e siti open source SITI BELLI E BASTA Raccolta di siti nient’altro che belli NOSTALGIA CANAGLIA Rassegna di progetti nostalgici
La spettacolarizzazione del cattivo del presente passa dall’ignoranza: i mass media si confrontano sempre più spesso con le cronache informatiche. E programmaticamente generano mostri stereotipati.
Dall’uomo che parla il linguaggio della macchina alla macchina che interpreta l’uomo, dagli algoritmi alle reti neurali. La frontiera della ricerca, militare e del mercato, è l’AI. Con quali rischi?
Quanti di voi si ricordano SkiFree? Vi sveliamo dove è possibile giocarci online anche usando il proprio smartphone!
ALTRI PROGETTI La privacy online è un argomento molto discusso ma purtroppo è difficile riuscire a far capire a tutti la sua importanza. Questa autodifesa digitale di cisti.org e questo percorso PrivaSì di EticaDigitale sono ottimi siti su cui iniziare ad informarsi!
SEGUICI Abbiamo deciso di essere presenti ovunque perché crediamo che la privacy non deve essere un argomento di nicchia.
LA PRIVACY PRIVACY ISN’T ABOUT HIDING BAD THINGS / Si tratta di proteggere quello che ci definisce esseri umani; le nostre azioni quotidiane, la nostra personalità, le nostre paure, le nostre relazioni e le nostre vulnerabilità. Isabela Bagueros, Tor ED
Hai domande o qualche commento su questo articolo? Trovi la comunità di Le Alternativa su Feddit, su Matrix oppure Telegram.
Hello all, I'm in the market for a privacy-respecting security doorbell camera and a wide view camera with the following features: (not all of them are required, however)
-Motion detection
-Decent sized local storage*( I saw one that came with a 2TB drive but I don't think they had a cloud storage)
-Cloud storage* (no subscriptions would be great)
I briefly looked at the r/privacy and a lot of recommendations have third parties like Amazon web services for their cloud storage which I don't feel very comfortable with. I'm looking forward to hearing about the products you guys swear by.
Unfortunately, you need the app to set it up the first time, which you can only get on Google Play or the iOS App Store, but I don't think you need an account for them at all.
Note: I do not own any, but I was doing some research to see about using them with Home Assistant.
I would advise against using surveillance cameras, because they violate others' privacy. However, if you must, you can use hardware compatible with Frigate and upload it to whichever encrypted cloud server you wish.
I would advise against using surveillance cameras, because they violate others’ privacy.
That's a curious take. I'm keen to know your angle. If you are within range of my surveillance cameras, you're on my property and are not afforded any privacy. I don't care what happens out in the street, so I have none that cover the street. However, when it bleeds over onto my square, then I do care.
I guess a lot of cameras cover sidewalks and so. I have one pointing at my front door and one at my garage door and both show the sidewalk... I never gave much thought about it until I saw that article about Amazon's Ring cameras recording passerby faces and putting it into their database.
Certainly! My threat model is mainly against mass surveillance, so this is my view: If there is a surveillance camera recording in a place where there is reasonable expectation of having no strangers, I am mostly fine with that. As you mentioned, if it is only recording your own private property where no strangers are meant to be, that is your business.
However, if it is recording a space where there is reason to expect strangers to be there without violating private property (e.g. stores, doorsteps, sidewalks) that is not ok. Simply, I should not be in the crossfire of your surveillance. I don't know your intentions with the footage, and I don't know who else may have access to it. It shouldn't be my job to cover up just because you want to violate the public's right to privacy.
You can see this post of mine about my views on the expectation of privacy in public. I made it about a year ago, and I haven't read back over it, so it may be outdated or less refined than I'd prefer.
I am a huge advocate for the right to privacy, so I don't have any surveillance cameras of my own. When I have friends over, I want to lead by example and make my space a private space for them too. Instead of funding more surveillance, we should be funding stronger locks and better deterrents that don't violate human rights.
Before I answer that, I would like to give my genuine thanks to everyone who responded in my previous post where I asked you for some controversial privacy topics. You did not disappoint, and I'm glad I will be able to cover them!
This question is a bit complex, depending on how you ask it. The answer also largely depends on what you believe. If you believe that privacy is a fundamental right, then privacy should be expected no matter where you go. If the question is "Can you expect privacy..." versus "Should there be privacy...", the answer changes dramatically.
Is there currently privacy in public spaces?
In many places, there is little to no privacy when you walk out the door. With Ring doorbells latching on to every home like a parasite, or security cameras clinging to the ceiling of every store you walk inside, surveillance is everywhere. This section won't cover whether or not surveillance is moral/ethical/justified, but either way surveillance infringes on privacy. Even with no surveillance cameras, Sarah-from-down-the-street is always on a video call with her bestie.
Saying "privacy in public" is a bit of an oxymoron, since no matter what you will always give up a little privacy the moment you walk out the door. Things you do privately in the bathroom are simply not allowed in public places.
Should there be more privacy in public spaces?
Now may be a good time to clear up a common misconception. What is privacy? Privacy does not mean obscuring every detail of your life. Privacy is the ability or choice to share or hide information about yourself. That is why surveillance cameras infringe on privacy: You have no control over what they record, who has access to those recordings, and what those recordings will be used for.
That sort of answers the question, too. If you believe privacy is a fundamental right, then there should be an expectation of privacy in public spaces, and so a reform needs to happen.
What are the real effects of privacy in public spaces?
People act differently when they know they are being surveilled. See the Panopticon for an experiment about that. It has negative effects, whether people realize or not.
"Just last week, my partner and I were on a long hike. No one was around us so to loosen our muscles we started dancing like goofballs on the trail only to look up and find a drone hovering in the shadows recording us. I was embarrassed, but my partner is a very private person and was really upset. [...]"
When they expected to be in a secluded, private space, they freely expressed themselves. The moment they realized that someone had been watching, they became embarrassed or upset, like a switch had flipped. That is the real affect surveillance has on us. We express ourselves less freely, we conform to rules without question out of fear. Surveillance becomes a form of oppression on a wide scale.
I even have my own anecdote. I once took a trip to a small town. When I got there, I subconsciously looked around for security cameras. I do that to gauge how much privacy I currently have. I then noticed that I couldn't see any obvious security cameras. I stopped and looked around harder. The town had not a single security camera in sight. I have almost no way to describe the sense of calm and relaxation that washed over me. It felt like someone giving you a massage after being stressed all week, or finally being honest with everyone about a secret you've been keeping. It was such a nice feeling to walk around a town privately.
Why do we have surveillance?
The main justification for these surveillance measures is to prevent crime. It makes sense intuitively, if you have an eye on every corner you can catch any criminal easily. However, it ignores one massive flaw: criminals will always find a way to do things privately. If you make privacy illegal, it doesn't change anything, because criminals won't follow the law anyways.
I have my own quote about this, that I love very much: “Unjust laws only burden the just, as the lawless will not heed them.” Removing privacy only hurts the people who will follow and abide by the rules. You're removing the privacy of the good people, while the criminals will program "illegal" software to achieve privacy. Giving privacy to everyone means that, yes, it makes criminals' jobs easier, but it means we can shift to actually solving the problems that cause the crimes in the first place. "The best way to conquer bad ideas is with better ideas, not by suppressing ideas." - Naomi Brockwell
"The optimal crime rate is not zero. We can't burn down the entire world just to stop somebody from stealing a pack of gum. The cost is too high. There is a percentage of crime that is going to exist. It's not ideal, but it is optimal." - Nick We need privacy for a free society. Surveillance is not the answer for fighting crime. There are ways to combat crime without infringing on privacy.
Is blurring your house on the map unreasonable?
This question is another one brought up by @Zagorath@aussie.zone. Blurring your house is a way to achieve some privacy, and in that scope, it is good to do. However, as @RiderExMachina@lemmy.mlpoints out, it could cause someone to do the opposite and start looking closer into why your house is blurred. That's called the Streisand effect.
Site note: I find it hilarious why the Streisand effect is named how it is. The story goes that Barbra Streisand tried to hide her place of residence by suppressing a photograph that had made it to the public. That, of course, had the opposite effect, drawing more attention to the photograph and her residence. Then, even more attention was drawn, because the Streisand effect got named after her and the very same image is now plastered on Wikipedia.
Unfortunately, blurring your house on the map doesn't provide much privacy, since the organization who photographed it still has a clear picture of it. It doesn't stop the surveillance. It's not unreasonable to blur it, though. You should still want privacy against the Streisand effect. The best solution would be a quiet legal take down of the images altogether.
I have another story to go along with this. I got a job, and it was later revealed in conversation to me and my coworkers that our boss likes to look up everybody's address on Google Street View. Everyone was uncomfortable with that, but our boss saw no issue with it. This is a legitimate case where blurring your house is a good idea. Sure, people may try to ask you why it's blurred, or try to look up pictures on other sites like housing retail, but it still prevents (frankly, creepy) bosses from snooping at your home.
Conclusion
Privacy is a fundamental part of our lives, and surveillance infringes on that. We should all do our part to gain what privacy we can, because every bit of privacy you gain now is freedom you will have in the future. This was a lot of fun to write, and I thank @Zagorath@aussie.zone and all of you for your suggestions. I will continue to tackle each of the topics asked in the previous post one by one.
Well, that certainly is a different take than I'm used to. I sometimes fail to realize that most of the population live in fairly tight quarters, especially in housing developments, etc. Their coverage would entail an acre maybe a little more or a little less and even a doorbell cam has a pretty wide field of vision. So I could understand that concern. Where as, I have some acreage to mother hen. Barns, equipment, etc. and I have zero tolerance for a person who would walk onto my property and steal from me. I'll help a brother out as best I can, but if you steal from me that's going to get you in some troubled water.
Anyways, thanks for the explanation. Always down to be educated. Thanks for the link as well. I'll hit it in a bit.
I share a similar stance on general street surveillance by the likes of Ring. But on the flip side I understand that people may want to extend the scope of security cameras onto the street due to vehicle vandalism for example, so I make sure to smile my sweet smile when I notice them.
Thanks to @Charger8232@lemmy.ml & @irmadlad@lemmyis.fun for yet another perfect example of what I love about Fediverse, this is why it's so much better than "the other place"
I saw an article before about a guy who reverse engineered the app and figured out default camera's admin password so probably possible but I think not worth the effort.
what I did was
Installing the app
Create a hotspot that provides no internet.
Connect to that hotspot so now my phone has no internet
Open tapo app and setup the camera
Allow the camera to connect to the internetless hotspot to finish the setup and enable rtsp
I did something similar: I have a burner-phone, that is only used for dumb apps, and a wifi point that can't reach the internet. But I was hoping to avoid having to do that dance.
I am assuming you are covering something like residential property.
These come to mind. I think all of those have offline and online storage, so storage capacity would be dictated by what you choose. All four of those manufacturers have doorbell cams as well. All four have motion detection.
Secure floodlight camera with Apple HomeKit Secure Video technology. Keep a close eye on your home around the clock, and receive rich notifications on your iPhone when something is up.
Ubiquiti NVR Instant kit is a great value, and you get 24h local recording without a subscription. And it is well supported with Home Assistant.
Some of the UniFi cameras are amazingly expensive though, $500 for an outdoor 4K camera is hard to swallow. But if you can swing it, you will not regret the investment.
I already have other UniFi gear for networking and it was natural to add cameras to the system.
Apparently UniFi Protect works with 3rd party cameras if they support ONVIF but I don’t know of any yet.
I use Eufy with local storage that you can expand with your own hard drive. They had some controversy before with how thumbnails are temporarily stored in their cloud, but if you select notifications without thumbnails/preview, you should be ok. Cloud storage will never be privacy-friendly unless you encrypt the videos yourself before they are uploaded.
After being sued for violating state-level human trafficking laws, the nation’s largest private prison company is pushing the U.S. Supreme Court to grant private government contractors like itself blanket immunity from such lawsuits and many others. This
After being sued for violating state-level human trafficking laws, the nation’s largest private prison company is pushing the U.S. Supreme Court to grant private government contractors like itself blanket immunity from such lawsuits and many others. This case — and another involving a military contractor — could deliver sweeping immunity to federal contractors, if they get the ruling they…
We're excited to announce that Loops now federates with the fediverse. After months of development, ActivityPub support has officially entered beta. Your loops can now travel across the open social web.
The European Commission has revised the Ecodesign requirements for external power supplies (EPS). The new rules aim to increase consumer convenience, resource efficiency, and energy efficiency. Manufacturers have three years to prepare for the changes.
The new regulations apply to external power supplies that charge or power devices such as laptops, smartphones, Wi-Fi routers, and computer monitors. Starting in 2028, these products must meet higher energy efficiency standards and become more interoperable. Specifically, USB chargers on the EU market must have at least one USB Type-C port and function with detachable cables.
With the regulation, the EU is also establishing minimum requirements for the efficiency of power supplies with an output power of up to 240 watts that charge via USB Power Delivery (USB-PD), among other things, under other things, minimum requirements. Power supplies with an output power exceeding 10 watts will also have to meet minimum energy efficiency values in partial load operation (10 percent of rated power) in the future, which is intended to reduce unnecessary energy losses.
Interestingly,
This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.
I was rather surprised to see a Heise story linked off Slashdot, but this is a great use of technology to broaden the audience. Way less friction than every user needing a browser plugin for translation.
Historically, the charger situation has been, well, a shitshow. I've had more than a few devices over the years where the proprietary cable died, and getting a replacement was so cost prohibitive that just buying a replacement device that came with one was the more logical move.
USB-PD kinda seems like the silver bullet here. Though I'm not sure that's true unless further regulations require all USB-C cables to be able to provide 240W, and even then, there will be a long tail on older cables still being in use.
But this could be game changing in like a decade. Imagine charging with any cable and any DC converter. We'll look back on this mess as though different devices required proprietary wall outlets!
Meanwhile, here in the states, regulators are much more concerned about inflatable frog suits than any lurch toward sustainability.
The office of Israeli Prime Minister Benjamin Netanyahu said on Saturday 18 October that he had decided to keep the Rafah crossing between the Gaza Strip and Egypt closed until further notice, despite the Palestinian embassy in Cairo’s earlier announcement that the crossing would open on Monday.
Rafah Crossing remains closed by Israel
Netanyahu’s office said in a statement that the opening of the crossing would be linked to ‘Hamas’s commitment to its role’ in handing over the bodies of Israeli detainees in Gaza, as well as ‘the implementation of the agreed framework,’ without providing further details. As the Canary previously reported, Hamas handing over Israeli bodies was not part of the ceasefire agreement. Meanwhile, Israel has so-far violated this 47 times itself.
For its part, the government media office in Gaza accused Israel of obstructing the implementation of the terms of the ceasefire agreement, continuing to close the crossings and preventing the entry of food and humanitarian aid, calling on the international guarantors of the agreement to intervene immediately to ensure that the commitments are implemented.
Adnan Abu Hasna, spokesperson for the United Nations Relief and Works Agency for Palestine Refugees (UNRWA), pointed out that thousands of trucks loaded with humanitarian aid are still waiting for permission to enter the Gaza Strip, saying:
There are about 6,000 trucks carrying food and basic supplies stuck at the crossings, in addition to large quantities of medicines and medical supplies waiting to be brought in to meet the emergency needs of the population.
Abu Hasna added that the delay in opening the crossings is exacerbating the humanitarian situation in the Strip and threatening the lives of thousands of civilians, especially the sick and injured who need urgent care.
The Palestinian Embassy in Cairo announced that the Rafah crossing would be opened on Monday to allow Palestinians residing in Egypt who wish to return to Gaza to register via a dedicated electronic application, and that they would be notified later of the times and places to gather to move towards the crossing.
Breaching the ceasefire
It is noteworthy that on 9 October, Israel and Hamas reached an agreement on a ceasefire and prisoner exchange in accordance with US President Donald Trump’s plan, and the first phase of the agreement was activated the following day. The agreement stipulates that all Gaza Strip crossings, especially Rafah, will be opened to the movement of individuals and humanitarian aid, with the participation of Qatar, Turkey and Egypt, and under US supervision.
This comes after two years of genocide waged by Israel on the Gaza Strip since 7 October 2023, with US support, resulting in the martyrdom of 68,116 Palestinians, the injury of 170,200 others, and the destruction of more than 90% of the infrastructure in the Strip.
So selfish of people, to have a modicum of standards and to know when they are getting ripped the fuck off. So very very selfish and bad. Just pay your overlords.
It was the only real job in jail back in the day. Nowadays, the whole planet is barred up and down and there is no real forest left. Even the jungle is a farm now.
old article but hate how they are intentionally fudging the difference between people who pay for a pirate streaming site vs. people who just torrent stuff. I too will bet my left testicle that downloading anime isn't going to put money into trafficking.
(paraphrased) “The user of the illegal service may fund the activities of criminal organisations, says Executive Director Jaana Pihkala from the copyright organisation TTVK.”
as opposed to paying the even more criminal publishers scalping the rights and screwing the creators
Depends on the method, but a lot of normies find these pirate websites where you stream directly through a player on their website, and here they can serve ads, i.e. get money. Pirate Bay and the like also serves ads.
Used discord for piracy before, someone pirates a film and streams it to a bunch of us over discord. So discord are helping us distribute it and keep it synced for a large group.
No, no, you've misunderstood. The "Finns" mentioned are the descendants of Huckleberry Finn.
It's actually a real step backwards for them. If they not afraid to violate copyright it's only a matter of time before they start using the n-word again...
Valmond
in reply to hematite • • •Pearl
in reply to Valmond • • •Valmond
in reply to Pearl • • •ArcaneSlime
in reply to Valmond • • •🌞🌞🌞
in reply to Pearl • • •Pearl
in reply to 🌞🌞🌞 • • •Ŝan
in reply to Valmond • • •nixfreak
in reply to hematite • • •Anamorphic Cryptography with Elliptic Curve Methods
arxiv.orgDecaturNature
in reply to nixfreak • • •eleijeep
in reply to nixfreak • • •Maybe you didn't see the link, but the PDF of the original paper is linked by the page in the post: eprint.iacr.org/2022/639.pdf
The paper that you found is also interesting and references the 2022 paper.
irmadlad
in reply to hematite • • •girsaysdoom
in reply to irmadlad • • •That's if you are using a file to store additional data. Also JPEG and other lossy formats can have all sorts of artifacts that may (depending on the size of hidden data) seem typical.
What I thought they were referring to was encryption at the filesystem level which doesn't require file blocks to be contiguous, allowing blocks to be interlaced with the hidden data.
golden_zealot
in reply to hematite • • •This is kind of how VeraCrypts hidden partition feature works.
You start the process of the volume's encryption and set a "false" password for it. It creates a partition that is encrypted with that password. When it finishes, you mount it and store "fake" files, the files you would reveal under duress. Veracrypt then takes in a second password and creates a "hidden partition" in the remaining free space of the disk - to be clear, that memory space still reports as unused/free if investigated, but the partition is there.
You can then mount that with your second password and store your actual files. You can work with files and folders in the hidden partition as needed, however if anything is added or changed etc in that first fake partition, the data in the hidden partition will be corrupted by those actions.
This means that so long as you plan ahead, someone can literally put a gun to your head and demand the password to the encrypted disk, and you can give them one that works without revealing the data to them.
In theory, since the data in the hidden partition is encrypted and unreadable, it is impossible to detect that it exists in the "unused" space of the disk, even by a forensic analyst. To them it would just look like old, randomly flipped bits that came from previous usage followed by a quick format.
Now, what's really cool about this is that if you use the veracrypt bootloader, you can store and boot from an undetectable OS you store in that hidden partition, while having a decoy operating system on the visible partition:
veracrypt.io/en/VeraCrypt%20Hi…
VeraCrypt - Free Open source disk encryption with strong security for the Paranoid
veracrypt.ioPhoenixz
in reply to hematite • • •I recall truecrypt having this as a file system feature where you could decrypt two different filesystems on the same volume.
One password would show you files you didn't care much about if anyone got them, the other password would show you the actually important files.
This way there was always a realistic method to say "this is it"
icelimit
in reply to Phoenixz • • •ReversalHatchery
in reply to icelimit • • •icelimit
in reply to ReversalHatchery • • •ReversalHatchery
in reply to icelimit • • •icelimit
in reply to ReversalHatchery • • •Phoenixz
in reply to icelimit • • •Not sure about that, but this is basically a few clever tricks where you have two file systems in one volume. Obviously if the volume is, say, 10 gigs, you can only store 10 gigs in total on those filesystems, as they share the space.
You also, likely, wouldn't want to fill up the drive too much
I don't know what happened to it, I recall that, years ago, they found various weaknesses in the system but instead of fixing it, it seemed to be abandoned. I'll start looking around if he there are updated open source versions
icelimit
in reply to Phoenixz • • •Wouldn't it then be a simple matter to notice that a 10gb for only yielded 5gb of "innocent" data after decryption?
Especially since it would be (I assume) simple to 'predict' the size of the ("unnested") plaintext if the cipher and key is known
Zerush
in reply to hematite • • •It's nothing new, steganographic encryption is used as long I remeber, to hide messages into texts, images, videos and even music. There are a lot of tools out there which everyone can use. The advantage is, that an normal encrypted message can cause suspicions, but not so an inocent selfi from the beach, a cat photo, an mp3 of an summerhit, or an "unencrypted" text message, all these can be a container for hidden messages. It can also be used for invisible watermarks for an copy protection, but also for evil uses in autoexecutables malware in images or mp3 files, as seen in the past.
stegoshare.sourceforge.net/
github.com/Jpinsoft/DeepSound
github.com/syvaidya/openstego
ssuiteoffice.com/software/ssui…
github.com/KuroLabs/stegcloak
github.com/fabienpe/MP3Stego
and several more, I listed only the free and OpenSource apps
GitHub - Jpinsoft/DeepSound: Official DeepSound repository migrated from jpinsoft.net. DeepSound is a freeware steganography tool and audio converter that hides secret data into audio files. The application also enables you to extract secret files directl
GitHub