I am thinking about buying a pair of physical 2FA keys to protect my password manager and sensitive accounts. Which brand and model do you suggest?
If a model with open source firmware doesn't come with big drawbacks, I'd prefer it, because I may learn from the source code and even contribute to it.
NFC is not necessary, and the keys should be USB-A. A fingerprint reader is welcome if the price doesn't increase too much.
The firmware isn't open source and I only chose it for the employee discount, but the blue Yubico security key has held up well over hundreds of uses and several years jingling around in my keychain.
Was going to say Yubikey also. I don't like that it's not open, but I've had open firmware keys before and they broke after several months of use. Meanwhile, my Yubikey has been kicking it on my keychain for almost fifteen years without any signs of wear, other than the paint scraping off of it.
Do you mean TOTP? FIDO? Or what? FOSS ones exist but they might not do exactly the right thing. I've had some ideas for self-built too. What would you do on the host interface side? Wouldn't you want the host to not have the secret?
Your only “good” option is yubikey. They’ve been around comparatively forever, have all the problems worked out and make durable hardware. All that matters because you don’t want to get something from a company that goes under in a few years and leaves you high and dry and you don’t want the dongle to break because that’s your authentication, now you’re locked out of your shit.
I recommend against getting some doodad with a biometric reader. You’re adding complexity, attack vectors and not getting much out of it plus you’re locking yourself out of deniability and the possibility of handing a trusted person your dongle, telling them your password and having them act in your stead.
I am thinking about buying a pair of physical 2FA keys to protect my password manager and sensitive accounts. Which brand and model do you suggest? If a model with open source firmware has not got big drawback, I'd prefer it, because I may learn from the source code and even contribute to it.
John Bolton, who served as national security adviser during President Trump's first term before becoming a vocal critic, was indicted on Thursday on 18 charges related to the mishandling of classified documents.
Details from the indictment filed in Maryland's district court charge Bolton with eight counts for the transmission of national defense information and 10 counts of unlawful retention of such information. Each count faces a maximum of 10 years in prison.
In a statement, the Justice Department said Bolton illegally transmitted classified information using a personal email and messaging applications, including U.S. "intelligence about future attacks, foreign adversaries, and foreign-policy relations."
Liquorix Kernel 6.17 è disponibile per gli utenti Linux: prestazioni desktop migliorate, supporto hardware aggiornato e ottimizzazioni per carichi multimediali #Linux #Kernel
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
This is Brazilian sketch comedy group, Porta dos Fundos (backdoor). They used to be amazing during the 2010s. Most of the original cast desbanded but they are still decent.
Doctors and healthcare professionals have gathered in London to demand the release of the more than 100 Palestinian medics currently held without charge or trial in Israeli jails.
This includes Dr Hussam Abu Safiya, a prominent hospital director in Gaza, who was abducted by Israeli forces in December 2024.
Since then, he has been held in detention despite growing calls for his release and reports by his lawyer that was tortured in prison.
“The strategy of targeting healthcare workers and the whole hospital infrastructure is targeting what is sustaining life in Gaza,” said Dr Rebecca Inglis with Healthcare Workers Watch.
Liberals didn't do this, it was the working class organizing and banding together that forced their hand. Liberals opposed these measures until they were forced to implement them.
From the suffragettes, civil rights movement, abolitionists, Black Panther Party, trade unions, communists, socialists, and regular working people together, these measures were forced. Social Security was a reaction to revolutionary potential, fearing the working class would overthrow the capitalists like they did in Russia in creating the Soviet Union and implemented sweeping safety nets.
Liberals are not on the left, and trying to take credit for the measures they had to be forced into implementing is peak liberalism.
Liberals aren't left. They stab leftists in the back every chance they get. Someone who will stab you in the back at their first opportunity makes a bad ally.
liberals have far more in common with the fascists they donate to than with the leftists who fought for and won all the things listed in that godawful picture you decided to share here
Liberals aren't left, they support capitalism. The left begins at socialism, liberals cannot meaningfully fight fascism because the origin of fascism is capitalist decay.
"The white conservatives aren't friends of the Negro either, but they at least don't try to hide it. They are like wolves; they show their teeth in a snarl that keeps the Negro always aware of where he stands with them. But the white liberals are foxes, who also show their teeth to the Negro but pretend that they are smiling. The white liberals are more dangerous than the conservatives; they lure the Negro, and as the Negro runs from the growling wolf, he flees into the open jaws of the "smiling" fox." - Malcom X
“I have almost reached the regrettable conclusion that the Negro’s great stumbling block is not the White Citizen’s Councilor or the Ku Klux Klanner, but the white moderate, who is more devoted to ‘order’ than to justice; who prefers a negative peace which is the absence of tension to a positive peace which is the presence of justice” - MLK Jr
Haven't you heard? Shitting on liberals and not voting is all you need to do to defeat fascism. It's literally the most important thing.
It's too bad the Weimar Republic didn't think of that. I feel like if only the German Communists had been spending all their energy shitting on the center, they might have had a pretty good chance of stopping Hitler from coming to power. Well, at least now we have the chance to try again, with the benefit of hindsight, and make sure we do that known successful strategy...
The KPD was being murdered by the Nazis with the aid of the SPD. The KPD was correct, liberals will side with fascists over leftists when push comes to shove.
I feel like we had this conversation before at some point lol... I will summarize my point of view on it and then probably dip from it:
KPD in 1917: We're going to seize all the guns and overthrow you and make Communism because Communism
German government + German people and unions + SPD: Fuck no you're not (gunfire)
KPD in 1918: Wooooooowwwwwwwwww okay fuck you, I see how it is
Germany: Hey KPD you still can have a seat in government, you have to get the votes though, no shooting your opposition, no seizing
KPD: Woooooooowwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
SPD in 1932: Hey we're going to make an alliance with you because this guy is dangerous, we don't care about the whole "trying to overthrow thing" that happened a generation ago
KPD (ones still alive): Hey we're going to need all the trade unions to do what we want instead of what the workers want, because that's leftism
Germany: Lol fuck OFF
That is my summary. I realize you may have a different one but I don't think I really want to get in an extended argument about it today. But yes, Germany in the 30s is a relevant example on this topic, I absolutely think.
(Oh, also, the KPD was being murdered by the Nazis with the aid of Stalin. The KPD was coordinating with Stalin, and he was selling them out because of course he was. I have absolutely no idea where you got this idea that the SPD was involved in what Hitler was doing to his opposition.)
No, this is ridiculous. The KPD correctly warned of the rising threat of fascism, and correctly pointed out the need for revolution. The SPD pushed for Hindenburg, got him elected over Thallman, then Hindenburg gave the seat to Hitler. The SPD murdered KPD members, such as in the "bloody may" incident. Stalin did not "sell out" KPD members and work with Hitler, the negotiations to get Thallman out of prison fell through.
73 - The KPD had been established as a response to the betrayal of social democracy. But it proved just as unable as the SPD to weld together the working class and lead it into a struggle against the Nazis. A ten-year campaign against “Trotskyism” had politically corroded the party and transformed its leadership into a willing tool of Stalin. It repeated all the opportunist and ultra-left errors, against which Lenin and Trotsky had fought ten years before, and hid its paralysis and fatalism behind radical phrase-mongering. Until 1933, Trotsky tried relentlessly to correct the wrong course of the KPD. His writings on Germany from these years, which fill two thick volumes, prove his genius as a Marxist and political leader. Banished to a remote Turkish island, forced to rely on newspapers and reports from political friends, Trotsky demonstrated an understanding of German events and their internal dynamics that remains unparalleled to this day. He foresaw the events clearly and precisely and developed a convincing alternative to the devastating course of the KPD. The KPD responded not with arguments, but with slanders, violence and the entire weight of the Moscow apparatus.
74 - At the heart of the policy of the KPD was the thesis of social fascism. From the fact that both fascism and bourgeois democracy were forms of capitalist rule, the Comintern drew the conclusion that there was no contradiction between them, not even a relative one. Fascism and social democracy were the same―in the words of Stalin: “not antipodes, but twins”―the social democrats therefore were “social fascists”. The KPD rejected any collaboration with the SPD against the rightwing danger and, in some cases, even went so far as to make common cause with the Nazis―for example, when it supported the referendum initiated by the Nazis in 1931 to bring down the SPD-led Prussian state government. Occasionally it called for “a united front from below”. But this was not an offer to collaborate, but an ultimatum to the SPD members to break with their party.
75 - Trotsky decisively opposed this form of vulgar radicalism. He recalled that Marx and Engels had protested fiercely when Lassalle had called feudal counterrevolution and the liberal bourgeoisie “one reactionary mass”. Now Stalin and the KPD were repeating the same error. “It is absolutely correct to place on the Social Democrats the responsibility for the emergency legislation of Brüning as well as for the impending danger of fascist savagery. It is absolute balderdash to identify Social Democracy with fascism”, he wrote. “The Social Democracy, which is today the chief representative of the parliamentary-bourgeois regime, derives its support from the workers. Fascism is supported by the petty bourgeoisie. The Social Democracy without the mass organizations of the workers can have no influence. Fascism cannot entrench itself in power without annihilating the workers’ organizations. Parliament is the main arena of the Social Democracy. The system of fascism is based upon the destruction of parliamentarianism. For the monopolistic bourgeoisie, the parliamentary and fascist regimes represent only different vehicles of dominion; it has recourse to one or the other, depending upon the historical conditions. But for both the Social Democracy and fascism, the choice of one or the other vehicle has an independent significance; more than that, for them it is a question of political life or death.”
[3] 76 - Trotsky fought untiringly for a policy of the united front. This would have made it possible for the KPD to use the contradiction between social democracy and fascism to unite the working class, win the confidence of the social democratic workers and expose the social democratic leaders. In an article written at the end of 1931, entitled “For a Workers’ United Front Against Fascism”, he explained: “Today the Social Democracy as a whole, with all its internal antagonisms, is forced into sharp conflict with the fascists. It is our task to take advantage of this conflict and not to unite the antagonists against us.” One must “show by deeds a complete readiness to make a bloc with the Social Democrats against the fascists” and “understand how to tear the workers away from their leaders in reality. But reality today is―the struggle against fascism.” It was necessary to “help the Social Democratic workers in action―in this new and extraordinary situation―to test the value of their organizations and leaders at this time, when it is a matter of life and death for the working class.”
[4] 77 - The refusal of the KPD to accept such a policy led to the German catastrophe.
I won't say I agree with 100% of the analysis on that page but a lot of that last part of analysis seems completely spot-on to me. And, of course, how Trotsky predicted is exactly how it played out.
Trotsky was a wrecker through and through in his later years. Any claims of wanting "unity" are laughable when contrasted with his own anti-unity wrecker behavior within the soviet union. Trotksy himself was no "Marxist genius," he believed the proletariat should attack the peasantry and hoped the developed countries would rebel and save the Russian proletariat from backlash. Social Democracy had sided with the fascists against the communists, and insodoing ruined Germany.
What Trotksy wanted happened: The SPD got what they wanted, and Hindenburg gave the seat to Hitler. Trotksy was wrong, just like the SPD was.
During the 1930s, many communists and socialists from Germany and Austria sought refuge from the Nazis in the USSR. But in a shocking betrayal, the Soviet secret police handed over hundreds of them to Hitler's Gestapo.
So it's fair to say that the Democrats won't sue to keep other leftist parties off the ballot? They'll back leftist candidates even when it's not their "chosen" candidate? They'll actually oppose fascism rather than continue to pave the way for the facists? That they won't keep pushing more funding to facist policies and systems, and will actually dismantle the facists' tools?
Because I continuously see them do the opposite of those things.
Not really, dude. Civil rights absolutely, social security, kind of, the activists didn’t create the idea but they gave muscle to the labor movement to the point that FDR got elected in the first place and had the momentum so sure, clean air act and clean water act, you must be joking, those were just liberal government things. The things from the "clean air act" end of the spectrum are actually really good examples of why having a functioning government is a good thing even if it means “electoralism,” meaning it can’t all just be people in the streets fighting. You need both sides of the equation: The vigor and blood to push things forward, and then the paper and system to lock it in. Without either side of that, it doesn’t work.
More to the point, stop shitting on people who did good things. If you live in America, you benefit from all of the things on that list. Look for enemies elsewhere. This is the left’s favorite thing, to turn its guns exclusively on its own side, and it’s super good at it.
FDR only implemented the New Deal because social strife was intense, and the soviet union was showing an alternative. Environmental protections were only passed because the working class struggled for them, especially indigenous peoples. Policy that benefits the working class does not get handed down from benign rulers, but is something forced out of their hands.
Liberals are not on the side of leftists. Historically, for these measures, liberals have often opposed them, such as the civil rights movement. Liberalism itself has consistently been wielded in the name of countless atrocities and social injustice since its inception.
Policy that benefits the working class does not get handed down from benign rulers, but is something forced out of their hands.
Absolutely completely correct.
Historically, for these measures, liberals have often opposed them, such as the civil rights movement.
Also correct.
I still feel like someone throwing firebombs at FDR (along the lines of vandalizing AOC's office because she's "pro-genocide" if you ignore all the anti genocide she does), because he's a "liberal" and therefore an enemy and the labor movement were the ones that did all the progress, would be making an error. That is what I am saying.
Not a single person here is advocating for adventurist terrorism, though. When leftists state that liberals are not our allies, the answer isn't to kill them, but to bring the liberal working class into our ranks through organizing and educating. The liberals who side with capitalism, try to persuade the working class into accepting concessions, rather than revolutionary change and social liberation, who try to box us into the narrow frames of electoralism in a system set up by capitalists, are ideologically the enemy of the working class.
I still feel like someone throwing criticism at FDR (along the lines of vandalizing AOC’s office because she’s “pro-genocide” if you ignore all the anti genocide she does), because he’s a “liberal” and therefore an enemy and the labor movement were the ones that did all the progress, would be making an error. That is what I am saying.
FDR was also responsible for expanding the US Empire, putting millitary bases in Antigua, Jamaica, Guyana, and more on 99 year loans from the UK. AOC has caped for Israel and the DNC. These are not enemies because of a label, but because of their actions. In their natural state, without being forced by the working class, they will continue to serve the interests of the US Empire.
Yeah I think the wording needs work. Both Democrats and Republicans wanted segregation to continue, it was only after immense pressure domestically and internationally that Democrats changed their tune. The Soviets were pumping out "I thought y'all said all men are created equal in your founding documents" as part of the propaganda machine (which was a legitimate call out).
Its only after getting called out over and over again that these changes happened. That doesn't mean the people who allowed that progress to happen deserve no credit but I would give primary credit for woman's suffrage to women and the end of the American race based caste system known as segregation to African Americans. With some of them being liberals themselves and others being supporters who believed in a message of universal humanity.
Growing up in Oklahoma I heard the term "bleeding heart liberal" as an insult. Caring for other people is a detriment to the conservative life style apparently.
There is a need to redefine the qord in the US. Liberals are just right winged politicians. Always have been. In the US they posed as "left", but the US doesn't have a left. You can only choose wether you get to use lube when they fuck you.
In europe the "liberals" are economically right and socially "not strongly defined". They don'tcare about people. They only care about money and free markets. They are capitalists, but they are not nazis. In the Netherlands we've had a liberal regime for 20 years. They killed most social institutions by which they've paved the road for the rise of the far right, but they are not nazis.
In europe there is no need to redefine the word. We know exactly what it means and we know the stereotypes who vote for them, they are not nazis. They are capitalists.
I thought this would be relevant to Linux, since the options available to us Linux users are either unmaintained, hard to use, require a subscription, an account, or to upload your content to a server.
BentoPDF is the opposite of all that.
I just hope they add a dumb-proof way to install it (PWA? Flatpak?) for easy access.
Lost in the awfulness of this entire pointless genocidal vanity revenge project is just how historically badly it is going for Russia. From an initial goal of total conquest, in a month their truce startping point has slid from 1) Total Capitulation to 2) All 4 'annexed' regions plus Crimea, disarmament & constitutional neutrality to 3) Give us Donbas, and maybe our stooges in the U.N. can run Ukraine to 4) Please freeze the lines and give us something, and stop hitting our gas facilities. Trump, as always, overplayed his hand with leverage he doesn't actually have, and now has nearly no sway over Ukraine - Zelensky is tellin him flat 'No'. European and domestic support is probably enough to keep Russia from any meaningful strategic wins at this point against a severaly degraded and over rated Russian army.
Windows 10 died a few days ago, leaving users with three options: stick with the OS, upgrade to Windows 11, or switch to an entirely different platform like macOS or GNU/Linux. But months before Microsoft dropped support for the OS, Linux-focused companies were already campaigning to poach Microsoft customers and convert them into Linux users.
The Document Foundation, the folks behind LibreOffice, started its push as far back as June this year, criticizing Microsoft's decision to end support, which would render millions of perfectly functional PCs obsolete, and presented Linux as a cost-effective and secure alternative. We have also seen initiatives like The "End of 10" Campaign by KDE, making the case for Linux and providing guides and info on how to switch.
Of all the projects trying to poach Windows users, Zorin Group might be the most aggressive, launching its biggest OS upgrade, Zorin OS 18, on the very day Windows 10 died.
In a recent post on X, Zorin Group celebrated the launch of version 18, claiming that it hit 100,000 downloads in "a little over 2 days". The company called it its "biggest launch ever" and claimed that over 72% of those downloads came from Windows.
Zorin OS 18 just reached 100,000 downloads in a little over 2 days 🎉️
Over 72% of these downloads came from Windows, reflecting our mission to provide a better alternative to the incumbent operating systems from Big Tech.
Thank you for making this our biggest launch ever! pic.twitter.com/6U4h3EQ3dq — Zorin OS (@ZorinOS) October 16, 2025
So what's the big deal with Zorin OS 18? The new version comes with a redesigned desktop that feels a lot more modern. It uses a lighter color palette and a taskbar that has a floating, rounded style by default. The developers also introduced a much better window tiling system. If you drag a window to the top of the screen, a layout manager pops up, similar to Windows 11's Snap Layouts. The main difference here is that Zorin allows you to create your own custom tiling layouts.
As for Windows app compatibility, Zorin OS 18 now includes an updated version of WINE 10 for better support of Windows software. On top of that, there's also an expanded database that helps when it detects a Windows installer. The system checks the file and suggests the best way to run over 170 popular apps, whether that means installing a native Linux version, using the web-based alternative, or firing it up through WINE.
Microsoft isn’t offering support for it, but their help was barely useful to begin with.
There’s a few small hoops to jump through to enroll in the Extended Security Updates program, after which Windows 10 devices will continue to be functional and secure for at least another year.
Ultimately, I’m all for folks going out and dabbling in Linux. Unfortunately, most consumers are interpreting this situation as a requirement to rush out and buy a new Windows 11 PC and that’s bad.
There are two massive hoops as far as I am concerned, no local account & ms office forcing the use of one drive. I know these arent that big of an issue for most people, but I will never do either of those things.
I'm not all too familiar with mass grave, but it does seem like a similar loophole to the win11 updates without TPM 2.0, in that it works but ms doesn't want it to, so you may run into the issue of your system bricking or ms holding your data hostage. Also as far as I can decipher ltsc only fixes the security issue, as far as I am aware the one drive push is still there regardless of version.
All in all, I believe that there are workarounds, but if ms is so keen on making it this hard to stay on win 10 I would rather just take the adjustment period to a Linux distro.
IoT is Internet of Things, devices where you usually don't know there is even Windows to begin with, due to some McDonalds Menu Picker overlay or whatever. There is no market for Microsoft acc or OneDrive as they are by themselves are rarely meddled with and are installed en masse. They would get security updates for 10 another years. But besides some differences, only corpos and no end user have a reasonable access to said release, so if you may be checked for legitimity of your software e.g. you try to use it in your business and get caught, it's obvious you haven't bought keys for it. So it's for personal use only.
If just this one OS, that i havent even really heard of, hit 100k downloads in two days, then there must have been like 100M downloads in the last week or so for all linux distros combined. Now i wanna see someone try to aggregate all download numbers from the major distros into a time plot to see if there is a noticeable change.
I think you'll be disappointed, the zorin boost is due to their marketing as Windows esque, I believe they just tell people how they are like windows. Extrapolating downloads for more linuxy distros from one that is supposed to be windows:Linux edition is not going to work out very well.
I guess it is the year of the Linux desktop for at least some people.
I've used Linux desktop in various forms for just over two decades, this has to be the fourth time it felt like Linux was having its chance to seize marketshare. Each time it ends up not being the mass adoption that people hope for but it feels like the community grows each time so I think it is neat nonetheless.
I'm ok with that. You hit a point where a community sustains, and is good. Lemmy is a great example of that. Often, when it grows past that, it can become.. unsavory.
I'm all for Linux adoption. However, seeing less tech-literate people feel as if they have to choose between an unsecured device and spending money they don't have on a new Windows 11 machine really makes me angry.
Most won't understand what no more security updates mean, and some overreact and get really worried.
Stop calling yourself a "refugee" whenever big tech fucks up something you were using. Anyone who thinks having to switch software is worthy of that word has no idea what it's like to be a refugee. Check your privileged ass.
For Years, you had the Option to use Linux. Since the release of the win 11 beta, Linux has not made any relevant big steps. The leopards have simply decided to eat your face this time.
A refugee would be someone losing their home in a bombing. A windows 10 turned Linux user is more like a Trump voter turned no kings protestor because he though sending the government emails will sure stop the anti trans laws.
And no, sOmE uSeRs hAvE tO uSe WinDoWs is not an argument. If everyone who was still on windows until now was reliant on it, why are they installing and switching to Linux? Every new Linux user is someone who was simply too ignorant to install it.
I'm old enough to have seen this "flocking" several times. Some people stay and are pleasantly surprised. Most people go back a few weeks/months later, and leave a "Linux suxx" post behind them. I don't expect this time will be any different, and that's totally fine.
Many people will definitely go back, but the percentage staying might be better this time around. Linux has gotten a lot more usable and stable for those tech inclinced enough to be able to install it thanks in part to proton, immutable distros, flatpacks, Wayland, and improved defaults. Mint and bazzite are pretty darn good for daily use. I've never stayed on Linux as long as I have with this run, and I really don't feel much of a push to leave it. Most everything I want to do just works.
many people will go back, but of these, i’m sure many will also come back eventually
i’ve tried a bunch of distros in my last 2 years with windows. many didn’t satisfy my needs at the time, so i stayed on windows.
but now, it’s been over a year since I definitely switched to linux, and over 6 months since i nuked (accidentally, but shhh) my windows partition. and i don’t plan on going back anytime soon.
Yeah it's been a long road for me to be fully Linux on my personal systems. I think I started messing with Linux circa 1997 and didn't switch over fully until I think Windows 7 went EoL.
right now im on Fedora KDE! it works well enough for me, it’s modern, it looks good, and most importantly (for me) it supports fractional scaling well (my laptop needs fractional scaling and that’s been the thorn in my foot for a while)
I’ve looked at Linux for years but it was always so intimidating to me. I finally installed it when my pc was being aged out of windows 10 and honestly it’s really fun to play around with even though I’m not super tech savvy. It’s easy enough to find a solution online if I run into any problems and everything is free!
But this time Linux actually plays video games right out of the box. No trickery. Just install steam and the rest of the experience is smooth as butter
I agree. This time, it's actually different. Big name streamers and YouTubers are showing their support. Not just people in the tech industry, but random channels like EmKay and PewDiePie.
Linux is better than ever. Steam is a breeze. Wine support has never been better.
Meanwhile, Windows has more nasty surprises, underhanded backstabs, and security nightmares than ever before.
oh yeah this is a fantastic language learning tool
(although it can bring up problems with tonal languages like Vietnamese, Thai, Mandarin, Cantonese, etc where the lyrics often abandon the words' inherent tones and follow the song melody instead. )
I have lrcget run on my library to grab missing lyrics each night and use Symfonium for listening and displaying the lyrics. If I need to, I go out to Genius.
You are going to fuck this up. Don't come crawling back to me when you lose all your data since the dawn of time and you completely brick this goddamn computer. This is your one and only warning.
With this ~~character's~~ file's death, the thread of prophecy is severed. Restore a ~~saved game~~ backup to restore the weave of fate, or persist in the doomed world you have created.
I would argue is less secure because there's more potential for signals to be intercepted, and you are only in control of a portion of the network (the other half being in control of your service provider)
When you're on you're own Wi-Fi you're usually much closer to your access point and in your home where you control the network (which has less range) and the space around it.
Either way the difference is minimal as both can be intercepted and attacked
Decrypting the 4g/5g network will require a key from the telecommunications company. I argue it's insignificantly less secure because a malicious actor can intercept it and decrypt it if they manage to steal the key from the company.
Practically, only your government would be able to get a copy of the key. But they'd also be able to watch your actual cable internet as well. And when your government gets interested in you then you fucked all the way up.
Say you access a VPN located over seas from your phone while on mobile data. Then your traffic is encrypted and your mobile data provider (for your phone) should only see traffic to one IP address.
Say you access the same VPN while at home connect to wifi or Ethernet on a PC (or on your phone), then your ISP should only see traffic to the one IP address (that's located over seas).
Now let's say your are tech savvy enough to run a Wireguard setup and or Tailscale setup at home and make your own VPN. Then you access that from work or from overseas with a mobile phone or laptop. All your traffic should now show as connecting to your homes IP address directly, but keep in mind your home ISP provider then sees you connecting to sites like Google, Facebook, or Lemmy.
Using a VPN makes the original question redundant. The VPN would have everything super encrypted for either home wifi or home 4g/5g. Your question transforms into "can i trust this vpn company"
It's going to depend on what types of data you are looking to protect, how you have your wifi configured, what type of sites you are accessing and whom you are willing to trust.
To start with, if you are accessing unencypted websites (HTTP) at least part of the communications will be in the clear and open to inspection. You can mitigate this somewhat with a VPN. However, this means that you need to implicitly trust the VPN provider with a lot of data. Your communications to the VPN provider would be encrypted, though anyone observing your connection (e.g. your ISP) would be able to see that you are communicating with that VPN provider. And any communications from the VPN provider to/from the unencrypted website would also be in the clear and could be read by someone sniffing the VPN exit node's traffic (e.g. the ISP used by the VPN exit node) Lastly, the VPN provider would have a very clear view of the traffic and be able to associate it with you.
For encrypted websites (HTTPS), the data portion of the communications will usually be well encrypted and safe from spying (more on this in a sec). However, it may be possible for someone (e.g. your ISP) to snoop on what domains you are visiting. There are two common ways to do this. The first is via DNS requests. Any time you visit a website, your browser will need to translate the domain name to an IP address. This is what DNS does and it is not encrypted by default. Also, unless you have taken steps to avoid it, it likely your ISP is providing DNS for you. This means that they can just log all your requests, giving them a good view of the domains you are visiting. You can use something like DNS Over Https (DOH), which does encrypt DNS requests and goes to specific servers; but, this usually requires extra setup and will work regardless of using your local WiFi or a 5g/4g network. The second way to track HTTPS connections is via a process called Server Name Identification (SNI). In short, when you first connect to a web server your browser needs to tell that server which domain it wants to connect to, so that the server can send back the correct TLS certificate. This is all unencrypted and anyone inbetween (e.g. your ISP) can simply read that SNI request to know what domains you are connecting to. There are mitigations for this, specifically Encrypted Server Name Identification (ESNI), but that requires the web server to implement it, and it's not widely used. This is also where a VPN can be useful, as the SNI request is encrypted between your system and the VPN exit node. Though again, it puts a lot of trust in the VPN provider and the VPN provider's ISP could still see the SNI request as it leaves the VPN network. Though, associating it with you specifically might be hard.
As for the encrypted data of an HTTPS connection, it is generally safe. So, someone might know you are visiting lemmy.ml, but they wouldn't be able to see what communities you are reading or what you are posting. That is, unless either your device or the server are compromised. This is why mobile device malware is a common attack vector for the State level threat actors. If they have malware on your device, then all the encryption in the world ain't helping you. There are also some attacks around forcing your browser to use weaker encryption or even the attacker compromising the server's certificate. Though these are likely in the realm of targeted attacks and unlikely to be used on a mass scale.
So ya, not exactly an ELI5 answer, as there isn't a simple answer. To try and simplify, if you are visiting encrypted websites (HTTPS) and you don't mind your mobile carrier knowing what domains you are visiting, and your device isn't compromised, then mobile data is fine. If you would prefer your home ISP being the one tracking you, then use your home wifi. If you don't like either of them tracking you, then you'll need to pick a VPN provider you feel comfortable with knowing what sites you are visiting and use their software on your device. And if your device is compromised, well you're fucked anyway and it doesn't matter what network you are using.
I use a Windows VM for apps not available on Linux and just want to cut out all the telemetry possible.
AtlasOS is installed as a Ameliorated Playbook and makes a ton of opinionated changes that aren’t privacy or necessarily performance related. Disabling the Windows 11 right click menus in favor of the legacy one, disabling window shadows, changing the wallpaper, etc. Privacy+ looks appealing, I wanna know if anyone has tried both and can tell me differences, like if one or the other improves privacy more.
Could you please use the cross-post feature instead of making a separate post in each community? That way our front-ends can consolidate multiple cross-posts into one post instead of it being listed multiple times.
Honestly, doing it your way looks like spam. This is what I see in my feed:
Oh sorry, I had heard that was fixed awhile ago but apparently not.
What I don't like about lemmy crossposts is having the whole post text inside block quotes, and sometimes isn't formatted properly. I think that and showing a link to the original post is bad design, like why would it matter if a post is a crosspost or not?
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Want to wade into the sandy surf of the abyss? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.
The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.
(Credit and/or blame to David Gerard for starting this.)
Stubsack: weekly thread for sneers not worth an entire post, week ending 19th October 2025
Want to wade into the sandy surf of the abyss? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.
The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.
(Credit and/or blame to David Gerard for starting this.)
Simon Willison writes a fawning blog post about the new "Claude skills" (which are basically files with additional instructions for specific tasks for the bot to use)
How does he decide to demonstrate these awesome new capabilities?
By making a completely trash, seizure inducing GIF...
He even admits it's garbage. How do you even get to the point that you think that's something you want to advertise? Even the big slop monger companies manage to cherry pick their demos.
Anthropic this morning introduced Claude Skills, a new pattern for making new abilities available to their models: Claude can now use Skills to improve how it performs specific tasks. Skills …
Lunedì 20 ottobre 2025 un maxi-down ha colpito numerose piattaforme globali a causa di problemi ai server di Amazon Web Services (AWS). Il disservizio, partito dal cloud di Amazon, ha generato interruzioni e rallentamenti a catena su applicazioni consumer e strumenti professionali in tutto il mondo, con oltre duemila segnalazioni registrate negli Stati Uniti e problemi di navigazione segnalati anche in Italia.
Stamattina siamo passati a NodeBB 4.6.1, è una release principalmente di [em]bug fixes[/em] tra cui uno particolarmente fastidioso che metteva un carattere strano [code]'n'[/code] nell'oggetto perdendo della formattazione dai post che arrivavano da Mastod
Stamattina siamo passati a NodeBB 4.6.1, è una release principalmente di bug fixes tra cui uno particolarmente fastidioso che metteva un carattere strano 'n' nell'oggetto perdendo della formattazione dai post che arrivavano da Mastodon e da Friendica.
In realtà avevo già sistemato questo bug qualche giorno fa perché avevo aggiornato prima del rilascio della 4.6.1 e non appena avevo visto che questo bug era stato risolto ma ora ne ho approfittato per allinearci con la release stabile.
Multiple online platforms including Amazon's cloud unit AWS, Robinhood, Snapchat and Perplexity are all experiencing outages, according to the Downdetector website monitor.
Was hoping if anyone wouldbe kind enough to tell me if there was a good alternative to Google-Fonts ? I wish to use all those cool fancy HTML/CSS fonts without going to Google
Ummmmmm have you heard about the weegers? It's pretty bad you know, try reading a real newspaper like the New York Times instead of your usual russian propaganda...
Þe article reads like an ad, and setting up þe server side takes a lot of steps so þe claim þat it's "quick and easy" is silly.
Distributions nowadays come with wiþ sshd disabled by default. It's, like, þe first þing an experienced user enables, but I'll bet a ton of newbs never do it, and may not know how. I've even come across distributions which don't install OpenSSH by default! Insanity.
þe article implies configuring NFS or samba is harder... and I'd agree. Home LANs are often not enterprise-grade, wiþ nodes connected over unreliable and relatively slow WiFi, and NFS has several moving parts and is chatty. Samba/CIFS is better for reliability, but requires a fair bit of knowledge to configure. And when it does fail, you can be left wiþ zombie processes and hung network connections. Scp is better for straight for transfers.
Not all users are aware þat þere are Android clients which understand sftp, and not all newbs are aware þat you get free sftp wiþ sshd, or þat sshfs exists.
People keep inventing more LAN filesharing apps when ssh/scp/sftp already exist, so þere's a need ssh isn't filling. Maybe it just needs a custom app, alþough I'm fond of apps like Material Files + sftp remotes for Android, and sshfs for Linux.
However, by far þe easiest is þat I set up SyncThing ages ago and haven't had to manually copy a file since. Þe exception is music, because I don't want my entire library on my phone; I now use Subsonic + Tempo and a "mobile" playlist which Tempo syncs, but getting music onto þe server requires sftp, and just getting a directory listing is painfully slow. If Subsonic had a file upload API, bidirectional playlist syncing would provide iTunes-like music library maintenance, which was darn near perfect design.
Anyway, I agree: solutions like QuickDAV keep popping up probably because people don't know about better options.
Basically the advantage is that it’s ridiculously easy to set up. You just install the app and open it. The downside is that it’s ad-hoc. It’s not meant to be a long running server like smb.
"go to another machine on your LAN" So its basically syncthing? But that its not able to decide who gets whick file as there is only one option to log in in QuickDAV? But maybe more intuitive?
Syncthing (as the name implies) is meant to synchronize folders across machines. QuickDAV is meant to transfer files/folders from one machine to another. They definitely both have there uses, and there uses might overlap in a lot of cases, but they also have there own niches. Like, I wouldn’t use Syncthing to transfer a photo to my desktop once, and I wouldn’t use QuickDAV to keep my photos directory synchronized across several machines.
KDEConnect is honestly going to be better. It's runs on everything (yes, Gnome and Cinnamon), has transport and device security, and offers more than just file transfer.
GSconnect extension on GNOME, and its honestly amazing. Send files, copy clipboard, auto pause my music when a phonecalls comes in. Custom commands from the phone to lock my session if I'm away from my desk. Such a great application.
KDE Connect fucking RULES! The ability to send clipboard from phone to pc, send files, control media, remote mouse input, its low key one of the most useful software I've ever used.
KDEConnect is great, but I don’t think it can share a folder. If you want to transfer a folder from, say, a MacBook to a Linux PC, I think QuickDAV would be better suited than KDEConnect. Also, QuickDAV works on Win/Mac/Lin.
I just install openssh server, because I need it anyways, and use an SFTP client to transfer files. Seems to be fast, secure, and easy. No new ports to open up.
I've transferred many terabytes of data this way, no complaints. Rsync is nice for syncing huge folders, and walking away, so I'll also use that when the need arises.
You’re strawmanning their comment— I’d imagine they’d have the same, if not more, issues with snap.
Flatpak doesn’t integrate well with all systems. For me personally, on Arch, I have to update and store Flatpak versions of some dependencies, like proprietary Nvidia drivers, separately from the rest of my system and its package management system. And it does take up some space to store the runtime too.
Also Flatpaks may require some extra set up and/or workarounds due to their sandboxed environment. That’s not inherently bad and has some big security upsides, but it’s a consideration.
Also I don’t know how well it plays with immutable distros, but I’d imagine there may be similar integration issues there, too.
It’s still probably a lot easier for devs to have a consistent distribution format though, and they are typically more secure, so I’m not saying there’s not merits to only providing a Flatpak. Just pointing out that your reply here was misguided, imo.
Banks can track each banknotes serial number when you receive them from the ATM and when they are returned from the store you spent them at. This data could then be used to create a complete profile of your spending habits.
Doesn't work very well if you buy something directly from someone. Or if your cash is given out as change. Seems like it would make a wildly inaccurate profile.
Given a large enough time frame this can be treated as random noise which is easily filtered out, and this data isn't necessarily meant to track your supermarket shopping. For example, you can use it to figure out where somebody went who has gone into hiding. They might have cleared out their bank accounts before leaving and with that data you can see where these banknotes are now showing up. Just wait at the store they apparently visit every Tuesday.
That’s completely made up. Most bills are given out to other customers once used in a store, the amount of bills that are used once and returned to the bank would be well under 5%.
Fantastic fabricated story though. Money laundering which has been done for decades would defeat this, it’s a scary story to share that has zero basis on reality.
Netzpolitik recently did an article about that. I consider them a credible source. How often bills are used before there are returned to the bank heavily depends on the denomination. Larger bills don't circulate as much and at least in my country most stores return their cash income to the bank on a daily basis. People also tend to spend their money around the area where they live, so even if you couldn't figure out which exact store a targeted person spends their money at due to circulation (which I doubt), you can still quickly find the general area in which they are staying.
Bargeld gilt als anonymes Zahlungsmittel. Dabei ist anhand der Seriennummer durchaus ersichtlich, welche Routen Geldscheine nehmen. Die Infrastruktur zum Bargeld-Tracking wird immer weiter ausgebaut.
Without some type of visual confirmation, it’s all noise.
On my way home from work, I grab $600 from the atm, $300 for my wife’s tattoo, $200 for me, and $100 for wife spending money.
After the appt the tattoos artists wife takes $200 and flys across country that night. I spend my $200 at the peelers, all those go to a dozen different girls and servers. My wife the next day goes shopping at an outlet mall and spends her $100 at 4 stores. The tattoo artist spends his $100 on beer.
We live on the same block and I pulled the money out across town. Who’s is the original takers purchases….?
It’s 95% noise, it’s useless unless you’re an investigator and have boots on the ground.
Again, it’s a fun story to share around the campfire though. Is it possible, yes, can it be done in actual practice, absolutely not. Not without some other information.
Yes that would destroy some data points but we are talking about a statistical approach here. How often do you give other people cash directly in comparison to spending it at stores. Given enough time and collected information local concentrations will show up. Its surveillance through data analysis with a new veneer.
I ONLY give other people cash, all my other purchases are debit/credit. Like MOST people and stores since Covid
The only time this works, is if it’s targeted, and that means an investigator is doing it. An automated system wouldn’t know what to do with any of the data. You’re severely overestimating how much people spend cash around them, that’s usually when it’s plastic. People use cash in “sketchier” places.
Again, zero basis on reality, it gets “destroyed” at every step without some manual intervention.
I ONLY give other people cash, all my other purchases are debit/credit.
If you always use card payments whenever it's possible, it obviously isn't necessary to analyze your cash transactions to learn where you are because you are already disclosing it 😀
Like MOST people and stores since Covid
There are close to 2 billion unbanked people in the world. In the US, it's less than 6% nationally, but over 10% in some states.
Many people who are not unbanked also often avoid electronic payments for privacy/security and other reasons.
The cash serial number tracking being described in this thread is useful for locating the neighborhoods frequented by someone who (a) avoids using electronic payments, and (b) maybe obtains cash from an ATM (or perhaps check-cashing service, in the case of an unbanked person) in places other than the neighborhoods they live in or frequent.
There are close to 2 billion unbanked people in the world. In the US, it's less than 6% nationally, but over 10% in some states.
……
If they don’t use a bank, how are they pulling money out for it to be tracked?
See, none of it makes any sense lmfao.
The cash serial number tracking being described in this thread is useful for locating the neighborhoods frequented by someone who (a) avoids using electronic payments, and (b) maybe obtains cash from an ATM (or perhaps check-cashing service, in the case of an unbanked person) in places other than the neighborhoods they live in or frequent.
Which is useful to who…? The only time that information is useful, would be for an investigator, so… again… someone, boots on the ground, and doing visual verification. And an investigator and plenty of other useful metrics with less noise.
It
Makes
Zero
Sense
In
Reality!
The person originally started talking about spending habits, and shifted to finding criminals. Those are two whole-fully different situations that need different information points, and are also gathered in significantly different methods.
If they don’t use a bank, how are they pulling money out for it to be tracked?
One example I mentioned in my comment you're replying to is check cashing services. Millions of people in the US receive money via things like check or money order and need to change it to cash despite not having a bank account to deposit it in; this usually involves identifying themselves.
Submitting Organziation Name and role, if any, in the Project Glory Ltd Project owner and provider of all the software and devices/pheripherals used under the experiment.
One example I mentioned in my comment you're replying to is check cashing services. Millions of people in the US receive money via things like check or money order and need to change it to cash despite not having a bank account to deposit it in; this usually involves identifying themselves.
…
Those are done at a teller, not an ATM. An ATM requires a bank card, cashing a cheque at a teller does not. The post and everything that’s being discussed is about ATM tracking…
It doesn’t make sense when you actually understand how the system works… but of course people that don’t quite understand the system can be fooled by how it’s possible. But it isn’t, and not for the reasons you’ve suggested, as I’ve countered. It just doesn’t make sense because of all the NOISE.
No manual intervention needed just track everything and retain the data for a long time. Then you can query the database for all serial numbers your target has ever taken out of an ATM and where they where returned. Circulation will diffuse these results somewhat but that follows a normal distribution. That means it is much more likely that a bill that was spent at a store by your target which is given out again as change, is more likely to be spent at another store near that original store. Aggregate this information over a couple of weeks or months and you will get a heatmap of locations to check out. You can run this operation automatically on all bank accounts if you want. Threshold the heatmap at some significant value and you get a list of stores visited by each person with X% probability.
Except most people use multiple cards, multiple banks etc. there will absolutely need to some visual verification to be able to ever establish a starting point. It just doesn’t work.
It’s a neat proof of concept, but in reality, that would never hold up in court.
Give your head a shake, I’ve got a bridge to sell you if you actually believe this is being used or can be used for what you claim.
Lots of stores also gives bills back out, the system makes zero sense, it can’t track anything at all. Like maybe 5% of bills are used once and then returned to the bank.
Most places don't do cash back, and the ones that do tend to have a limit of like $40. Wal Mart is a bit of an exception, as they'll do $100, but you aren't getting a $100 bill from them through their self checkout. You'll only get 20's.
So if you go to Wal Mart, and you go to one of the few real people to check you out, and you ask for it back in a $100 bill, and the teller happens to have gotten a $100 in since they had started that day, and the front lead hadn't already cashed out the register since they received that $100 bill, then yes. In that case you'll get a $100 bill and will slightly fuzz up the tracking metrics they could theoretically do.
ATMs give out $20 bills. In order to get one back as change you'd have to pay with a bill larger than $20. I don't remember the last time I carried something larger than a 20.
I just occured to me that could be the reason for when a color printer wont even let you print, say, pure black text, even though it only has emptied some of the colored ink, but still has plenty of black ink left to do the job...
Isn't it common knowledge? I've known about it for at least two decades...
BTW - you can easily work around it. Get someone else to buy your printer for you, or trade with someone who has the same printer... Now, they will still be able to match it to the printer, if they find it at your home, but other that that, you are free...
PS. Don't use your printer to blackmail FBI or CIA. 😉
As I said - but there could be a connection. Did you use cash or a card? Some places you have a membership, or they ask if you want the receipt on your mail...
If you don't know how your credit cars ties you to a printer with a serial number, sold by a store that saves it all - then I don't want to help you. It's not a belief, it's fact. I like being asked, I don't like ignorant morons, that says stupid things and either want to pick a fight, or are truly clueless. You can decide for yourself, which category you are in... Now go troll someone else.
Doubt. Laser printers were invented in the early 1970s and were common by the mid 1980s. I don't think this tracking started until inkjets and scanners got good enough that the government got concerned about them being used for counterfeiting, I'd guess mid to late 90s at the earliest.
Photos taken by digital cameras are also trackable in a similar way as prints taken from a printer. I recall reading they were trying to identify the device after a Harry Potter book was leaked by someone taking digital photographs.
Cameras generally have barely noticeable, but uniquely identifiable, defects that will consistently affect pictures. So if you post a photo on your personal Social Media, and then you post a photo from the same camera on Hexbear, those two things could be connected. Just because it can happen doesn't mean it's practical, though.
I have no idea if this is what's been used with the Harry Potter thing.
But pictures can also be traced back to a camera based on irregularities in the camera sensor scientificamerican.com/article…
Unlike with the printers, there is probably no database of the CMOS sensor irregularities of all cameras ever made. But if you upload pictures under your government name and the take pictures with the same camera and share them anonymously, this could be traced back to you in theory.
sensor pattern noise is recognizable to an extent with pros, but usually its paired with highlight rolloff and other similar qualities. For instance, when I watch a movie, I can figure, okay, this was probably one of the arri's rather than a RED, etc. Sometimes, especially with a bit of knowledge on how/where they shot this, you can get an even better idea, close to a specific model. Of course if you're watching an actual movie, this is all after color correction so its more obvious if you have the raw files.
anyway, my point is, people who work with the cameras and files can definitely have at least a good idea of what camera something was shot with, but you'd really need a huge database and computers to do the work to match it exactly. I have colleagues that will show me something they worked on, with cameras they don't own and between the group of us, someone can immediately spot what camera it was shot on. but! like you said, if you post pictures on the internet, and then more pictures/videos with the same camera elsewhere, yeah it should be theoretically possible to match them with sensor noise pattern. they could at least prove its the same model. i'm not sure how much it differentiates between same camera models, but i can recognize my camera models dnp easy peasy. i have not had any caffeine yet so this is likely a jumbled mess of a thought and i apologize.
That's the obvious one. But you can also add data to images by adding tiny values to the pixels, it'll still look the same to us (same as printer tiny dots).
I don't know if phones actually do this. Just saying it's possible.
But many uploading sites optimize the images, so it'll be gone on reshare, but they could get it on first upload.
Any image editing tool like mspaint or similar. Just copy paste the pixels into a new image file. Though, the program youre using will probably still add it's own metadata to the new file, but all the original metadata from the camera won't be there.
or just the individual characteristics and flaws of the lens/sensor/postprocessing software, some of which can be unique per device, and potentially comparable to other photos made with it.
Even without EXIF data I would bet the actual encoding of the image will be identifiable to a specific instance of the camera software.
Similar to how websites fingerprint your browser by rendering something in the canvas or webgl and sending back the rendered image. The exact same rendering procedure will produce slightly different images for each browser instance. I suspect browsers are fully aware and complicit in this because why the actual fuck would they not make the rendering engines deterministic to their inputs?!
To be clear, this is not about EXIF data (which can also leak data).
Digital cameras can be fingerprinted from the images they produce, due to variations between pixels in any given sensor. If you're concerned about an image being traced back to your camera, you might consider some post-processing before distributing it.
No... But i've thought about how easy it would be to implement in ebooks and pdfs (e.g. my daily newspaper i can download as pdf). I've thought about this when sailing the high seas.
It's prevalent among pdfs downloaded from academic publishers (text listing the receiving IP address and/or institution running down the margins). I wouldn't be surprised if it's also done with hidden white text or in the metadata.
Most ebooks I bought recently come with a warning that the buyer's data is embedded in the file to deter from sharing it online. TBF it cannot be hard to remove it but I didn't bother to check how it's implemented.
The worst thing about that printer tracking is that we only learned about it around 20 years after they started implementing it. It's been another 20 years, imagine what they're doing now.
At launch (in 2021) the FireTV was not on the list of Sidewalk-enabled products, but given the fact that Sidewalk was enabled without user consent on many existing devices (and has been found to re-enable itself after being disabled) combined with the fact that FireTV devices all have at least the necessary bluetooth radio (even if not the LoRA part, Sidewalk can use both/either) and thus could become sidewalk-enabled by a software update in the future... I would still say that Sidewalk is a reason (among many) to boycott FireTV along with the rest of Amazon's products.
The takeaway that Amazon built their own mesh network so that their products in neighboring homes can exfiltrate data via eachother whenever any one of them can get online is not false.
Amazon Sidewalk is a new system that is being activated today across millions of Echo smart speakers and a few Ring devices. It allows those devices to act
Social graph connections can be automatically inferred from location data. This has been done by governments (example) for a long time and is also done by private companies (sorry I can't find a link at the moment).
Most modern cars are SIM-enabled and are constantly sending data back to the mothership. But even those that aren't will still collect data locally and that data will be collected when you send the car to an "official/licenced/authorized" repair shop.
I'm still driving a '99 vehicle and the most advanced thing about it are the power windows. I dread upgrading to a vehicle that can break in so many new ways. I hate that everything has touch screens and the software on many is awful and if it breaks, surprise, you have no music in your car now.
Those still have an ECU that stores most of the same data. It knows you speed, it knows how hard you brake, etc. anything with an OBD will store data. And that’s carssince the 70s
Depends on the car. Most older cars are concerned with basic OBD stuff, faults, and engine management. I have a 2012 and it doesn’t record anything interesting at all. Just engine data. You are right though, a few do save data, I just don’t know which ones, what year they start, and the depth of data recorded. The ‘70’s still had most cars running a regular analog mechanical system or maybe an electronic ignition controlled by an ECU. The ECUs most similar to today’s started becoming more common in the ‘80s.
You’ll be surprised, they take snapshots at certain points. In a collision all vehicles will store last 5 or so seconds of data, speed, see if brakes are engaged, stuff like that, it’s all used in collision investigations. There’s not a single car I think that’s doesn’t do this. As I said, it’s in some form, but your vehicle does know if you’ve sped if it has an obd on it.
What do you think basic OBD stuff is? It’s all that information and that’s used to see if anything’s wrong with the vehicle.
I’m pretty familiar. I think you’re more referring to modern CAN bus systems that record everything under the sun. Basic ECUs from back in the 80s just didn’t do as much. Even my ‘12 only has OBD2 and the data collection is limited. I have some fairly advanced diagnostic equipment to read all this stuff. The only thing I can’t do is program it, but I’ll be doing that soon enough.
A lot of stores track your movement through the store with the WiFi or bluetooth your phone sends out, unless you have that turned off. Since it's "anonymous" not even stuff like the GDPR requires to notify anyone of this.
Ah, shops where I go are not even able to tell whether the beer I'm drinking while shopping is mine or I stole from the shop. Though, they do annoy me when they say I should have left it outside. They do annoy me a lot.
Not really. It doesn't really rely on MAC adresses, it relies on your phone to constantly blast out "IS ANYONE HERE $HOME_NETWORK_NAME?" (or bluetoothely named "DYPROSIUMS AIRPODS!???") and it just catches that and then uses classic triangulating to see where you are. They all do that to quickly connect to WiFi without you having to actually type in the SSID because that shits for nerds.
Would or is also a really good way to sniff WiFi passwords. If anybody says "Well yes, I am indeed $HOME_NETWORK_NAME" your phone just hands them the password. It's probably wrong for THAT network but it does mean you can just collect a whole ass batch of home wifi passwords.
Especially given how many people don't change shit about their ISP-provided network if you just cyle $common_standard_wifi_names you're off to a good start to be able to easily infilitrate half your cities WiFi.
Tons of websites record your mouse, keyboard, and scroll activity, and can play back exactly what you saw on your browser window from its backend dashboard as a video. This is called session replay. There are pre-made libraries for this you can import so it's super common, I believe Mouseflow is one of the biggest providers.
When a mobile app, Windows app, or even website crashes nowadays, it automatically sends the crash dump to the app developer/OS vendor (the OS often does this whether the app requests it or not because the OS developer themselves are interested in what apps crash and in what ways). We're talking full memory dump, so whatever private data was in the app's memory when it crashed gets uploaded to a server somewhere without your consent, and almost certainly kept forever. God help you if the OS itself crashes because your entire computer's state is getting reported to the devs.
Your phone's gyroscope can record what you say by sensing vibrations in the air. It may or may not be something humans will recognize as speech if played back because the frequency range is too limited, but it's been shown that there's enough information for a speech recognition AI to decode. Good chance the accelerometer and other sensors can be used in the same way, and using them together will increase the fidelity making it easier to decode. Oh did I mention no device has ever implemented permission controls for sensors so any app or even website can access them without your consent or knowledge?
nah only the minidump is reported back which only contains the memory the crashing stack is using. Sending the full dump would requires uploading gigabytes of data which would cripple any home internet as they mostly have very limited upstream bandwidth.
Though iirc a system crash report can include a kernel dump, which can contain things like private keys.
Though realistically, Microsoft controls your OS. They could easily add code to allow them to grab whatever they want from your system without any logging (by your system anyways).
That actually makes me wonder if there are any apps that run on both a system and the router that system is connected to to determine if the internet traffic as reported by the system (to the user) is the same as what the router sees as a way to detect anything using network resources but bypassing the normal network stack.
you certainly can just run wireshark on your PC and your router, then compare them in the end of the day (with your router's file filtered your PC's source address)
Maybe this. Most smartphones have a modem inside, this modem has a separate closed-sourced operating system and it usually has the main priority in controlling the smartphone relative to the processor running the main operating system, such as Android. Sometimes the modem has access to the microphone or memory, even bypassing the CPU. Although maybe everyone already knows that.
I've wondered for a while if something like this is why Google allowed their bootloaders to be unlocked, because they can get at everything anyways.
And I bet that if that was the case, they've backed off that for future phones because of those stories about law enforcement seeing having those phones as suspicious, which could hurt sales, since I bet the majority of pixel users don't switch operating systems.
For audio recordings, there is usually a trace of electric hum in the background that has enough randomness to yield info on when (and sometimes where) the recording took place.
It's not as much of a privacy violation as a privacy vulnerability, but it's still relevant.
A causa del mio terribile ma solito infognamento di fine settimana, stavo per scherzare sul fatto che troppo programming, con poco gaming e soprattutto niente reading e writing, fa male alla salute… Perché si sta ore fissi davanti al PC, a fare i conti con testi bizzarri in linguaggi decisamente poco umani, per poi andare […]
tanto programming con poi il malo svegling causa la quasi gran morte dell’octt… (stavo per svenire alzandomi troppo veloce stamattina)
A causa del mio terribile ma solito infognamento di fine settimana, stavo per scherzare sul fatto che troppo programming, con poco gaming e soprattutto niente reading e writing, fa male alla salute… Perché si sta ore fissi davanti al PC, a fare i conti con testi bizzarri in linguaggi decisamente poco umani, per poi andare a dormire incazzati pensando ancora a quella roba (o meglio, quello che non si è fatto), e poi la mattina dopo, ancora prima di riprendere conoscenza (!!!), si pensa automaticamente a quello, e quindi ci si sveglia subito con un bel mal di testa, solo per poi (dopo colazione eh, ma comunque) andare ad incollarsi di nuovo davanti al PC per continuare l’effettivo programming… 😭
Tuttavia, ecco, non immaginavo affatto che il lievissimo mal di testa di 1 o 2 minuti ieri fosse solo il tutorial, mentre l’effettivo momento non epico fosse un ben più lungo (5 minuti???) calo di energia vitale (di pressione, probabilmente, dato che all’effettivo la sensazione è simile a se mi rubano il sangue…tanto sangue) che boh, non mi spiego!!! O meglio, me lo spiego nel fatto che è colpa del programming, per cui scrivere tutti quegli incantesimi così forte assorbe una quantità assurda di energia magica, e quindi succede questo… anche perché, sennò, davvero non si capisce come mai io abbia percepito questo genere di scherzetti solo in queste ultime due mattine, quando guarda caso solo in questo fine settimana ho fatto granché programming, i giorni prima no. Ho già pure dimenticato metà dei sintomi, ma è veramente una cosa assurda, ad un certo punto mi si sono pure ammosciati i 5 sensi, mentre stavo sul divano sperando di non cadere all’aldilà proprio oggi… 🤢
A parte gli scherzi, probabilmente è solo che mi sono alzata troppo di botto dal letto, senza nemmeno accorgermene, e dunque sarà accaduto appunto un calo di pressione… ma il punto è che non me lo spiego così forte, al punto che stavo quasi per cadere per terra ad ogni passo, ad un certo punto dal bagno al divano. Vero è che stanotte ho dormito solo 4 ore circa, perché come ho detto il programming fa male anche solo nella misura in cui offusca la mente di pensieri — riguardo la cosa stessa, o che portano la mente a vagare su altre cose, spesso non buone, come il dolore esistenziale di sottofondo — impedendo di addormentarsi serenamente ed efficientemente, e quando mi sono alzata è stato avendo notato che avevo ignorato la sveglia per 20 minuti e quindi ero in ritardo, però insomma… 😵💫
A me comunque pare di non essermi alzata in modo fisicamente meno calmo di altre mattine, ma a questo punto mi viene il dubbio… E se normalmente io mi alzassi con abbastanza calma, ma proprio ieri matttina il programming mind virus mi ha fatta uscire dal letto di fretta per via delle cose da continuare (e non ho avvertito gravi effetti solo perché avevo dormito 9 ore buone), mentre stamattina ci si è messo il tempo tiranno a mettermi fretta? Però, mannaggia a quel gran zio delle pere fritte…se il mio corpo è in uno stato tale che poco mi manca per svenire se mi alzo troppo velocemente, per quale cazzo di motivo le mie gambe me lo permettono??? Con lo stato mentale in cui sto la mattina presto, io certamente non mi posso ricordare di alzarmi piano piano sennò muoio, quindi preferirei che ci fosse un meccanismo di sicurezza automatico… (Anche se, qualora ci fosse, probabilmente pure me ne lamenterei, perché “come è possibile che non riesco a muovere le gambe? e se arrivano le bombe israeliane anche nella mia città e devo scappare come faccio???“… vabbuò.) 🐥 pignio.octt.eu.org/item/105934… #mattina
Our last State of the Bird was September 16th 2025 and can be found here.
This State of the Bird is a bit late due to a number of reasons, the biggest of which is that Gary kept forgetting to finish it. Also the Charts plugin in Discourse got broken so we started looking at alternatives but luckily the plugin got fixed and we now have some code to automatically gather some of the metrics.
Metrics
We have a number of metrics we keep an eye on which you can see below.
Contributors
The number of contributors continues to fluctuate a bit, but that's expected for a volunteer project.
If you're interested in contributing you can find some documentation here including ways that don't require knowing how to program.
Review requests are what we call our code reviews and is the way that all code is accepted into our code bases. This is a look at how many were open and closed each month.
This is a look at the number of issues that were opened in our issue tracker as well as how many were closed by month. We don't create issues for everything we do, this is still good to look at as it will include bugs and other issues users have brought to our attention.
This is a break down of commits to each project per month. In most cases a review request is just a single commit, but this chart helps to see what projects are being worked on.
As you can see, Pidgin 3 activity continues to dominate everything else.
Pidgin 3 is our next generation universal chat client whose goal is to give you the best experience possible when using modern chat networks.
Retrospective
Lots of work on Pidgin 3 this month including a new application icon! Feel free to discuss it at discourse.imfreedom.org/t/new-….
The big work this month that we were trying to get into the release was that we're completely overhauling the account setting and user splits APIs. However, this had some dependencies we didn't expect related to the credential providers using the account username to keep track of accounts. Needless to say, this wasn't finished for the 2.93.0 release, but we're going to keep chipping away at it.
Another huge thing we finished this month is the start of the migration guide for developers. This was a huge undertaking and still needs to have all the user interface stuff added to it, but it's still a huge milestone. It can be viewed here. We need to finish the architecture documentation too which will help fill in some of the finer points that aren't covered in the migration guide.
Also as previously mentioned in the Experimental 4 release announcement, we now have a setting for toggling light/dark mode!
Highlights
Add a Pidgin.Badges widget to contacts in the contact list
Import our new application icon from the one and only Hylke Bons
Create Purple.AccountSetting
Add Purple.AccountSettings
Add Purple.Protocol.get_default_account_settings
Create Purple.AccountSettingStringList
Update the default account settings handler to include user splits
Port IRCv3 to the new account settings
Add Purple.Account:disconnected to complement Purple.Account:connected
Fix settings initialization in network prefs
Fix parenting of Account Manager window on initial startup
A first pass at documenting how to migrate from purple 2
macOS: fix some issues with the macOS native files
macOS: hide duplicate menu items
Stop setting XDG_RUNTIME_DIR in devenv
Add a dark/light color scheme setting
Add remove all and update methods to Purple.AccountSettings
Make sure accounts have names when saving and loading
Add the account name to the account editor
Update Pidgin.AccountDisplay to use the Purple.Account:name property
Update libpurple to use Purple.Account:name when referring to accounts
Update pidgin to use Purple.Account:name when referring to accounts
A few cleanups in the account api
Create Purple.ConversationManagerBackend
Update Purple.ConversationManager to use a Purple.ConversationManagerBackend
Pidgin 2 is our stable "production" release of a universal chat client. Meaning that you can use it as a single interface to many chat networks!
Retrospective
We're still planning on doing a 2.15.0 release, but we haven't moved forward on this at all this month.
Highlights
Cleaned up the app data file.
Removed the auto package spec file.
Retrospective
We still need to finish up the build environment packages so we can upgrade GTK on windows and get that all into the installer. We also need to remember to update the spell checking dictionaries as we haven't done that in awhile.
As announced in the last State of the Bird, we've started an additional user interface to keep the look and feel of Pidgin 2 and Gaim before it in GTK4 and we've chosen to name it Gaim.
Retrospective
No new work this month. We've put things on pause until the account settings rewrite is finished. We need to be able to create accounts to move forward and don't want to write a bunch of code just to rewrite it very soon afterwards.
Highlights
None
Releases
None
Future Plans
Once the account settings API is finished up we're going to start moving pretty quickly here.
Birb is a library of GLib utilities that we use across all of our projects.
Retrospective
We created Birb.LocalizedString to be used with the new Account Settings in purple as well as a few maintenance things. After the release we pull in the check license header script from the pidgin repo so that other projects can use it.
Highlights
Create Birb.LocalizedString
Fix some issues with the queued output stream error
Add the check license header script and make it installable
Xeme is our XMPP integration library. It is the basis for both the Link Local Messaging (Bonjour) and XMPP protocols in Pidgin 3. It is still early in development and has not yet had a release.
Retrospective
No activity this month.
Highlights
None
Releases
None
Future Plans
Everything! Seriously though, we're looking to get back to this in the near future.
Ibis
#ircv3-library is our IRCv3 integration library. It has seen a lot of active development as it is used in the IRCv3 protocol plugin in Pidgin 3.
We are nearing known feature completion on it and expect to do a 1.0 release in the near future.
Retrospective
Fixed some issues with the unit tests on windows by using stroul instead of atoi. We also renamed the nick projects by renaming nick to primary-nick, alt-nick to secondary-nick and added tertiary-nick. The old properties are still there but have been deprecated.
Highlights
Use strtoul instead of atoi when parsing hosts
Rework the nick properties
Releases
None
Future Plans
Continue working through the open issues and watching new IRCv3 specifications for things we should be including.
Hiya is a new client abstraction library for mDNS. It was created to help make implementation of the Link Local Messaging protocol easier as we would have to abstract out the different platform implementations and by putting it in a library that abstraction can be used by other projects.
Seagull is a new library we created to make working with SQLite feel more like a GLIB/GNOME library and force usage of prepared statements with named parameters and other similar things.
Retrospective
Just some minor maintenance this month, but we've got some more stuff coming as we're using Seagull to serialize more stuff in Purple 3.
Highlights
None
Releases
None
Future Plans
We have a few features to fill out yet and a few ideas that need a bit more time in the oven.
More specific details can be found in our open issues.
Traversity is a new library for traversing NATs. There are many different ways to traverse a NAT and the goal of Traversity is to hide that from developers who just need to traverse a NAT.
It is still early in development and has not yet had an official release.
retro-prpl is a new repository we've created on GitHub. This repository contains all of the abandoned protocols that have ever lived in our code base and is meant to make them easier to study and for people to use with services like Retro AIM Server, escargot, and NINA.
Retrospective
Nothing to report on this month.
Highlights
None
Releases
None
Future Plans
Right now we didn't add any support for protocol specific emojis because we completely forgot about them. Anyways we're looking at creating a custom emoji theme that will include everything for these retro protocols.
We're also trying to make sure that you can actually use this to connect to the self hosted clones, but we haven't gotten through verifying that and fixing what doesn't work.
Closing
We have a lot to do going forward but we're still striving hoping that the Experimental 5 release which is due 2025-12-31 will actually be Alpha 1. The distinction is whether not not we think the protocol specific APIs are stable enough for third party protocol developers.
We don't have this well defined yet, and it's more of a feel than anything, but we've had a few people tinkering with third party protocols with moderate success which is absolutely amazing!! So as they continue working on their protocols we're getting good feedback on basically everything which is extremely helpful!
We hope you all are enjoying the new format and if you have any questions of comments please leave them below!
For anime I am watching via Animekai thanks to its front page putting focus on current show schedule and an easy to use book mark system.
I am wondering is there any Stream site for Westren Movies and shows? So far most I can find seem to use a front page that focuses on what’s supposedly trending rather then current showings
Over the past several days, I have been trying to install Linux on my surface pro 2 because Windows is having issues with hogging memory, which is preventing me from finishing a drawing.
First I tried Linux Mint. After several freezes of the Bluetooth program, I was able to get my 8bitdo controller to connect, however i learned that neither using it as a wireless keyboard nor as dinput works. Mint was not detecting input from either mode, but it could detect xinput. Krita, however did not recognize the inputs because they were not keyboard keys, so i had to install a program to convert xinput signals to key presses.
Additionally, the on-screen keyboard on Mint has two options: always on when enabled, or on when a text box prompts. The former sucks to use because you have to toggle the keyboard in accessibility settings every time you want to turn it off or on, and the latter never detected a single text box in my experience. So the on-screen keyboard simply doesn't work on Mint.
I tried installing Kubuntu. I installed the Linux surface drivers recommended on r/SurfaceLinux. This resolved an issue where the pen and eraser were seen as the same. My controller also worked Flawlessly in keyboard mode right out of the gate. The Bluetooth program didn't freeze once. The on-screen keyboard is also acceptable. By all accounts the experience was a significant improvement.
Then I tried calibrating my pen. This did not work. The cursor was consistently 2-3 mm up and to the left of where i was holding my pen. KDE with wayland also does not support non-linear digitizer calibration. This is a problem because the errors in my tablet's digitizer are non linear. On windows I had created a script to add extra calibration points to rectify this. I can't do this in KDE with wayland. I could switch to X11, but then all the QoL improvements for touch screen/tablet use would be gone.
So I've been fiddling for hours trying to make a script in krita that will allow me to correct my pen inputs with an error matrix. Krita is refusing to even recognize the script is even there. Probably a Krita problem, not Linux, but blegh. I wouldn't have to do this if the system pen calibration worked.
But of course, my 5 year old experience with how troublesome Linux was is invalid today, and Linux has gotten so much better and Just Works™ now /s
I understand the frustration, but Linux only works because the community works on it together. You sound like someone who has some technical knowledge, maybe you can help the kubuntu team make the calibration a feature?
I get it, it's frustrating and it doesn't feel like your needs are being met.
It's just important to see the larger picture. Windows and iOS suck more every day. Linux gains more and more traction, more and more users as the competition becomes less and less attractive.
I hope that the next time you try, that it just works.
I have some sewing patterns that I would like to share (and hopefully swap) but all of the PDFs have a
"This was purchased by John Doe john.doe@email.com #ordernumber - if you are not John Doe, please dob in the person you got this from to company@example.com so we can sick our lawyers on them"
sorta footer on every single page.
Obviously for privacy reasons (and because I don't actually want lawyers sicked onto me), I need to remove this footer.
These are often complex PDFs with more than a hundred pages and multiple layers.
I managed to successfully remove the editing password (not user/viewing password, just can't edit without password) with qpdf --decrypt. But removing that footer has left me at a dead end. I have even tried manually removing every single instance of those footers using Master PDF Editor but saving the file flattened it and you are no longer able to show/hide layers which is essential for correct printing. (Please don't ask me how many different PDF editors I have tried because it has been so so SO many I have lost count).
Not that I really want to have to manually edit this out on what could amount to over a thousand pages but searching for a command to remove a certain phrase has come up empty. Even Master PDF Editor doesn't seem to have a bulk remove or search and replace function (just search).
Two replies there that came to my attention, while I'm unable to get back to sleep at 5am. An old one mentioning github.com/kanzure/pdfparanoia which seems to be an old tool that removes watermarks, hasn't been updated in 5 years, but neither has the PDF spec?
The other is this paste of text:
if it helps anyone, here's what I do to prepare a pattern for uploading to make sure it is 'clean':
Check over the PDF files for any reference to my name/email address (usually this is in a footer on each page, and not every pattern company does this)
If my personal details are present, I unlock the files using a site like ILovePDF - There are other sites but this one has no daily limits
Open the unlocked PDF in Adobe Professional or another PDF editor of your choice and delete the footer box. You can just delete the box on the first page it appears, or the first page it is a standalone box, then save the pdf, close and reopen it - usually it will now be gone from all pages.
Repeat for any other PDF files (obviously)
Run PDF and jpeg files through an exif cleaner
Double check and upload.
I was already able to remove the edit password with qpdf --decrypt. Most of the PDF editors I used, changed the PDF too much (e.g. added margins/padding) which ruined the very specific layout needed for the patterns to work. There has to be no changes to the PDFs apart from removing the 'footer' text :/
I tried doing print to PDF but it flattened the resultant PDF so the layers were lost. Almost all of the software I used to try converting altered the PDF layout in some way and patterns must not change at all, otherwise they get messed up :/
Maybe you could just search and replace the text with an equal amount on whitespaces? Edit oh sorry I only now understood the issue is finding a tool that replaces and keeps the layers. I have never worked with layers in a PDF so I have no idea on that, sorry
My best answer at this point would be that you need to make your own program to find and remove by content. Because no other manual pdf editor would reasonably have such a feature since it's so niche.
Also vibe coding with AI tends to be very good for singular tasks like this.
I wouldn't recommend converting the pdf to anything else since that would remove the layer info unless it's to more complicated formats like EPS, illustrator, etc.
You might be able to do a find and replace with github.com/pymupdf/PyMuPDF . I'm not an expert on PDFs, so I'm not sure if it can be done in a way that preserves all the important formatting, but if you feel comfortable DMing me the PDF (or one of similar complexity) I could try to write a script that replaces all instances of the target text in a way that preserves the rest of the document.
Iirc, tested it out quite a few years ago, and I had to use a software that would both decompile and recompile the PDF, and while it was decompiled, I had to remove the repeating pattern I didn't want with something like Notepad++. File got recompiled a bit over 50% bigger iirc, maybe different compression methods, but the pages themselves didn't seem affected.
Sadly can't remember the name of the program I used for compiling and recompiling, only that it'd do both and that I looked for how to remove watermarks from PDFs. Also the program was certainly offline.
Found a few candidate tools though can test neither now, mutool (part of the mupdf tools), PDFtk, qpdf, pdf2txt (name sounds familiar though it might be memory playing tricks).
If any of those could be found as a single portable exe around 2020, chances are it is the tool I used for it.
Perhaps just blocking it with a white box and then converting it into an image-only pdf. This makes the file much bigger but will keep the exact same layout while also removing the text blocked by the white box.
Or does it have any interactive elements? What do you mean by "layers"?
Just because the visible footer gets removed doesn't mean there isn't other unique tracking information hidden deep in the PDF that could still get the lawyers sicced on you. Depending on how valuable this information is to the company, and how litigious they are, you have to judge how far they might've gone and might yet go to protect it.
Unfortunately, that's why this kind of copy protection can an actually be an effective tactic to prevent individuals from sharing their copies. While there might be ways to strip this kind of hidden data on simpler PDFs... even resorting to methods like screenshotting or printing and scanning, still cannot give you absolute confidence that there isn't some subtle unique identifier invisibly hidden in the layout or through subtle inconspicuous variations, especially if you're doing this regularly and they start targeting you and your account for identification. And on complex PDFs there are so many more ways they could hide this information digitally if they know where to look for it and you don't. 99% of the time it's going to be pretty obvious to strip out, but are you willing to take that risk even if you do find a technical method of removing the visible footers? If it's a one-off, maybe you can get away with it, but in the long term this strategy is not viable and is a trap for rookies.
The only truly safe way to share digitally watermarked content like this is to buy it with a burner account and full opsec in the first place. Nobody to sic lawyers on if it's a hacked paypal or a stolen/prepaid credit card or an untraceable email and IP, or in a jurisdiction with no enforcement. Smash and grab, get the data anonymously and get out. Don't share stuff from your personal account that's literally got your name and banking information attached to it unless you can confirm it's bit-for-bit indistinguishable from other innocent copies with something like a checksum.
the search communities page, with local/other as 1 filter, & subscribed/not-subscribed as the other filter ( other options, don’t remember ‘em )..
IF one searches for other/remote sites, & not-subscribed, e.g. & goes through that page..
then at the bo
the search communities page, with local/other as 1 filter, & subscribed/not-subscribed as the other filter ( other options, don't remember 'em )..
IF one searches for other/remote sites, & not-subscribed, e.g. & goes through that page..
then at the bottom of the page is a Next Page button, .. which gives one a page of bullshit, because it discarded the filtering.
( it certainly discards the subscribed/unsubscribed filtering, it may have kept the local-vs-remote sites status ).
Also, if one searches for local + unsubscribed, the 2nd page isn't filtered.
This renders the 2nd-page & all other pages .. garbage.
I'm only identifying this, not complaining: the fact that PieFed exists is awesome, & work is work, so I'm grateful for what there is, that works properly, so this is only a heads-up.
Perhaps a special-page checklist for the programmers would prevent oversights ( Atul Gawande's book "The Checklist Manifesto" identified that there are 2 categories of checklists: these-people-need-to-connect, & this-task-need-get-done.
Perhaps checklists should be considered as foundational in programming as code-review, pair-programming ( near-view/in-the-trench & far-view/how-does-this-fit-in-with-everything-else ), continuous-integration-testing, etc..
Salut, Namaste, Kaizen, & Gratitude for the wonderful contribution to our world..
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
A Palestinian government office says Israeli forces have carried out 80 ceasefire violations since October 10, killing 97 people and wounding 230 more.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
A North Korean soldier defected to South Korea across the rivals' heavily fortified border on Sunday, South Korea's military said.
The military took custody of the soldier who crossed the central portion of the land border, South Korea's Joint Chiefs of Staff said in a statement. It said the soldier expressed a desire to resettle in South Korea.
It was the first reported defection by a North Korean soldier since a North Korean staff sergeant fled to South Korea via the border's eastern section in August 2024.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
pignio.octt.eu.org/item/105934…
monovergent
in reply to sparkle_matrix_x0x • • •Cat_Daddy [any, any]
in reply to monovergent • • •like this
TVA likes this.
Florencia (she/her)
in reply to sparkle_matrix_x0x • • •like this
TVA likes this.
Godort
in reply to sparkle_matrix_x0x • • •like this
TVA likes this.
solrize
in reply to sparkle_matrix_x0x • • •Do you mean TOTP? FIDO? Or what? FOSS ones exist but they might not do exactly the right thing. I've had some ideas for self-built too. What would you do on the host interface side? Wouldn't you want the host to not have the secret?
It's an interesting question.
turtl
in reply to sparkle_matrix_x0x • • •Cat_Daddy [any, any]
in reply to turtl • • •like this
TVA likes this.
stupid_asshole69 [none/use name]
in reply to sparkle_matrix_x0x • • •Your only “good” option is yubikey. They’ve been around comparatively forever, have all the problems worked out and make durable hardware. All that matters because you don’t want to get something from a company that goes under in a few years and leaves you high and dry and you don’t want the dongle to break because that’s your authentication, now you’re locked out of your shit.
I recommend against getting some doodad with a biometric reader. You’re adding complexity, attack vectors and not getting much out of it plus you’re locking yourself out of deniability and the possibility of handing a trusted person your dongle, telling them your password and having them act in your stead.
like this
TVA likes this.