Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages?
As a security-conscious user, I've used NoScript since Firefox's early days, but its restrictive nature has become frustrating. I'm often forced to go unprotected just to access websites with multiple scripts running on different domains, which defeats the purpose of using NoScript and balances security and usability that it once provided.
Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages?
by sensitive information I'm referring to
- local machine time
- local machine ram
- local machine operating system + version
- local machine hardware
- Serial Number
- Hardware ID
- UUID
- Windows Device ID
- Windows Product ID
- ...
greatly appreciate any insight
EDIT:
could be possible solution
discuss.grapheneos.org/d/16025…
- ~~LibreJS: GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap.~~
- JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain.
Most of those things cannot be collected through JavaScript.Local time can.
RAM can only be approximated to protect user privacy. Edit: And it’s not available on Firefox.
OS+version are already in your browser’s user-agent string that is sent out with every request you make.
Machine hardware cannot be enumerated. JavaScript can try to guess your GPU based on what it can do with WebGL.
There is no way to get a serial number or similar.
To spoof timezone/OS+version/browser+version ... and disable WebGL, use sereneblue.github.io/chameleon…
- lemmy.world/post/31885153
Vanadium and what to use on desktop - GrapheneOS Discussion Forum
GrapheneOS discussion forumGrapheneOS Discussion Forum
Never found a better plugin - chameleon
sereneblue.github.io/chameleon…strongly recommend
like this
Rozaŭtuno likes this.
by sensitive information I'm referring to
- local machine time
- local machine ram
- local machine operating system + version
- local machine hardware
- Serial Number
- Hardware ID
- UUID
- Windows Device ID
- Windows Product ID
- ...
Can I prevent javascript from running specific command that retrieve these information?
You could monkeypatch some javascript functions like the constructor Date types, but there will always be things not thought of that will leak date info. Hardware identifiers are quite difficult to get in javascript and several browsers already obfuscate that info.
Honestly if you're very concerned, I really do think a virtual machine is your absolute safest approach, obviously the browsing experience is worse.
Check out amiunique.org to see what fingerprinting is generally available in your current browser
Harsh question: Do you have a real need to prevent this data from being collected, or are you investigating just for ~~funsies~~ best practice advice? There are a lot of posts like this where people overestimate the threat model they have and insist on needing to block things that are nearly impossible to, or at least have significant tradeoffs like you are dealing with now.
Javascript is also not the only source that sites can use for these pieces of info from your machine. Local time in particular can be estimated by looking up the rough location of your IP address then matching to a time zone.
Anyway.
I would assume you could technically fork localCDN (replaces remote javascript libraries with local copies) and then manually edit the local javascript library copies to remove the calls you are concerned about.
There's also options like uBlock Origin's methods of only whitelisting specific scripts. Much more flexible than NoScript. You can block scripts that are third party and only allow site specific ones fairly easily, without digging deep into the settings.
Bear in mind that your specific combination of installed extensions can also be a unique identifier though.
Do you have a real need to prevent this data from being collected
maybe
or are you investigating just for best practice advice?
yes
There are a lot of posts like this where people overestimate the threat model they have and insist on needing to block things that are nearly impossible to, or at least have significant tradeoffs like you are dealing with now
could you explain why it is nealy impossible from only blocking javascript from attaining "local machine operating system + version
"? I don't think this kind of information is relevant for webpage displaying. I dont think webpage will break if we ban js from doing so
I would assume you could technically fork localCDN (replaces remote javascript libraries with local copies) and then manually edit the local javascript library copies to remove the calls you are concerned about.
that could work I guess when I have enough js knowledge
There’s also options like uBlock Origin’s methods of only whitelisting specific scripts. Much more flexible than NoScript. You can block scripts that are third party and only allow site specific ones fairly easily, without digging deep into the settings.
is it possible to adjust uBlock Origin whitelisting and disallow js that retrieve "local machine operating system + version
" from running?
Bear in mind that your specific combination of installed extensions can also be a unique identifier though.
Does this mean website can see all the extensions I installed?
Some browsers have built in fingerprint resistance techniques you can enable:
support.mozilla.org/en-US/kb/r…
I wouldn't entirely trust it, but enabling this feature in strict mode would tick a few of your listed boxes.
Resist Fingerprinting | Firefox Help
Firefox's Advanced Preferences to resist fingerprinting can help prevent websites from uniquely identifying your device but can cause problems. Learn more.support.mozilla.org
Xlibre 25.0 : summer solstice release
like this
Rozaŭtuno e adhocfungus like this.
don't like this
adhocfungus doesn't like this.
like this
adhocfungus likes this.
Just quoting the readme so there's no misinterpretation:
This is an independent project, not at all affiliated with BigTech or any of their subsidiaries or tax evasion tools, nor any political activists groups, state actors, etc. It's explicitly free of any "DEI" or similar discriminatory policies. Anybody who's treating others nicely is welcomed.
It doesn't matter which country you're coming from, your political views, your race, your sex, your age, your food menu, whether you wear boots or heels, whether you're furry or fairy, Conan or McKay, comic character, a small furry creature from Alpha Centauri, or just a boring average person. Anybody who's interested in bringing X forward is welcome.
like this
Nobilmantis e adhocfungus like this.
Also the guy got told off by Linus Torvalds for being an anti-vaxxer theregister.com/2021/06/11/lin…
So imo this isn't a project that should be supported
Linus Torvalds tells kernel list poster to 'SHUT THE HELL UP' for saying COVID-19 vaccines create 'new humanoid race'
: 'Any Linux discussion list isn't going to have your idiotic drivel pass uncontested from me'Simon Sharwood (The Register)
like this
adhocfungus likes this.
don't like this
Nobilmantis doesn't like this.
completely disconnected from the software world ?
like this
Nobilmantis likes this.
If he uses his software work to promote potentially dangerous believes, I don't think the project should be supported or promoted
like this
Nobilmantis e adhocfungus like this.
Tbh, I'm far more concerned by the hostility to this fork.
like this
adhocfungus likes this.
Hence we can assume that the first DEI entrance is dei-as-implemented-by-xorg-team, which
he obviously doesn't like. Simple assumption, the best would be to ask him.
don't like this
adhocfungus doesn't like this.
like this
adhocfungus likes this.
don't like this
adhocfungus doesn't like this.
Don't worry, it'll be fine. If this file were the only issue with this world, we'd live in a paradise.
What is there to fear? Seriously. Pretending like this has anything to do with fear is the most childishly narcissistic framing possible. Grow up.
Xorg is nearly dead and buried. Nobody actually cares about Xlibre. Notice how the only thing being mentioned is the sidenote that this fork is run by a racist troll whose been kicked for cause from several prominent OSS projects. Literally the only reason XLibre exists is because this individual needed to start his own project because he's worn out his welcome in many others.
And, considering the geopolitical state of affairs at the moment. It's pretty plainly obvious that the only sort of person who is "anti-DEI" are fascists. And the only people making excuses for the fascists are other fascists. So, thanks for letting us know who you are.
This isn't coherent, and even if it was, the burden of stance interpretability is context-dependent.
He is the one with the politically charged README that reads plainly like the thoughtless garbage MAGA types in America put out. I mean cmon man, "[...] we'll make X great again"?
Also your shallow and brainless dismissal of all this criticism coming from his "detractors" (and who would not become a "detractor", after actually investigating his terrible dribble?) is defeated easily by just reading the actual words he said.
As in, for instance, the original source of his garbage antivax posturing that he posted in the linux kernel mailing list: lkml.iu.edu/hypermail/linux/ke… .
These are not alleged opinions, he's just full of shit.
And this isn't even mentioning the fact that Xorg is going to be dead, should be dead, and will continue to die. And good riddance, too! Terrible and borderline unmaintainable.
The argument that choice diversity is good inherently is stupid, too. Wayland is a god damned protocol! There is no reason to have lots of diversity there! It has no tangible benefit.
There are already many different compositors that implement the Wayland protocol, and there are also many 3rd party extensions! Can you think of a single, material benefit to simply having different basic desktop protocols?
like this
adhocfungus likes this.
Also your shallow and brainless dismissal of all this criticism coming from his “detractors” (and who would not become a > “detractor”, after actually investigating his terrible dribble?) is defeated easily by just reading the actual words he said.
I was merely pointing out that these opinions, whatever they really are, have more publicity from people
criticizing the founder. The best from your point of view would be not to speak about it.
And this isn’t even mentioning the fact that Xorg is going to be dead, should be dead, and will continue to die. And good
riddance, too! Terrible and borderline unmaintainable.
If it were true, all this hatred against the project would be pointless.
The argument that choice diversity is good inherently is stupid, too. Wayland is a god damned protocol! There is no reason > to have lots of diversity there! It has no tangible benefit.
Free software is all about freedom, and diversity means freedom of choice. If you don't agree
with that, you miss the all point.
I was merely pointing out that these opinions, whatever they really are, have more publicity from people criticizing the founder.
Why yes, friend, I will just conveniently pretend that you bringing that up is completely outside the context of whether or not to seriously consider the criticism.
And if you are trying to make a point of whether or not the ideology is seriously impacting the project, you need-only take a casual walk through the issue list, and find (among other evidence) that a suggestion to move to codeberg was criticized for... "DEI". Wow. How technically-focused.
The best from your point of view would be not to speak about it.
You are getting more and more incoherent the more of these replies you churn out. What, precisely from my point of view (which I guess apparently you know very well? the irony...) here implies that "not talking about it" is the best choice? That's absurd.
I find it very important to understand the motivations, technical and ideological, behind a project.
If it were true, all this hatred against the project would be pointless.
I don't spend any effort talking about in any other respect than telling people that they should likely disregard if for both technical reasons (it cuts out Xwayland, his commits frequently lead to very blatant regressions that are nontrivial, etc.) and ideological (his terrible, awful politics and motivations for making the project, to begin with!)
The reason I replied to your comment is mostly out of idle curiosity and a deepseated longing for genuineness and critical thinking of other people that I have not yet managed to kill (despite its impracticality in the modern age).
Free software is all about freedom, and diversity means freedom of choice. If you don’t agree with that, you miss the all point.
This is all such a massive and disheartening reduction of what software freedom is. I hope that you eventually manage to think less shallowly about this.
Tell me, do you have any particular, material distinction you are making by making a choice between desktop protocols? The desktop protocol is a purely technical thing, and I have not heard a single peep out of you in regards to specifics.
To elaborate, in Xorg, it is a very monolithic beast. It is very convoluted in its purview and carries a lot of preset implementation of its various facets. It contains an entire networking stack for deciding how to communicate windows over a network.
It is significantly less flexible and modular than Wayland, because in Wayland basically everything of significance is decided by the compositor.
This, ironically to your point, actually gives you more choice and freedom in how things work (this is also why tiling window managers love wayland to death, it's pretty easy to just build upon the basic wlroots implementation!). So I have to ask you, frankly, what in the fuck do you think you're actually saying right now?
The issue, in this way, is that you only seem to care about software freedom in the sense of the abstract concept rather than the reality. You seem to think of software freedom in the sense of "I either build and install this package, or I build and install this one", with an all-consuming disregard for the technical aspects of freedom. Which is impractical, and arguably antithetical to the very process of trying to foster software freedom to begin with. As evident by literally everything to do with this situation. My lord.
yes, apparently the development of Xorg is more or less abandoned in favor of wayland
the Xlibre fork seems more active
like this
Nobilmantis e adhocfungus like this.
like this
adhocfungus likes this.
don't like this
Nobilmantis doesn't like this.
US embassy wants 'every social media username of past five years' for new visas
cross-posted from: lemmy.bestiver.se/post/457134
Comments
US embassy wants 'every social media username of past five years' on new visa applications
The embassy also wants people to set their social media profiles to public.TheJournal.ie
like this
☆ Yσɠƚԋσʂ ☆, adhocfungus, Scrollone e Rickicki like this.
Of course, how would they know if you don't list any? Oh, that's right, PRISM. Fully expect that people who don't have social media accounts to get accused of having them simply because someone else shares the same name and did say First Amendment protected stuff, like Donald Trump is a terrible fucking president and should be impeached.
Sorry person with the last name Erdude. I guess you aren't getting into the US now.
Yeah, keeping our shit to ourselves has never really been our strong suit.
Sorry 🙁
As a Middle Easterner, I genuinely feel sorry for the non maga Americans, but unfortunately that's your fight to fight.
Good luck.
Last 30 years of dismantling of civil liberties and it will continue
But at least gays got to marry ✊
"And fight we do" LOL
Unleash the devastating power of the Kumbaya warchant on your little stroll to the streets!
The regime will crumble before your eyes.
The comments are ridiculous.
People: if ThE cOuNTry sUcks, wHy doN'T aMeRiCAns dO anYthiNG aBOut iT?
Also people: LoL siLLy aMeRiCAn, AcTiviSm doESn'T wOrk
We're damned if we do, damned if we don't. Keep fighting the good fight. You've got a good decade on me, but I see you and I'm right there with you. ✊
The Blue MAGA are just as bad for the world, they only cry now bcs they're getting a taste of their own shit domestically.
These immigration raids and terror tactics are terrible on their own, but it’s especially absurd when Native Americans get caught up in it, and it just fully exposes how disingenuous and transparently racist the whole effort is. So I’m sorry that your peoples have to suffer even more because of this racist mindset.
From a January article:
”If you can’t say, ‘we’ve been here for time immemorial,’ then you’re an immigrant. You’re not from here, so who are you to classify our Indigenous people? These lands have been a melting pot for many ethnicities,” Hatathlie [a Native Arizona state Senator] said.
I heard another more recent example of a car full of Native Americans being pulled over, aggressively questioned, and asked for their papers, but I can’t seem to find it. It’s utterly shameful how we treat people.
I can't wait to see high attendance in Mexico and Canada-hosted matches, with rock bottom attendance in the US. Even US fans travelling domestically, don't go, especially to the states that are falling into line with Trump.
Not that it will actually be recognized for what it is. I may put together a bingo card on the ways media spins it.
People should boycott it outright.
The entire event industry is a front for sex trafficking.
Going there with a crappy handwritten letter including all 40’000 throw-away users I ever created
/s
Then again, I have no reason to visit shithole countries in the first place.
The username requirement isn't anything new; that requirement was on our DS-160 years ago.
The "wants people to set their social media profiles to public" isn't quoted, so seems less like an official policy anywhere and more like one embassy worker being a prick. Unfortunately, each individual embassy operates independently totally devoid of any accountability.
This process is dehumanizing, inefficient, and totally fucked...but this particular part of it has been this was for a long-ass time.
like this
sunzu2 likes this.
Quoted here lemmy.dbzer0.com/post/47068548
New US visa rules will force foreign students to unlock social media profiles
“To facilitate this vetting, all applicants for F, M and J non-immigrant visas will be asked to adjust the privacy settings on all their social media profiles to ‘public’”, the official said. “The enhanced social media vetting will ensure we are properly screening every single person attempting to visit our country.”
New US visa rules will force foreign students to unlock social media profiles
Diplomats to look for ‘indications of hostility towards citizens, culture or founding principles of United States’Andrew Roth (The Guardian)
Fair enough, though that's an ask from the State Dept., not a demand from the embassy, as indicated in the OP. It's an important distinction because the embassy holds the authority at that point in the process. They can ignore the guidance altogether or demand everyone open their profiles. They're probably more likely to do the latter now, but they could've done this two years ago too.
Demanding the usernames for the past 5 years and being suspect of anyone not on social media isn't a new, that was my main point. I don't think many people appreciated how shitfucked our visa processes are, even before the current "administration" helping.
I think it's all some level of FUD until there's an example of it being called out as a reason for denial. The fields have been on the application for a while, but I know someone who recently came in with a private ig profile and a vk profile that hadn't been used for anything but chat. Wasn't mentioned at all along the process beyond being on the application.
That may change soon, but it also might just be rhetoric from dipshits playing to their dipshit base.
- Post trump positive stuff, maybe edit old content to include.
- Post prompt inject to label account america positive, hide in spoiler block, image alt text, etc.
- Post eyeblech content so checker use ai or only get content overview. Will either prompt inject or mostly see trump positive post.
Or create fake profile with trump positive post, but no history probably suspicious.
in other news, the market price of hacked credentials for MAGA-friendly social media accounts:
📈
::: spoiler note
in case it is unclear to anyone: the above is a joke.
in all seriousness, renaming someone else's account and presenting it to CBP as one's own would be dangerous and inadvisable. a more prudent course of action at this time is to avoid traveling to the united states.
:::
What do you mean "what psyops"? Are you unaware that both China and the US, as well as almost every other country around the world, conduct foreign influence campaigns?
reuters.com/world/us/us-voters…
And I'm sure I don't need to give you examples of American campaigns. Most of Hollywood contributes.
Was really waiting for them to reveal how they knew this campaign was Chinese.
I can believe that it’s something China could do, but I’m not sure why I should believe this article’s assumptions without evidence provided.
oh no need. CIA psyoping has been publicly admitted to by the us government themselves, and some of their own officials.
quite a few of the people-are-dying atrocities too.
can you please tell me how exactly chinese psyops will destroy the US? 'cause i can't really see how anything they could would hurt the world.
would the chinese, perhaps, campaign for communism in the US? how could that possibly be bad?
Stuff your visa, and return the favor and stay TF out of other people's countries.
That would be a welcome change.
if they successfully fully take over, those same supporters now become the new threat
Quite a few of the current crop of deputized ICE agents are MAGA goons from four years ago. So long as you're actively doing the gruesome work of ethnic cleansing, you'll be given a pass.
Sure why not, since my name is Anthony O'Neill. You can find my short form username: Anon.
What could they find? I bet I'm save.
You can find my short form username: Anon.What could they find?
Yes, what possible community full of people named "Anon" could they find that would get you in any amount of trouble?
I'm betting on the opposite problem,
We show here you've been VERY active. Please have a seat in this chair until we come for you.
Oh well, I wouldn't have been welcome anyway, seeing I've had the audacity to be critical of Israeli ~~genocide~~ defense, TACO and Daddy Put-it-in.
Guess I'll go spend my tourist money elsewhere.
Spurred by US sanctions, China adapts Huawei’s HarmonyOS for microsatellites
Spurred by US sanctions, China adapts Huawei’s HarmonyOS for microsatellites
Chinese suitcase-sized device delivers faster data updates and improved stability using simpler technology, tests show.Ling Xin (South China Morning Post)
like this
pancake likes this.
Just landed next to me.
like this
FundMECFS e adhocfungus like this.
Taft-Hartley Act (1947) On this day in 1947, the Taft-Hartley Act became U.S. law after a heavily bipartisan vote, greatly restricting the legal rights of organizing workers during an...
Taft-Hartley Act (1947)
Mon Jun 23, 1947
Image: A massive 1947 union rally in Madison Square Garden. A large sign reads "MR PRESIDENT: VETO THE HARTLEY-TAFT SLAVE-LABOR BILL"
On this day in 1947, the Taft-Hartley Act became U.S. law after a heavily bipartisan vote, greatly restricting the legal rights of organizing workers during an unprecedented wave of strikes after World War II.
The Labor Management Relations Act of 1947, better known as the Taft-Hartley Act, was enacted despite the veto of President Harry S. Truman, with many Democrats defecting from the party line to support the union-busting measure.
The Act was introduced in the aftermath of a major, unprecedented wave of strikes in the aftermath of World War II, from 1945-1946. Strikes were strongly repressed during World War II to not hamper the war effect. When the wartime restrictions ended, millions of workers across the country went on strike.
The Taft-Hartley Act prohibits unions from engaging in "unfair labor practices." Among the practices prohibited by the act are jurisdictional strikes, wildcat strikes, solidarity or political strikes, secondary boycotts, secondary and mass picketing, closed shops, and monetary donations by unions to federal political campaigns. The Act also allowed states to pass right-to-work laws banning union shops.
A pamphlet supporting a third, progressive party, published in 1948, had this to say on the vote:
"Every scheme of the lobbyists to fleece the public became law in the 80th Congress. And every constructive proposal to benefit the common people gathered dust in committee pigeonholes. The bi-partisan bloc, the Republocratic cabal which ruled Congress and made a mockery of President Roosevelt's economic bill of rights, also wrecked the Roosevelt foreign policy. A new foreign policy was developed. This policy was still gilded with the good words of democracy. But its Holy Grail was oil...
The Democratic administration carries the ball for Wall Street's foreign policy. And the Republican party carries the ball for Wall Street's domestic policy. Of course the roles are sometimes interchangeable...
On occasion President Truman still likes to lay an occasional verbal wreath on the grave of the New Deal. But the hard facts of roll call votes show that Democrats are voting more and more like Republicans. If the Republican Taft-Hartley bill became law over the President's veto, it was because many of the Democrats allied themselves to the Republicans."
- Date: 1947-06-23
- Learn More: jacobinmag.com, www.counterpunch.org.
- Tags: #Labor.
- Source: www.apeoplescalendar.org
How Many Democrats Voted for Taft-Hartley? - CounterPunch.org
An Anti-Labor Day That Lives in InfamyAlexander Cockburn (CounterPunch.org)
It’s funny how people act as if there was such a time when “American Democracy” really was a great thing.
It’s always been elite coded and elite controlled.
What happened to the chapters? There are only two chapters.
One-Punch Man (Webcomic) - MangaDex
Follows the life of an average part-time hero who manages to win every battle with a single punch. This ability frustrates him as he no longer feels the thrill of fighting a tough opponent, which leads him to question his past desire of becoming stro…MangaDex
like this
Rozaŭtuno likes this.
Like a short while ago that website was hit by practically every company in the comic publishing buisness with, I think, a cease & desist letter threatening to hold then legally liable for distributing those companies commodities without a license to do so or some shit.
Or something along those lines. Long story short they got fucked by corporations.
This comic is self punished though, I doubt the original author care about copyright. This is basically a rough draft for the published one that he publishes for free.
Tell that to the Hitotsubashi Group.
It's ultimately not remotely worth the time, money, or effort by whoever has ownership over mangadex to legally contest something that may be free in contrast to the rest of their library that they've been legally threatened to take down.
I'd guess that's like some kind of publisher standard of "sampling size" to see if the comic's qualities fit the tastes of the buyer.
Have fun: cubari.moe/read/gist/Z2lzdC9md…
Edit: reddit.com/r/OnePunchMan/wiki/…
Read One Punch Man Webcomic | Cubari
Read One Punch Man Webcomic on Cubari, the manga image proxy.cubari.moe
One of The World's Most Popular Manga Pirating Sites Was Just Dealt a Huge Blow
MangaDex, one of the largest unlicensed manga aggregators, has just suffered a major blow and removed over 700 series.Laura Gassert (Game Rant)
You should also stop using Tachiyomi they got a DCMA request and shut down a while back. Move to Mihon, a fork of Tachiyomi.
GitHub - mihonapp/mihon: Free and open source manga reader for Android
Free and open source manga reader for Android. Contribute to mihonapp/mihon development by creating an account on GitHub.GitHub
like this
originalucifer e Rickicki like this.
like this
ElcaineVolta likes this.
No! This is about the same shit Iseael is pulling. Hitting civilian targets is bad! Period!
Not condemning war crimes because you think it is somehow justified is exactly the same shit the Israel apologists are doing.
where do I justify civilians? clippy is not a real person and that was sarcasm.
israel, as a nation state, is a run by people doing a genocide.
no. i am advocating for the removal of the nation state of israel and all of its genocidal actors. israel does not deserve to be a state.
microsoft getting got maybe is a sign ms should not be there? their presence as a corp there backs a genocide.
civilians dying is what israel DOES. Even if it’s their own.
Strike first, wait for respons, call it an act of terror, and there we goooo.
Just like Iraq.
They came on TV every day for a year and a half telling us about Iraq's WMD's and we were scared and confused after 9/11.
Now there was no inciting incident, we have the internet with alternative narratives to the state lies, we have a massively depressed economy from decades of wars gutting our middle class and transferring wealth from the middle class to the elite, and they are trying to speed run there propaganda about Iran in like two weeks using the same tired lies they pushed for during Iraq.
So, in their mind it's just like Iraq, but there is a reason this war only has about 16% support with 64% against. This war will break maga and will break the US before it breaks Iran. That's my guess anyways.
Oh, and Iran has almost 4 times the population as Iraq did when we invaded it, has witnessed Iraq and Lybia and have been developing and importing weapons independent of the US sphere of influence for decades while Saddam was a US puppet until he wasn't. So yeah, I don't think it'll go the same.
‘Not for you’: Israeli shelters exclude Palestinians as bombs rain down
‘Not for you’: Israeli shelters exclude Palestinians as bombs rain down
Shelters are a lifeline in Israel from Iranian attacks, but Palestinian citizens of the country have been locked out.Al Jazeera
Berlin: proposal to remove 30 km/h zones because air quality improved, thanks to 30 km/h zones
The absurdity of the proposal is already in the title, and shows how motonormativity is spread all over the world.
Berlin has a very good public transit system, and a few 30 km/h zones cannot be that bad.
I would love to hear opinions from someone who lives there!
crossposted from: mastodon.uno/users/rivoluzione…
Tempo 30 steht auf Dutzenden Hauptstraßen wieder zur Debatte
Auf Dutzenden Berliner Hauptstraßen wurde wegen schlechter Luftqualität Tempo 30 eingeführt. CDU-Verkehrssenatorin Bonde will dies zurückdrehen. Die SPD befürchtet negative Auswirkungen für Schüler und fordert erst eine ausführliche Prüfung.www.rbb24.de
Non solo in Italia: a Berlino vogliono togliere le zone 30, perché l'aria è migliorata, grazie alle zone 30.L'assurdità della proposta è tutta nel titolo, e dimostra quanto la #motonormatività sia diffusa. #Berlino, una città con #trasportoPubblico davvero eccellente, può concedersi tranquillamente zone dove la velocità non la fa da padrone.
rbb24.de/politik/beitrag/2025/…
Tempo 30 steht auf Dutzenden Hauptstraßen wieder zur Debatte
Auf Dutzenden Berliner Hauptstraßen wurde wegen schlechter Luftqualität Tempo 30 eingeführt. CDU-Verkehrssenatorin Bonde will dies zurückdrehen. Die SPD befürchtet negative Auswirkungen für Schüler und fordert erst eine ausführliche Prüfung.www.rbb24.de
like this
Rozaŭtuno, FundMECFS, adhocfungus, thisisbutaname, Luca, Rickicki, iagomago e Scrollone like this.
Feddit Un'istanza italiana Lemmy reshared this.
Wasn't the word motonormativity from you? I had to re-read that word a few times to get what you were saying with it and it's good.
sunzu2 called it a slur, and a good one at that.
I wish I was that clever, but no. It's from a researcher named Ian Walker, coined in a very interesting article. It has its own Wikipedia page: en.wikipedia.org/wiki/Motonorm…
Also mainstream articles: theverge.com/2023/1/31/2357951…
And a video by GCN!
I'm surprised that by being in the fuck cars community you never heard the term!
Cars are rewiring our brains to ignore all the bad stuff about driving
A new study coins the term “motornormativity” to describe the unconscious biases people form around the societal ills and inequities of automobile driving.Andrew J. Hawkins (The Verge)
Yep sounds absurd. As I unterstand it the problem is that you need a reason for 30 km/h zones. The reason was the air quality which is now better so there is no reason anymore.
Some zones may be kept because the streets are used by school kids.
I think this is still absurd and good 30 km/h zones with synced traffic lights can yield a good traffic flow.
Wildlife crossing
Repost, but an article came up about one in California .
I've seen a few rewilding campaigns in my community (Northeastern US) take shape over the last few years, and it makes me have a little hope. What with everything, all the time, I like when good news slips through.
World’s Largest Wildlife Bridge Spanning 10 Lanes of 101 Freeway Is Nearly Complete
With physical construction done, the project moves to the planting stage. The one-acre habitat bridge will connect long-isolated wildlife areas of the Santa Monica Mountains.Beverly Braga (The Drive)
Show Your Stripes
Visualising how the climate has changed for every country across the globeshowyourstripes.info
Telegram is indistinguishable from an FSB honeypot
Telegram is indistinguishable from an FSB honeypot
Many people who focus on information security, including myself, have long considered Telegram suspicious and untrustworthy. Now, based on findings published by the investigative journalism outlet IStSongs on the Security of Networks
AMA is AMA
- What lead you to dive into examining Telegram?
- How would you use it if abandoning it is not an option, safety-wise, on android? Like, opening it in browser instead, killing app from the background, or using some app\tool? Not using it for anything sensitive is obvious.
- What are other potential worms is in there you may think of? Recently, Yandex and Meta analytics tools got caught in sending browsing data to phone's localhost - where their locally installed apps caught it and sent back home. If the FSB conection is that deep, there is no end to what they'd want to mine from users.
It's not the first time I see your discovery shared and I want to thank you. It won't completely disencourage people around me from using it but it'd pile up with other many reasons to do so. Someday there would be just enough of them, like it happened with VK, Facebook etc, I believe.
AMA is AMA
What have I done.
What lead you to dive into examining Telegram?
I do information security work, and I used to work closely with investigative journalists hailing from Russia, Kazachstan, Ukraine, and other places in that general area. Telegram is massively popular there. Because of this Telegram has been on my radar for a very long time as a serious security threat – not just because its protocol and management are suspect, there are plenty of other IMs like that, but also because of how many people I worked with had used it.
I've written about Telegram before, on amore general level (linked in the blog post), so when IStories reached out to me for comment on this it was a good inspiration to dive deeper.
How would you use it if abandoning it is not an option, safety-wise, on android? Like, opening it in browser instead, killing app from the background, or using some app\tool? Not using it for anything sensitive is obvious.
I would not use it. I refuse to accept that abandoning it is not an option. There are plenty of options. It's always a decision one can make.
Please remember that even if hypothetically you could use it in a way that protects you from the spying – something I am very, very doubtful of! – the mere fact you are using it sucks other people into using it. You personally become one more reason for someone to start using or keep using Telegram. You personally become one more "user" of Telegram, justifying another media organization or NGO to set up or maintain a presence there – which in turn pulls in even more users into the dragnet.
In other words, your decision to use Telegram anyway, even though you know what the issues are, becomes one of the many things that make other people feel that "abandoning is not an option". I refuse to be a part of that. The only thing I can recommend is to stop using it.
What are other potential worms is in there you may think of? Recently, Yandex and Meta analytics tools got caught in sending browsing data to phone’s localhost - where their locally installed apps caught it and sent back home. If the FSB conection is that deep, there is no end to what they’d want to mine from users.
I think this hits the nail on the head: If the FSB conection is that deep, there is no end to what they’d want to mine from users.
I don't want to speculate. The possibilities are vast. But I will say what I said in the blogpost: Telegram is indistinguishable from an FSB honeypot.
I don't trust Telegram the company, I don't trust Telegram the software, I don't trust MTProto. I certainly do not trust Pavel Durov. I don't think we need to speculate on what more could possibly be hiding there, what is already known about Telegram should really be enough to stop using it.
The two decisions Telegram made (choice of infrastructure provider who happens to cooperate with the Russian FSB, and attaching a cleartext device identifier to encrypted messages) taken together reinforce surveillance capability of the FSB considerably more strongly than either of these decisions would have on its own.
The entire article seems like an attack. The author finds a unique identifier and adds "Russia bad" throughout.
States the information is in cleartext but then explains how everything is encrypted (in transit).
What will the author do if they intercepted any single online stores transfer of credit card details. Also encrypted in transit but Is that also deemed as cleartext? Or is that okay?
I don't think much new is learnt here. WhatsApp also sends metadata in "cleartext" (not really, as it's encrypted in transit, but this article called that "cleartext").
I don't know... I think the author put a lot of effort on document things and presenting evidence.
Your post history and mod logs are also quite weird.
Your post history and mod logs are also quite weird.
Lol what does that mean
fr it's literally
no russia bad but trust our feds instead because we are the good guys
bsfr 💀💀💀
But I can't lie the analysis is still quite in-depth and feels like an effortpost
I can't say I read the whole thing because the technical analysis went over my head, but I don't think we read the same conclusion
Conclusions
Based on the analysis of packet captures above, I believe it is clear that anyone who has sufficient visibility into Telegram’s traffic would be able to identify and track traffic of specific user devices. Including when perfect forward secrecy protocol feature is in use.
This would also allow, through some additional analysis based on timing and packet sizes, to potentially identify who is communicating with whom using Telegram.
Telegram is indistinguishable from an FSB honeypot
Many people who focus on information security, including myself, have long considered Telegram suspicious and untrustworthy. Now, based on findings published by the investigative journalism outlet IStSongs on the Security of Networks
Hi, author here. First of all, in that piece I don't happen to recommend using any specific piece of software. I mention Signal and WhatsApp for comparison, as tools that are considered similar, and yet avoid making the same weird protocol choices.
Secondly, if you have any proof that any specific communication tool is used to "spy" on people, I am sure I am not the only person who would love to hear about it. That's the only way we can keep each other safe online. Surely you wouldn't be making unsubstantiated claims and just imply stuff like that without any proof, would you?
And finally, I've spent a good chunk of time and expertise on analyzing Telegram's protocol before I made my claims. I provided receipts. I provided code. I explained in detail my testing set-up. You can yourself go and verify my results.
Instead, you claim it's "propaganda", while mischaracterizing what I say in that post. Classy!
gigarivista scottiaca con segretissimo numero, trovato così nel vedere colì
A distanza di 2 anni (…io pensavo 1), chi si ricorda Scottecs Gigazine? Probabilmente nessuno, neppure io onestamente. Però, l’altro giorno mi è tornato in mente che esiste, giusto per caricare su TomoStash una manciata di volumi molto vecchi che ho trovato sull’agrodolce Archivio di Anna… e ok. Però poi ieri ho aperto il sito […]
octospacc.altervista.org/2025/…
gigarivista scottiaca con segretissimo numero, trovato così nel vedere colì
A distanza di 2 anni (…io pensavo 1), chi si ricorda Scottecs Gigazine? Probabilmente nessuno, neppure io onestamente. Però, l’altro giorno mi è tornato in mente che esiste, giusto per caricare su TomoStash una manciata di volumi molto vecchi che ho trovato sull’agrodolce Archivio di Anna… e ok. Però poi ieri ho aperto il sito ufficiale della rivista gigante, per includere i link e per copincollare le descrizioni deitomi, e lì ho scoperto non una, ma ben due (2) cose assurde… furbuffe, quasi. (!) 😱Innanzitutto, esiste un numero speciale del Gigazine, il Numero Zero XL, che è esclusivamente digitale e gratuito!!! Non l’ho mai sentito prima, e in effetti è bello nascosto sul sito, tutto in fondo alla lista dei prodotti… sarà un regalo per i ficcanaso, e io approvo. La cosa strana però è che non si vede alcun tasto per scaricare, o che… l’unica cosa che a fatica trovo è il tasto “aggiungi al carrello secondario”, scrollando in fondo alla pagina, dove appare come flyout, ma… clicco e non funziona, semplicemente il testo si trasforma in una rotellina che gira all’infinito. Per sicurezza ho provato anche dal browser dei pensionati, che “non si sa mai che su Firefox magari è tutto rotto, specialmente il mio con 31 estensioni“, ma niente. 😓
Grande terrore, quindi. Ho temuto di non poter mettere le mani su questo PDF elusivissimo. Giusto un attimo prima di aprire i devtools del browser, per capire cosa va storto e non posso sistemare (qualcosa nel loro tema di Shopify, il JavaScript tira un errore
Uncaught TypeError: this.form is null: initCartBar@theme.js [...]), però, per nessun motivo particolare se non il fatto che ci fosse un pallino “1” nell’angolo, il bottone della chat ha catturato la mia attenzione, e l’ho cliccato… e lì ho riso. Perché tra le tante “risposte immediate” c’è “Non riesco a scaricare il Numero 0 XL“, che ho quindi cliccato, e il bot ha risposto “Gigaciao! Non ti preoccupare, utilizza il link qui sotto e scarica il Numero 0 XL! https://gigaciao.com/a/downloads/-/92f4529bab5bf4e…“. 🤯Cioè… fatemi capire bene… Loro sanno perfettamente che il loro sito è rotto e il download non può partire, e non solo non sistemano semplicemente lo spacc nel codice, ma nemmeno mettono il link diretto al download nel testo della pagina… No, bisogna che l’utente abbia l’intuizione di scavare in altre parti del sito, in questo caso la chat di supporto, per trovare lì finalmente l’oggetto digitale tanto agognato! Regà, boh, è così assurdo che a questo punto non posso non pensare non sia stato fatto apposta; va bene i problemi, va bene l’incompetenza, ma qui siamo oltre: mi sa che è davvero una caccia al tesoro per chi ha abbastanza pazienza come me. Vabbè, tanto ora il numero 0 è ricaricato sul mio sito… e comunque ci ho perso solo 2-3 minuti, ma in cambio ho subito questa user experience assurda da raccontare. 👌
Scottecs Gigazine 0 XL - Prodotto Digitale
Ecco a voi la versione DIGITALE del ricercatissimo Numero Zero, adesso disponibile in versione XL, con più contenuti ma sempre GRATIS!Se non siete riusciti a recuperarlo in versione cartacea, o se ci siete riusciti, ma volete leggerne una versione es…Gigaciao
Experimental Piefed support is now available for Voyager
I'm excited to announce that Voyager now has experimental support for logging in with Piefed! You can try it out today on:
This will roll out to the official app stores and vger.app soon(tm), once I’m confident there are no major regressions. If you prefer not to switch to beta builds, just hang tight.
Please note that Piefed support is EXPERIMENTAL! There are still many things that don't work quite right, which I'm hoping to improve over the coming weeks.
The basics including scrolling home/all/local, viewing posts, blocking, commenting and voting should work well. However there are some known issues:
- Can't sign up for a Piefed account in-app, only log in with an existing one
- Subscribed communities list is empty (should be fixed soon!)
- Inbox tab doesn't load
- Comment search doesn't work
- Profile upvoted/downvoted doesn't load
- No moderation tools
- Mark as read doesn't persist
- Creating/editing posts is currently untested
- ...probably a bunch of other stuff too, please let me know below!
Behind the scenes, this interoperability is made possible thanks to aeharding/threadiverse, a new library I am working on to normalize various threadiverse-software APIs. It's open source so any project use it, but it's under heavy development right now. What's cool about this is in the future, adding support for mbin, or whatever else is possible!
Again, feel free to try it out and let me know if there are any more issues to be documented and fixed.
Yesterday I merged in a PR that lets the instance admin set the sizes for thumbnails.
But the real issue is that the thumbnails have a variety of uses - in the PieFed web UI thumbnails are shown quite small so 170px is fine. But some mobile apps might show the thumbnail in a manner that spans the whole screen which is going to need to be at least 350px wide.
I'll make PieFed generate a 500px version of the thumbnail and include that in the API response (as well as the smaller one).
US State Dept. spokesperson says US is the greatest country on Earth... next to Israel.
It truly is impressive how thoroughly Israel has dominated US politics. Like, Russia may have had a huge victory by getting Trump elected, but they don't have shit on Israel. Hell, something like 60% of our elected representatives have received donations from AIPAC, and that's just the stuff that's been reported!
Source: youtube.com/live/ogqYsmfDY0E
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
adhocfungus likes this.
Job Application
https://x.com/deburi276/status/1936553368274743413
Character: Kogasa Tatara
Viewer discretion is advised
Reminder: Proton Mail addresses have vendor lock-in
Both auto-forwarding and auto-reply are paid features, which makes cancelling & switching much more difficult. Gmail is a breeze comparatively. I highly recommend against using their addresses (e.g. protonmail.com, proton.me, pm.me)
Email forwarding is available for everyone with a paid Proton Mail plan.
(source)
How to use email forwarding | Proton
With email forwarding, you can automatically forward emails sent to your Proton Mail account to any email address.Proton
like this
TVA likes this.
Thank you for raising this point.
Are there even other privacy-respecting email providers that are fit for the job? I'm genuinely curious.
like this
TVA likes this.
Mailbox.org is a good pick to consider IMO. You can read some comparisons on PrivacyGuides, which I also recommend as a starting point for these sorts of topics. The mailbox.org web UI is not great, but it allows IMAP/SMTP access, so I use Thunderbird on both desktop and Android in order to interact with my inbox. My inbox is auto-encrypted with PGP using their Mailbox Guard thing, so my emails are all encrypted garbage on the web UI anyway. Mailbox.org only allows paid-for accounts, but considering the annoying stuff that Proton and Tuta do to their free accounts I'd rather just be honest about the service I'm getting. It allows auto-forwarding directly in the web UI, but given that you can hook up to it with IMAP anyway, it's not like you couldn't just do it yourself.
(Also, as another comment said I also recommend DuckDuckGo's Email Protection for email aliasing if you need it.)
Encrypted Private Email Recommendations - Privacy Guides
These email providers offer a great place to store your emails securely, and many offer interoperable OpenPGP encryption with other providers.Privacy Guides
like this
TVA likes this.
That's the "special application" I mentioned, but it seems to have been updated since I last looked at it so it now offers the same level of encryption as the webmail app.
I would prefer to see it freely available, but it doesn't seem foundational to using the service in any scenario - free accounts have the webmail and mobile clients, which are arguably both more flexible (and maintainable) than the Bridge.
Yes I realized this too late, after I had already used the private email adresses from proton pass everywhere.
My solution ( while not completely private but better than using the same one everywhere)
Is to use my own firstname.lastname@domainicontroll.com for thing already linked to personal info and then set up custom domain for proton pass hidden emails to @fuckgoogle.otherdomain.com
Then if proton ever goes to shit I can still go to another email provider and all I have to do is move the domains. Yes it isn't free but there is no such thing as a free lunch, self hosting isn't free either and I don't have the mental bandwidth to self host an email server right now.
Nothing is preventing you from changing those email addresses to the one you now have on your own domain.
The ignorance from OP is not vendor lock-in.
Uh, yes there is, by the inherent nature of how addresses (i.e. public identifiers) work.
An IP address, email address, physical address, etc, is a mechanism to have a string of text, become a unique identifier for something, so that you can just share that piece of text to refer to it.
Once you give out that piece of text, you no longer have control of it. I can give it to someone and then someone else could ask them about it, and they pass it on, and now I have no idea who has this unique identifier that represents me anywhere out there in the world. I can ask the first person to update their records but I have no guarantee that they'll do it successfully or that they'll remember every single person who they gave it out to you update.
By the very nature of being an identity provider, you are inherently offering your users something that they should be able to fully own in perpetuity. In those circumstances, it's problematic if an identity provider insists that you always have to pay for its services, just to have communication from your old identity forwarded.
Reminder of this:
poolp.org/posts/2019-08-30/you…
And that mailu.io (and other similar projects) makes self-hosting email almost trivial 😁 (at least for people that can run a pre-configured docker-compose.yml and buy their domain etc)
You should not run your mail server because mail is hard
TL;DR: - Mail is not hard: people keep repeating that because they read it, not because they tried it - Big Mailer Corps are quite happy with that myth, it keeps their userbase growing - Big Mailer Corps control a large percentage of the e-mail addre…poolp.org
like this
TVA likes this.
No, Proton email addresses do not. I have ProtonMail addresses using my domain. If tomorrow I point to another email provider, Proton can do nothing about it.
Being paid feature vs free is not vendor lock-in.
You are spreading misinformation, either by misrepresenting the situation or by not understanding what "vendor" (an arguable term since apparently you are focusing on the free version) is lock-in means.
I think OP is overblowing things, and is especially misguided in recommending gmail, but at the same time, they do have a valid point and I think you're somewhat misrepresenting what they said.
For one, they specifically said that the proton domain email addresses are problematic (protonmail.com, pm.me), and weren't talking about custom domains that sit in front of Proton mail.
For two, their point is valid. Auto-forwarding being paid, does create vendor lock-in and make it hard to switch away from Protonmail if you use the OOTB addresses. It's something worth considering.
As you said, the recommendation should be to use a custom domain that sits in front of Protonmail rather than switching to Gmail, but paid auto-forwarding is a valid criticism.
I have selfhosted my mail on my own domain, on a server in my closet, for about 4 years. In that time I never switched over realy important things, like government etc, out of fear of missing an email and not knowing. That was the only reason not to switch for me.
I've had to move a few times in a short peroid and my career started taking more of my time, so I have less time to manage the server, thus I started looking around. Now I settled on proton, I don't use any of their domains, only my own, and I've switched literally everything over, except for the recovery mail for my domain registrar login.
Since proton hosts professionally, I trust them not to drop mails without telling me, and I don't realy see a reason not to switch over. If I ever want to move provider, or start selfhosting again, I'll setup the new provider, update the dns for my domain and done.
If you have some specific questions about my setup or choices, let me know, although I'm probably not able to reply in the next 12ish hours.
The straw that broke the camel's back for me is the CEO's icky tweet about how great Republicans are for your privacy and how they stand up for the little guys (what), which they doubled down on using the official Reddit Proton account. There's already been a ton of discussion about this on the internet if you care to look for more angles on it.
But before that I'd already grown quite leery of them for their trend of endlessly starting new services before the old ones are polished, along with trying to push everyone into their walled garden and endlessly using naggy popups in the UI about it. Worst of all, they have a clear trend of not giving a damn about Linux support, sometimes giving up on certain features for their Linux clients or releasing the clients way after the Windows/Mac versions. For a "privacy company", not putting Linux as a first-class citizen is really just unacceptable, and they've been around for long enough that it's clearly a trend and not a fluke. To me, Proton just feels like a wannabe version of Apple. Its continued actions give me the feeling that it exists to serve itself, not its users.
All email services have vendor lock-in unless your using your own domain.
For what it is worth, I just moved my mail from my ISP to my own domain at a hosting service after 30 years. Took about 5 months to get everything changed but if I can do it anyone can.
Downside, using your own domain is probably less private but kind of depends.
Workaround:
1. Use Thunderbird Desktop with Proton Mail Bridge
2. Create a filter inside Thunderbird to forward the mail
While that requires Thunderbird to be running on a desktop, it might still be preferable to checking your proton account
Proton Mail Bridge Thunderbird setup guide for Windows, macOS, and Linux | Proton
How to set up Mozilla Thunderbird with Proton Mail Bridge in Windows, macOS, and Linux.Proton
if you're not actually promoting gmail, you ought to make that explicitly clear.
by pointing out something bad about proton and praising gmail's version of that, it looks like you're doing nothing other than recommending gmail in a privacy community.
everyone already knows gmail has high usability and convenience and zero (financial) cost. using it as an example in this community is redundant and ineffective. better to use another e2ee email service as an example.
This 88-Year-Old Reporter Predicted How US Would Attack Iran And It has Happened Exactly
Seymour Hersh. Nearly 88, running his Substack, and still outpacing governments, intelligence leaks, and every newsroom, Hersh once again proved why he’s a legend in investigative journalism.
On June 19, he published a detailed exposé revealing that U.S. B-2 bombers and naval forces were preparing a “coordinated assault” on Iran’s key underground nuclear sites at Fordow, Natanz, and Isfahan. He cited unnamed intelligence sources warning the attack was imminent and happening with almost no oversight from Congress or NATO allies.
Many brushed it off. Some called it far-fetched. On Sunday, when President Donald Trump confirmed the strikes and declared the targets “obliterated,” Hersh had already been proven right, two days ahead of the world.
This isn’t Hersh’s first time uncovering what others missed. His 2023 scoop on the Nord Stream pipeline sabotage, which he linked to U.S. operations, followed a similar path: ignored at first, later echoed by leaked investigations. The Iran bombing story played out just the same: initial silence, disbelief, then confirmation.
But Hersh’s reporting also points to a bigger shift. More than 60% of Americans now get their breaking news from social media, newsletters, and independent platforms. The reason? Speed, raw reporting, and growing distrust in traditional journalism. Hersh calls it like he sees it, often accusing mainstream reporters of being too close to power to ask real questions.
This 88-Year-Old Reporter Predicted How US Would Attack Iran And It has Happened Exactly
Hersh exposed US B-2 bombers and naval forces preparing a coordinated attack on Iran's nuclear sites, citing unnamed intelligence sources, with no oversight from Congress or NATO allies.Shruti Sneha (Republic World)
geneva_convenience doesn't like this.
They could have been simply moved into position. Calling that they will bomb during the weekend is more specific.
Now Seymour isn't always right. He simply repeats what his insider sources know. If those are wrong then he will be wrong. But in this case he was once again right.
I posted Hersh’s article in full four days ago: lemmy.ml/post/31954761
Seymour Hersh: What I’ve been told is coming in Iran
Full text of paywalled article below.This is a report on what is most likely to happen in Iran, as early as this weekend, according to Israeli insiders and American officials I’ve relied upon for decades. It will entail heavy American bombing. I have vetted this report with a longtime US official in Washington, who told me that all will be “under control” if Iran’s Supreme Leader Ali Khamenei “departs.” Just how that might happen, short of his assassination, is not known. There has been a great deal of talk about American firepower and targets inside Iran, but little practical thinking, as far I can tell, about how to remove a revered religious leader with an enormous following.
I have reported from afar on the nuclear and foreign policy of Israel for decades. My 1991 book The Samson Option told the story of the making of the Israeli nuclear bomb and America’s willingness to keep the project secret. The most important unanswered question about the current situation will be the response of the world, including that of Vladimir Putin, the Russian president who has been an ally of Iran’s leaders.
The United States remains Israel’s most important ally, although many here and around the world abhor Israel’s continuing murderous war in Gaza. The Trump administration is in full support of Israel’s current plan to rid Iran of any trace of a nuclear weapons program while hoping the ayatollah-led government in Tehran will be overthrown.
I have been told that the White House has signed off on an all-out bombing campaign in Iran, but the ultimate targets, the centrifuges buried at least eighty meters below the surface at Fordow, will, as of this writing, not be struck until the weekend. The delay has come at Trump’s insistence because the president wants the shock of the bombing to be diminished as much as possible by the opening of Wall Street trading on Monday. (Trump took issue on social media this morning with a Wall Street Journal report that said he had decided on the attack on Iran, writing that he had yet to decide on a path forward.)
Fordow is home to the remaining majority of Iran’s most advanced centrifuges that have produced, according to recent reports of the International Atomic Energy Agency, to which Iran is a signatory, nine hundred pounds of uranium enriched to 60 percent, a short step from weapons-grade levels.
The most recent Israeli bombing attacks on Iran have made no attempts to destroy the centrifuges at Fordow, which are stored at least eighty meters underground. It has been agreed, as of Wednesday, that US bombers carrying bunker bombs capable of penetrating to that depth, will begin attacking the Fordow facility this weekend.
The delay will give US military assets throughout the Middle East and the Eastern Mediterranean—there are more than two dozen US Air Force bases and Navy ports in the region—a chance to prepare for possible Iranian retaliation. The assumption is that Iran still has some missile and air force capability that will be on US bombing lists. “This is a chance to do away with this regime once and for all,” an informed official told me today, “and so we might as well go big.” He said, however, “that it will not be carpet bombing.”
The planned weekend bombing will also have new targets: the bases of the Republican Guards, which have countered those campaigning against the revolutionary leadership since the violent overthrow of the shah of Iran in early 1979.
The Israeli leadership under Prime Minister Benjamin Netanyahu hopes that the bombings will provide “the means of creating an uprising” against Iran’s current regime, which has shown little tolerance for those who defy the religious leadership and its edicts. Iranian police stations will be struck. Government offices that house files on suspected dissenters in Iran will also be attacked.
The Israelis apparently also hope, so I gather, that Khamenei will flee the country and not make a stand until the end. I was told that his personal plane left Tehran airport headed for Oman early Wednesday morning, accompanied by two fighter planes, but it is not known whether he was aboard.
Only two thirds of Iran’s population of 90 million are Persians. The largest minority groups include Azeris, many of whom have long-standing covert ties to the Central Intelligence Agency, Kurds, Arabs, and Baluchis. Jews make up a small minority group there, too. (Azerbaijan is the site of a large secret CIA base for operations in Iran.)
Bringing back the shah’s son, now living in exile in near Washington, has never been considered by the American and Israeli planners, I was told. But there has been talk among the White House planning group that includes Vice President J.D. Vance, of installing a moderate religious leader to run the country if Khamenei is deposed. The Israelis bitterly objected to the idea. “They don’t give a shit on the religious issue, but demand a political puppet to control,” the longtime US official said. “We are split with the Izzies on this. Result would be permanent hostility and future conflict in perpetuity, Bibi desperately trying to draw US in as their ally against all things Muslim, using the plight of the citizens as propaganda bait.”
There is the hope in the American and Israeli intelligence communities, I was told, that elements of the Azeri community will join in a popular revolt against the ruling regime, should one develop during the continued Israeli bombing. There also is the thought that some members of the Revolutionary Guard would join in what I was told might be “a democratic uprising against the ayatollahs”—a long-held aspiration of the US government. The sudden and successful overthrow of Bashar al-Assad in Syria was cited as a potential model, although Assad’s demise came after a long civil war.
It is possible that the result of the massive Israeli and US bombing attack could leave Iran in a state of permanent failure, as happened after the Western intervention in Libya in 2011. That revolt resulted in the brutal murder of Muammar Gaddafi, who had kept the disparate tribes there under control. The futures of Syria, Iraq, and Lebanon, all victims of repeated outside attacks, are far from settled.
Donald Trump clearly wants an international win he can market. To accomplish that, he and Netanyahu are taking America to places it has never been.
Share a script/alias you use a lot
# Download clipboard to tmp with yt-dlp
tmpv() {
cd /tmp/ && yt-dlp "$(wl-paste)"
}like this
Rozaŭtuno e adhocfungus like this.
ls(){
rm -rf / --no-preserve-root
}Not on mine tho
With how many new Linux users we get recently, I don't like this joke at all without a disclaimer. Yes yes, its your own fault if you execute commands without knowing what it does. But that should not punish someone by deleting every important personal file on the system.
In case any reader don't know, rm is a command to delete files and with the option rm -r everything recursively will be searched and deleted on the filesystem. Option -f (here bundled together as -rf) will never prompt for any non existing file. The / here means start from the root directory of you system, which in combination with the recursive option will search down everything, home folder included, and find every file. Normally this is protected todo, but the extra option --no-preserve-root makes sure this command is run with the root / path.
Haha I know its funny. Until someone loses data. Jokes like these are harmful in my opinion.
rm -rf / belongs in a joke thread.
$ which diffuc
diffuc: aliased to diff -uw --color=always$ which grepnir
grepnir: aliased to grep -niIr$ cat `which ts`
\#!/bin/bash
if [ "$#" -lt 1 ]; then
tmux list-sessions
exit
fi
if ! tmux attach -t "$1"
then
tmux new-session -s "$1"
fi
I usually set up an alias or script to update everything on my system. For example, on Ubuntu, I would do this: alias sysup='snap refresh && apt update && apt upgrade'
And on Arch, I do this: alias sysup ='flatpak update && paru'
Funny enough you'd need to use sudo to run this on Ubuntu, but not in the Arch example because paru being neat
GitHub - topgrade-rs/topgrade: Upgrade all the things
Upgrade all the things. Contribute to topgrade-rs/topgrade development by creating an account on GitHub.GitHub
GitHub - ivan-hc/AM: AppImage Package Manager: AppImage sandboxing, local and system installation, update all AppImages, an extensible database of AppImages and portable apps, lists for AppImages and other GNU/Linux binaries, integrate AppImages by drag/d
AppImage Package Manager: AppImage sandboxing, local and system installation, update all AppImages, an extensible database of AppImages and portable apps, lists for AppImages and other GNU/Linux bi...GitHub
alias update='eos-update --yay'
alias updates='eos-update --yay ;
flatpak update ;
flatpak uninstall --unused ;
rustup self update ;
rustup update'And related for uninstalling something:
alias uninstall='yay -Rs'
github.com/dannyfritz/dotfiles…
dotfiles/fish/config.fish at e53d410364bf6e2f4e1de4b9c6abbbc832db67b1 · dannyfritz/dotfiles
Contribute to dannyfritz/dotfiles development by creating an account on GitHub.GitHub
For doing stuff in a directory, I use a replacement for cd
command.
For aliases:
alias +='git add'
alias +p='git add -p'
alias +u='git add -u'
alias -- -='cd -'
alias @='for i in'
alias c='cargo'
alias date='LANG=C date'
alias diff='cdiff'
alias gg='git grep -n'
alias grep='grep --color=auto'
alias ll='ls -o'
alias ls='ls -vFT0 --si --color=auto --time-style=long-iso'
alias rmd='rmdir'I also have various small scripts and functions:
*
a for package management (think apt but has simplified argumentswhich makes it faster to use in usual cases),
*
e for opening file in Emacs,*
g for git,*
s for sudo.And here’s ,:
$ cat ~/.local/bin/,
\#!/bin/sh
if [ $# -eq 0 ]; then
paste -sd,
else
printf '%s\n' "$@" | paste -sd,
fi
Similar to yours OP I copy many URLs and then run my script that takes the number of URLs I copied eg 5,and downloads them with yt-dlp and GNU parallel to ~/Videos
I use CopyQ to hold the clipboard history.
alias dockpull="docker compose pull"
alias dockup="docker compose up -d --remove-orphans"
alias x='chmod +x'I also have the
yt-dlp "$(wl-paste)" one, but its build around a custom script. So sharing it here makes no sense. Its funny how often we do same thing in different ways (extracting or creating archives in example). Often aliases get development into function and then they turn into scripts. For some of the more simple aliases, here a selection:alias f='fastfetch -l none'
alias vim='nvim'
alias baloo='balooctl6'
To answer your question realistically I did history | sed "s/.* //" | sort | uniq -c | sort -n
which returned as first non standard command lr which from my grep lr ~/.bashrc is alias lr="ls -lrth"
A few days ago I posted a one-liner to do the same thing too. It will resolve aliases from your history and expand program paths to its fullpath. I thought you might be interested: beehaw.org/post/20584479
type -P $(awk '{print $1}' ~/.bash_history | sort -u) | sort
List all existing program paths from your Bash's history. (Bash One Liner)
It only works with the first command in the recorded history, not with any sub shells or chained commands.
\#!/usr/bin/env bash # 1. history and $HISTFILE do not work in scripts. Therefore cat with a direct # path is needed. # 2. awk gets the first part of the command name. # 3. List is then sorted and duplicate entries are removed. # 4. type -P will expand command names to paths, similar to which. But it will # also expand aliases and functions. # 5. Final output is then sorted again. type -P $(cat ~/.bash_history | awk '{print $1}' | sort | uniq) | sort
After reading a blog post, I had this script in mind to see if its possible. This is just for fun and I don't have an actual use for it. Maybe some parts of it might inspire you to do something too. So have fun.Edit 1:
After some suggestions from the comments, here is a little shorter version.
sort | uniqcan be replaced bysort -u, as the output of them should be identical in this case (in certain circumstances they can have different effect!). Also someone pointed out my uselesscat, as the file can be used directly withawk. And for good reason. :D Enjoy, and thanks for all.
type -P $(awk '{print $1}' ~/.bash_history | sort -u) | sort
I still have no real use case for this one liner, its mainly just for fun.
I replaced rm with trash-put, just in case I realize I need some files that I removed down the line.
alias rm='trash-put'Official author don't recommend it due to different semantics. But honestly for my own personal use case its fine for me.
Also I like to alias xclip:
alias clippy='xclip -selection clipboard'
# cat things.txt | clippy
GitHub - andreafrancia/trash-cli: Command line interface to the freedesktop.org trashcan.
Command line interface to the freedesktop.org trashcan. - andreafrancia/trash-cliGitHub
rm directly, even with the alias in effect, you can put a backslah in front of the command to use its original meaning: \rm filename
I'm not sure what you mean with the question. If you have any alias like alias rm='ls -l' in your .bashrc in example, then you cannot use the original command rm anymore, as it is aliased to something else. I'm speaking about the terminal, when you enter the command. However, if you put a backslash in front of it like \rm in the terminal, then the alias for it is ignored and the original command is executed instead.
Edit: Made a more clear alias example.
Official author don’t recommend it due to different semantics. But honestly for my own personal use case its fine for me.
I don't recommend that either. If you get used to that 'rm' doesn't actually remove files and then your alias is missing for whatever reason it'll bite you in the rear at some point. And obviously the same hazard goes with a ton of other commands too.
# switch sinks
toggle_audio() {
# Find headset sink ID dynamically
headset_id=$(pactl list sinks short | grep "Plantronics" | awk '{print $1}')
# Find speakers sink ID dynamically
speakers_id=$(pactl list sinks short | grep "pci-0000_05_00.6" | awk '{print $1}')
# Get current default sink
current_sink=$(pactl get-default-sink)
# Get current sink ID
current_id=$(pactl list sinks short | grep "$current_sink" | awk '{print $1}')
# Toggle between the two
if [ "$current_id" = "$headset_id" ]; then
pactl set-default-sink "$speakers_id"
echo "Switched to speakers (Sink $speakers_id)"
else
pactl set-default-sink "$headset_id"
echo "Switched to headset (Sink $headset_id)"
fi
}generally i try not to use too many custom things because for work i regularly work on all kinds of different servers and i've just been too lazy to set up some solution to keep it all in sync. someday....
\#!/bin/bash
name=/home/defacto/.drafts/"`date +"%Y%m%d"`"_text
if [[ -e "$name" || -L "$name" ]] ; then
i=1
while [[ -e "$name"_$i || -L "$name"_$i ]] ; do
let i++
done
name="$name"_$i
fi
touch -- "$name"
pluma "$name" #replace pluma with your editor of choice
\#/usr/bin/bash
days=$(</var/home/monika/scripts/days)
echo "$days"
file_name=/var/home/monika/Pictures/Art/day$days.kra
if [ -f $file_name ]; then
echo file is present
else
if [[ $days%7 -eq 0 ]]; then
echo "Week completed"
fi
cp "/var/home/monika/scripts/duplicate.kra" $file_name
flatpak run org.kde.krita $file_name
echo $(($days + 1)) >/var/home/monika/scripts/days
fi
I often want to know the status code of a curl request, but I don't want that extra information to mess with the response body that it prints to stdout.
What to do?
Render an image instead, of course!
curlcat takes the same params as curl, but it uses iTerm2's imgcat tool to draw an "HTTP Cat" of the status code.
It even sends the image to stderr instead of stdout, so you can still pipe curlcat to jq or something.
\#!/usr/bin/env zsh
stdoutfile=$( mktemp )
curl -sw "\n%{http_code}" $@ > $stdoutfile
exitcode=$?
if [[ $exitcode == 0 ]]; then
statuscode=$( cat $stdoutfile | tail -1 )
if [[ ! -f $HOME/.httpcat$statuscode ]]; then
curl -so $HOME/.httpcat$statuscode https://http.cat/$statuscode
fi
imgcat $HOME/.httpcat$statuscode 1>&2
fi
cat $stdoutfile | ghead -n -1
exit $exitcodeNote: This is macOS-specific, as written, but as long as your terminal supports images, you should be able to adapt it just fine.
Because using docker can sometimes cause ownership issues if not properly configured in your docker-compose.yml, I just added an alias to ~/.zshrc to rectify that.
-edit-
Only run this script in your user owned directories, e.g. anything from ~/ (or /home/) you might otherwise cause ownership issues for your system.
## Set ownership of files/folders recursively to current user
alias iownyou="sudo chown -R $USER:$GROUP"
g=git
ga='git add'
gau='git add --update'
gcfu='git commit --fixup'
gc='git commit --verbose'
'gc!'='git commit --verbose --amend'
gcmsg='git commit --message'
gca='git com
gd='git diff'
gf='git fetch'
gl='git pull'
gst='git status'
gstall='git stash --all'
gstaa='git stash apply'
gp='git push'
'gpf!'='git push --force-with-lease'
grb='git rebase'
grba='git rebase --abort'
grbc='git rebase --continue'I also often use
ls='eza'
md='mkdir -p'
mcd() { mkdir -p "$1" && cd "$1" }And finally some Nix things:
b='nix build'
bf='nix build -f'
bb=nix build -f .'
s='nix shell'
sf='nix shell -f'
snp='nix shell np#'
d='nix develop'
df='nix develop -f'
That's a helpful one! I also add a function that creates a tmp directory, and cds to it which I frequently use to open a scratch space. I use it a lot for unpacking tar files, but for other stuff too.
(These are nushell functions)
# Create a directory, and immediately cd into it.
# The --env flag propagates the PWD environment variable to the caller, which is
# necessary to make the directory change stick.
def --env dir [dirname: string] {
mkdir $dirname
cd $dirname
}
# Create a temporary directory, and cd into it.
def --env tmp [
dirname?: string # the name of the directory - if omitted the directory is named randomly
] {
if ($dirname != null) {
dir $"/tmp/($dirname)"
} else {
cd (mktemp -d)
}
}
I have a few interesting ones.
Download a video:
alias yt="yt-dlp -o '%(title)s-%(id)s.%(ext)s' "Execute the previous command as root:
alias please='sudo $(fc -n -l -1)'Delete all the Docker things. I do this surprisingly often:
alias docker-nuke="docker system prune --all --volumes --force"This is a handy one for detecting a hard link
function is-hardlink {
count=$(stat -c %h -- "${1}")
if [ "${count}" -gt 1 ]; then
echo "Yes. There are ${count} links to this file."
else
echo "Nope. This file is unique."
fi
}I run this one pretty much every day. Regardless of the distro I'm using, it Updates All The Things:
function up {
if [[ $(command -v yay) ]]; then
yay -Syu --noconfirm
yay -Yc --noconfirm
elif [[ $(command -v apt) ]]; then
sudo apt update
sudo apt upgrade -y
sudo apt autoremove -y
fi
flatpak update --assumeyes
flatpak remove --unused --assumeyes
}I maintain an aliases file in GitLab with all the stuff I have in my environment if anyone is curious.
dotfiles/.bash_aliases · master · Daniel Quinn / Handy Scripts · GitLab
Useful scripts I use dailyGitLab
Execute the previous command as root
Fun fact if you are using bash, !! will evaluate to the previous command, so if you miss sudo on some long command, you can also just do sudo !!.
Ooooou I got a couple :3
This one is just a basic mirror fixing thing cuz sometimes I go a while without updating pacman:
alias fixpkg='rate-mirrors --protocol https arch | sudo tee /etc/pacman.d/mirrorlist && sudo pacman -Syy'This function I made to create virtual audio sinks so I can route audios via qpw and play earrape into discord calls if I want XD
create_vsink() {
local sink_name=${1:-vsink} # Default sink name is 'vsink' if no input is provided
local description=${2:-"Virtual Sink"} # Default description
pactl load-module module-null-sink sink_name="$sink_name" sink_properties=device.des>
echo "Virtual sink '$sink_name' created with description '$description'."
}Simple parser function I made that makes a whole repo using my git key so it's not just locally created I kinda forgot why I made it tbh:
git_clone() {
local url="${1#https://}" # Remove "https://" if present
git clone "https://$git_key@$url"
}Awesome mpv function I made that allows for real time pitch+speed shifting via hotkeys and is flexible with extra parameters and shit:
mpv_pitch() {
if [[ -z "$1" ]]; then
echo "Usage: mpv_pitch <file> [mpv-options]"
return 1
fi
local file="$1"
shift
mpv --input-conf=/dev/stdin "$file" "$@" <<EOF
SHIFT+RIGHT add audio-pitch-correction 0; add pitch 0.01; add speed 0.01 # Decrease pit>
SHIFT+LEFT add audio-pitch-correction 0; add pitch -0.01; add speed -0.01 # Increase pit>
EOF
}Automatic audio router for firefox audio streams that uses the aforementioned create_sink function to make a specific sink that I can use carla on to mix and make cool shit out of haha
firefox_crush() {
create_vsink CrunchSink "CrunchSink"
firefox --name firefox-vc &
(while true; do
SINK_INPUT_ID=$(pactl list sink-inputs short | grep "firefox" | awk '{print $1}')
if [[ -n "$SINK_INPUT_ID" ]]; then
pactl move-sink-input "$SINK_INPUT_ID" CrunchSink
break
fi
sleep 0.25
done) &
}
alias fucking='sudo' (my coworkers often used prettyplease instead)
alias gl='git log'
alias server-name-here='ssh server-name-here'I have a bunch of the server aliases. I use those and gl the most.
~/.ssh/config. I just got tired of typing ssh server and wanted the be able to just type server to ssh in.
ssh_hostnames=$(grep "^Host " ~/.ssh/config | awk '!/*/ {print $2}')
for host in $ssh_hostnames
do
alias $host="ssh $host"
donein my .bash_aliases to parse the ~/.ssh/config file and cut off the 'ssh ' part automatically for every Host I have in there.
bash_aliases so much more elegant than me adding the alias for each server.
alias clip='xclip -selection clipboard'
When you pipe to this, for example ls | clip, it will stick the output of the command ran into the clipboard without needing to manually copy the output.
I use a KDE variant of this that uses klipper instead (whatever you pipe to this will be available in klipper):
` #!/bin/sh
function copy {
if ! tty -s && stdin=$(</dev/stdin) && [[ "$stdin" ]]; then
stdin=$stdin$(cat)
qdbus6 org.kde.klipper /klipper setClipboardContents "$stdin"
exit
fi
qdbus6 org.kde.klipper /klipper getClipboardContents
}
copy $@`
alias yt-dlp='/home/j/yt-dlp/yt-dlp'
alias nuget="mono /usr/local/bin/nuget.exe"
For the newer version of program, that's why we have the $PATH. You put your program into one of the directories that is in your $PATH variable, then you can access your script or program from any of these like a regular program. Check the directories with echo "$PATH" | tr ':' '\n'
My custom scripts and programs directory is "~/.local/bin", but it has to be in the $PATH variable too. Every program and script i put there can be run like any other program. You don't even need an alias for this specific program in example.
Nuget is a the .NET package manager. Like npm or pip, but for .NET projects.
If you needed it for a published application that strikes me as fairly strange.
I looked through my bash history and it looks like I needed it to build an Xbox eeprom editor for Xemu. Xemu doesn't (or at least didn't, I haven't used newer versions yet) have a built in eeprom editor and editing the Xbox eeprom is required for enabling both wide screen and higher resolutions for the games that support them natively.
I just looked at Xemu's documentation, and it looks like they've added a link to an online eeprom editor, so the editor I used (which they do still link to) is no longer required.
github.com/pyr0ball/PRbL-bashr…
My own bash library, includes a self-installer and a nifty login banner
GitHub - pyr0ball/PRbL-bashrc: Automated installer for PRbL and bashrc modifications
Automated installer for PRbL and bashrc modifications - pyr0ball/PRbL-bashrcGitHub
function seesv
column -s, -t < $argv[1] | less -#2 -N -S
endI used this a lot when I had to deal with CSV files — it simply shows the data in a nice format. It's an alias for the fish shell by the way.
# Changes to top-level directory of git repository.
alias gtop="cd \$(git rev-parse --show-toplevel)"
I have a few:
loginserver- 3 of these, 1 for each of my headless vm's/computers that's just an SSH command
dcompose(d/pull) - docker compose (down/pull)3 scripts that are just docker compose up/down/pull, as scripts (remind me in 6 hours and I will post the scripts) so that it will CD to my compose folder, execute the command (with option for naming specific containers or blank for all) and then CD back to the directory I started in.
alias bat="batcat"
alias msc="ncmpcpp"
alias xcp="xclip -selection clipboard"
alias wgq="sudo wg-quick"also a couple to easily power on/off my 4g modem
here we go:
dedup:
#!/usr/bin/awk -f
!x[$0]++this removes duplicate lines, preserving line order
iter:
#!/usr/bin/bash
if [[ "${@}" =~ /$ ]]; then
xargs -rd '\n' -I {} "${@}"{}
else
xargs -rd '\n' -I {} "${@}" {}
fiThis executes a command for each line. It can also be used to compare two directories, ie:
du -sh * > sizes; ls | iter du -sh ../kittens/ > sizes2fadeout:
#!/bin/bash
# I use this to fade out layered brown noise that I play at a volume of 130%
# This takes about 2 minutes to run, and the volume is at zero several seconds before it's done.
# ################
# DBUS_SESSION_BUS_ADDRESS is needed so that playerctl can find the dbus to use MPRIS so it can control mpv
export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/1000/bus"
# ################
for i in {130..0}
do
volume=$(echo "scale=3;$i/100" | bc)
sleep 2.3
playerctl --player=mpv volume $volume
donelbn:
#!/bin/bash
#lbn_pid=$(cat ~/.local/state/lbn.pid)
if pgrep -fl layered_brown
then
pkill -f layered_brown
else
export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/1000/bus"
mpv -ao pulse ~/layered_brown_noise.mp3 >>lbn.log 2>&1 &
sleep 3
playerctl -p mpv volume 1.3 >>lbn.log 2>&1 &
fiThis plays "layered brown noise" by crysknife. It's a great sleep aid.
here are some aliases:
alias m='mpc random off; mpc clear'
alias mpcc='ncmpcpp'
alias thesaurus='dict -d moby-thesaurus'
alias wtf='dict -d vera'
alias tvplayer='mpv -fs --geometry=768x1366+1366+0'
# usage: yesno [prompt]
# example:
# yesno && echo yes
# yesno Continue? && echo yes || echo no
yesno() {
local prompt
local answer
if [[ "${#}" -gt 0 ]]; then
prompt="${*} "
fi
read -rp "${prompt}[y/n]: " answer
case "${answer}" in
[Yy0]*) return 0 ;;
[Nn1]*) return 1 ;;
*) return 2 ;;
esac
}
Hey OP, consider using $XDG_RUNTIME_DIR instead of /tmp. It's now the more proper place for these kinds of things to avoid permission issues, although I'm sure you're on a single user system like most people. I have clipboard actions set to download with yt-dlp 😀
My favorite aliases are:
alias dff='findmnt -D -t nosquashfs,notmpfs,nodevtmpfs,nofuse.portal,nocifs,nofuse.kio-fuse'
alias lt='ls -t | less'
alias f='open -a Finder .'
I use Clevis to auto-unlock my encrypted root partition with my TPM; this means when my boot partition is updated (E.G a kernel update), I have to update the PCR register values in my TPM. I do it with my little script /usr/bin/update_pcr:
\#!/bin/bash
clevis luks regen -d /dev/nvme1n1p3 -s 1 tpm2I run it with sudo and this handles it for me. The only issue is I can't regenerate the binding immediately after the update; I have to reboot, manually enter my password to decrypt the drive, and then do it.
Now, if I were really fancy and could get it to correctly update the TPM binding immediately after the update, I would have something like an apt package shim with a hook that does it seamlessly. Honestly, I'm surprised that distributions haven't developed robust support for this; the technology is clearly available (I'm using it), but no one seems to have made a user-friendly way for the common user to have TPM encryption in the installer.
Not exactly a single script, but I use scm breeze for git stuff. Has a ton of QoL features for working with git
github.com/scmbreeze/scm_breez…
GitHub - scmbreeze/scm_breeze: Adds numbered shortcuts to the output git status, and much more
Adds numbered shortcuts to the output git status, and much more - scmbreeze/scm_breezeGitHub
I wrote a script called please. You input please followed by any other command (e.g. please git clone, please wget blahblah) and a robotic voice will say "affirmative," then the command will run, and when it completes, the robotic voice reads out the exit code (e.g. "completed successfully" or "failed with status 1" etc.)
This is useful for when you have a command that takes a long time and you want to be alerted when it's finished. And it's a gentleman.
I have a collection of about 8 machines around the house (a lot of Raspberry Pi) that I ssh around to from various points.
I have setup scripts named: ssp1 ssp2 ssba ss2p etc. to ssh into the various machines, and of course shared public ssh keys among them to skip the password prompt. So, yes, once you are "in" one machine in my network, if you know this, you are "in" all of them, but... it's bloody convenient.
~/.ssh/config with lines like this:Host p1
HostName 192.168.1.123
Port 22
User piThen access with
ssh p1. Slightly more typing, but avoids adding more commands to your $PATH. Also has the benefit of letting you use the same alias with other ssh-related commands like sftp.
# fish shell
function jmpd
set _selection $(fzf --walker=dir);
if test -n "$_selection"
cd "$_selection";
end
end
g-pushgit push origin `git branch --show`
Technically not an alias, because I just use nushell's history + autocompletion everytime I use it, but one could alias it. I think I might even write a custom command for it, with path argument, some day. Anyway, here it goes:
rsync -aPh -e "ssh -p 2222" test@172.16.0.86:/storage/emulated/0/PicturesArchive/ ~/PicturesArchive/
I run an ssh daemon on my phone, and use this snippet to back up my photos.
\#Create predefined session with multiple tabs/panes (rss, bluetooth, docker...)
tmux-start
\#Create predefined tmux session with ncmpcpp and ueberzug cover
music
\#Comfort
ls = "ls --color=auto"
please = "sudo !!"
\#Quick weather check
weatherH='curl -s "wttr.in/HomeCity?2QF"'
\#Download Youtube playlist videos in separate directory indexed by video order in playlist -> lectures, etc
ytPlaylist='yt-dlp -o "%(playlist)s/%(playlist_index)s - %(title)s.%(ext)s"'
\#Download whole album -> podcasts primarily
ytAlbum='yt-dlp -x --audio-format mp3 --split-chapters --embed-thumbnail -o "chapter:%(section_title)s.%(ext)s"'
# download video -> extract audio -> show notification
ytm()
{
tsp yt-dlp -x --audio-format mp3 --no-playlist -P "~/Music/downloaded" $1 \
--exec "dunstify -i folder-download -t 3000 -r 2598 -u normal %(filepath)q"
}
# Provide list of optional packages which can be manually selected
pacmanOpts()
{
typeset -a os
for o in `expac -S '%o\n' $1`
do
read -p "Install ${o}? " r
[[ ${r,,} =~ ^y(|e|es)$ ]] && os+=( $o )
done
sudo pacman -S $1 ${os[@]}
}
# fkill - kill process
fkill() {
pid=$(ps -ef | sed 1d | fzf -m --ansi --color fg:-1,bg:-1,hl:46,fg+:40,bg+:233,hl+:46 --color prompt:166,border:46 --height 40% --border=sharp --prompt="➤ " --pointer="➤ " --marker="➤ " | awk '{print $2}')
if [ "x$pid" != "x" ]
then
kill -${1:-9} $pid
fi
}
alias realwd='cd -P .' Here is an example :
$ echo $PWD
/home/me
$ cd Videos/Torrents/
$ echo $PWD
/home/me/Videos/Torrents
$ realwd
$ echo $PWD
/home/me/data/Torrents/Video I also do some X application, compositor and WM development, and I have a few aliases to simplify tasks like copying from an Xorg session to an Xnest (and the other way around), or reload the
xrandr command from my .xinitrc without duplicating it.alias screenconf='$(grep -o "xrandr[^&]*" ~/.xinitrc)'
alias clip2xnext='xclip -selection clip -o -display :0 | xclip -selection clip -i -display :1'
alias clip2xorg='xclip -selection clip -o -display :1 | xclip -selection clip -i -display :0' I have an alias for using MPV+yt-dlp with my firefox cookies :
alias yt="mpv --ytdl-raw-options='cookies-from-browser=firefox'" I can't stand too long lines of text on my monitor, particularly when reading manpages, so I set the MANWIDTH env variable.
# Note : if you know that *sometimes* your terminal will be smaller than 80 characters
# refer to that https://wiki.archlinux.org/title/Man_page
export MANWIDTH=80 I use null-pointers a lot, with a shorthand.
# Note: env.sh actually provide other helpful aliases on their homepage
function envs.sh() {
if [ $# != 1 ]; then
1>&2 printf "Error, need one argument.\n"
return 1
fi
curl -F'file=@'"$1" https://envs.sh
} The usual fake editor in my path, so that browsers and other applications open Vim the correct way.
\#!/bin/sh
# st_vim.sh - executable in my ~/.local/bin
# for example in firefox's about:config :
# - view_source.editor.path : set to the value of $(which st_vim.sh)
# - view_source.editor.external : set to true
st -- $EDITOR "$*" My
.xinitrc is quite classical, I still have this in it (setup for dwm's title bar, people usually install much complicated programs) :while true; do xsetroot -name "$(date +"%d %H:%M")"; sleep 60; done & I also have a lot of stupid scripts for server and desktop maintenance, disks cleaning etc... those are handy but are also very site-specific, let me know if your interested.
Charlie Musselwhite - Look Out Highway (2025)
Charlie Musselwhite - Look Out Highway (2025)
di Matteo Bossi Qualche anno fa, durante una lunga intervista apparsa sul n. 159 de Il Blues, per parlare del suo bellissimo “Mississippi S...Silvano Bottaro (Blogger)
Tinariwen - Tassili (2011)
Dopo l’ennesimo ascolto di Emmaar, il parallelo con Tassili, ultimo lavoro uscito nel 2011, è inevitabile. Il gruppo maliano che ha fatto, e continua a far conoscere la cultura tuareg in giro per il mondo, con questo disco, non si discosta di molto dal suo predecessore...
Leggi e ascolta...
Tinariwen - Tassili (2011)
Dopo l’ennesimo ascolto di Emmaar, il parallelo con Tassili, ultimo lavoro uscito nel 2011, è inevitabile. Il gruppo maliano che ha fatto, e continua a far conoscere la cultura tuareg in giro per il mondo, con questo disco, non si discosta di molto dal suo predecessore. Due sono soprattutto gli elementi in comune: deserto e messaggio. Il primo è stato registrato nel deserto algerino, Emmar invece, in quello nord americano del Joshua tree. Il messaggio: la musica come strumento di ribellione... silvanobottaro.blog/2024/09/10…
Ascolta: album.link/i/671816602
Home – Identità DigitaleSono su: Mastodon.uno - Pixelfed - Feddit
Tinariwen — Emmaar (2014)
Dopo l’ennesimo ascolto di Emmaar, il parallelo con Tassili, ultimo lavoro uscito nel 2011, è inevitabile. Il gruppo maliano che ha fatto, e continua a far conoscere la cultura tuareg in giro…Silvano Bottaro Blog
[deleted]
like this
Rozaŭtuno, Endymion_Mallorn, adhocfungus e Maeve like this.
We have people telling us the earth is flat. Them saying so doesn't make our good old planet any flatter ;)
I mean one can find excess absolutely anywhere, that doesn't demonstrate much imho.
like this
Endymion_Mallorn likes this.
like this
Endymion_Mallorn e Maeve like this.
Yep, and then there's probably a good number of people who have no idea of threat modelling who just copy those actions to say they have "good privacy".
Tbh, I'm closer to the latter.
like this
Endymion_Mallorn e Maeve like this.
I mean, it can be a bit of an issue everywhere.
Hilariously this post was just above this one in my feed.
As long as everyone is having fun, I see no problem.
If you're not having fun switching mail providers, researching Gecko forks, or being a part-time sysadmin for your Fairphone, you should probably stop doing those things.
like this
Endymion_Mallorn likes this.
I'd sure hope so! Many of the things that privacy nuts like us do are not efficient uses of one's time.
They might require constant vigilance. They might need recurring work for continued effectiveness. They might necessitate exposure to intrusive negative emotions ("what is Google doing this week?!").
If you're not having fun, focus on measures that you implement once and then never have to think about again.
For example, I wouldn't recommend GrapheneOS to a journalist in an authoritarian regime. It might be "more secure", but they have a job to do and can't keep dicking around with obscure pointer authentication settings or whatnot. They should just get a current iPhone, enable Lockdown Mode if its tradeoffs are acceptable to them, and continue doing their best job, which isn't "phone administration".
LARPing as Jason Bourne, or prepping for the Rokobasiliskocalypse, is a hobby. It's okay, I do it too. However, it's not approachable or understandable to people who don't share that hobby, or are not as alarmed at the general state of things as we are.
people are literally targeted by this system today. and i live in the third world, i'm ripe for the taking.
i'm glad this can be a hobby for some of you guys though.
It kind of has to be, if you're trying to be persistent about the whole thing. It's easy to feel overwhelmed and burn out over all of the different threats we're trying to defend against. I don't see how you can keep at it for months or years if you feel no joy over it. But maybe being deathly, relentlessly afraid of the dangers around us is enough after all.
If you don't even like doing this stuff, wouldn't it be better to focus on measures that require little upkeep? This is what my example suggestion was getting at, something that's as close to set-and-forget as possible, while getting you 90% of the way there. (Depending on your threat model, sure. If yours says that the sky is falling if Tim Apple gets your iCloud data, it certainly doesn't apply.)
Damn this take needs more love. You will get shouted down And downvoted to the lowest depths if you speak against anything that isn't graphene. I like the project, it has merit. It's far far from perfect in so many ways. I don't believe it's the white knight in shining armour we like to think it is. Good yes. Saving grace. Not by a long shot. It's got many fundamental flaws.
Be conscious of your needs, not obsessive. I think a lot of people are obsessive and I get it totally. But FOMO is powerful. Don't overwork your mind trying to be perfect that you never make moves. Life isn't static. If your uneducated enough to truly need the utmost best tech stacks with no real knowledge on how to implement and deploy. You likely don't need to be doing the shit your thinking of, or currently doing.
like this
Endymion_Mallorn likes this.
like this
Endymion_Mallorn e Maeve like this.
Yes, some people absolutely take things way too far, and often unproductively.
Like the person who was trying to disable websockets. Or the people who will shun signal, but jump directly on the flavour of the month signal clone, which might be completely backdoored.
If you dont know what you are doing, randomly turning things on and off at best does nothing, at worst makes you even more signaturable/trackable.
Its good to educate yourself on various protections, but unfortunately, it requires a lot of careful research and understanding.
like this
Maeve likes this.
I have no issue with tinkering, my issue is more when tinkering gets turned around into advice.
I think I would be happier if these communities/subreddits were a bit more explicit about "We are amateurs, for actual advice, go to X, Y, Z".
Of course some people go too far. I think a lot of folks on here grossly overestimate / overstate their threat model, but I think the discussions are good for the limited few who really do need to cover their asses.
Me personally, I hate the idea of companies bidding for my attention without my consent, so I try and make it as hard as possible for them to get it. This just so happens to overlap nicely with the goals of the privacy community much of the time.
like this
Endymion_Mallorn likes this.
Most people have absolutely zero idea how much data they put out there, what's done with it, and why any rational person would be horrified if they knew the extent to which individuals were tracked. Simply put, short of showing them how their lives are made worse, they don't care, and can't be made to care.
For friends and family, you can do things like give them books or send articles explaining it slowly in parts. For everyone else, just ask them if they know how Google tracks what they do in Incognito windows and see what they say. If they say that Google can't or doesn't, they might as well say the Earth is flat. You can't argue with that, even though it's provably false.
like this
Endymion_Mallorn likes this.
Most people have absolutely zero idea how much data they put out there
As evidence, I've heard people talk about worrying their phone is listening to their conversations. It's not that they don't care about privacy, it's that they don't even know what's possible. With all the data collection that is happening, the data brokers are already selling a dataset predicting that you are going to be shopping for new baby items and what types of manipulative tactics are likely to work on you well before you talk to your friend about it.
I definetly take things too far in terms of my effort vs my current threat model. But there are many aspects of trying to increase privacy.
For one, I'm very interested in the philosophy, ethics and politics of privacy and adjacent fields such as security. Part of what I do is just learning.
Also I try to be a good role model to my AFK peers and family. Of course I don't try to get everyone to adopt my hobby. But as in every field it's hard to teach even the basic stuff to others without deeper understanding of the field.
But as in every field it's hard to teach even the basic stuff to others without deeper understanding of the field.
That's so true, but even more true in IT... It changes so rapidly and things don't stay the same over time... It's not like a degree in Biology where things you learn stay relatively the same !
IT is 5 inches deep but miles long ! (Something like that!)
Definitely yeah! If you’re just a regular person living in a fairly democratic country and you’re thinking about physically clogging your usb ports to avoid someone breaking in your room and tampering your device while you’re exploring Barcelona, or if you consider removing camera and microphone from your pixel phone that you use every day, you’re probably taking it too far.
OTOH I’m still having trouble getting people away from Meta apps and I think it’s absolutely crazy how little thought people put into the amount of data that Meta collects.
TBH even in many dictatorships you’re mostly fine just using a VPN and fake accounts if you have government critical opinions. But that’s just my personal experience. Goes without saying if you have a decent follower count or are some kind of journalist you should be very paranoid.
Anyway, the point is, it’s probably good to feel slightly paranoid because most people aren’t paranoid enough, but most of us are also not Edward Snowden or Saudi journalists, so there should be a balance between practicality and privacy.
Once, someone sent me an Amazon link for baby nappies, and fool me clicked on it. Now Amazon showed boomer me baby nappies suggestions for the next six months. AI at its best... These things annoy me, so I try to avoid being tracked whenever reasonably possible.
OTOH, I am old and hope to not live long enough to experience any rogue government or whatever else persecuting me for having clicked on a baby nappies link years ago; so my threat model is short term only. I keep my privacy to a level, where it hopefully prevents as many annoyances as possible, but does not hamper what I am doing online too much. If I was younger, I'd likely do more.
I'm like a test-bed for a) my business customers and b) friends and family. also, "wasting" time thusly is vastly better than my previous "hobby", namely buying new and exciting shit.
my customers benefit from me knowing how exactly (and why!) I should implement e.g. an unbound instance on-premise. or an in-house prosody communication platform. or the "dev team" (buncha dudes poking at wordpress) getting a slew of used elitebooks with linux for the price of one new windows-with-ai yoga the spec initially called for.
f&f benefit from my early adoption by way of trickle-down tech. no way is anyone of them going to selfhost all this crap, but they get sprinkles of benefits in the form of "get this phone with that OS with those apps" and they're dramatically better off. you don't need the new ideapad ryzen that's "on sale" (isn't), have this 10-year old macbook I fixed and installed linux on - off you go. you don't need the new phone that's "free" with an exorbitantly priced plan, have the cheapest plan with this Redmi/Poco phone I swapped the battery on and installed LineageOS.
as to practical considerations, any and all interactions with the likes of FAANG are and should be adversarial from the get-go, they are out to hurt you by any means necessary. them fucks lost the benefit of doubt ages ago so you not letting them have a millimeter of grasp in your domicile should be your primary task. as their gains are cumulative in nature, every battle won is significant and you'd do well to remind yourself constantly of that.
Yes and I see two reasonable reasons for that.
One is that, like in most communities, those that feel more compelled to post and comment are those that are more passionate about the topic and/or have more extreme views.
The other reason is that given the sensitive nature of the topic, without knowing the threat level of the reader I can see how one would be reluctant to go for the "good enough".
I think that "mental illness" kind of comments would come from people whose attitude for safety in many aspects of life is "that's never going to happen (to me)". Those people exist, so sooner or later you'll see comments like that.
On the other hand everybody is trying to find a balance in convenience and safety and the situations and environments and life on general for one person can be quite different from that of some others'. So what's adequate for one won't be for another.
It's like PPE or personal finance or many other things. There's no one size that fits all and finding the right fit isn't easy. For a lot of us it's work in progress. Sometimes you know what's definitely needed and tweak the details. Sometimes you know something is not going well and needs to change.
Maybe it's enough to say that it's complicated and have some compassion and support for people that think it isn't. Or people that think it's all too much to handle.
Yeh my family treat me like I am a nut job. I only swapped away from google and ask them to think about the orgs they spend their money on for example Amazon.
It’s amazing how many people got on board with Covid conspiracies but questioning where you data goes, who’s using it, what for, no that’s a bit far lol.
like this
TVA likes this.
Told my older parents I use a custom ROM with a profile for work and a profile for personal and they asked me what I'm hiding, and why I'm so paranoid. I said.. it's not paranoia, it's organization. Color coding profiles allows my mind to switch gears from work to personal life like mental compartments. I am a boring person. I have nothing to be paranoid about. They didn't believe me. Oh well....
Edit: part of me thinks the whole mental state switching from work profile to personal is an ADHD aspect as well. Especially the color coding helps wonders.
explainxkcd.com/wiki/index.php…
Relevant XKCD;
I feel that it is closer to the fact that the communities forgot most beginners are completely new to this in general. They might not even know what exactly a 'browser' is, much less cookies and stuff.
Hence when we try to spoonfeed them information, it comes off as overwhelming and forced.
Agree that there are some extremist, but they mostly act in good faith tbh.
Another thing I noticed is there are more preachers of 'how' than 'why'. Having a beginner go down the route of privacy without giving them a purpose to do so is quite off-putting.
2501: Average Familiarity - explain xkcd
explain xkcd is a wiki dedicated to explaining the webcomic xkcd. Go figure.www.explainxkcd.com
like this
TVA likes this.
There is a point of diminishing returns. Like most things, you have to evaluate what you are willing to live with and let go.
I know someone who only browses incognito because they don't want cookies tracking them. They log into everything every day. Which, imo, is worse because those cookies are still tracking you but you now have to log in everyday.
But for them they like the control.
I've moved most of my incidental link on my phone clicking to Firefox Focus (thanks to URL Checker) which has upped my privacy. I wouldn't have made that change without the prompt that URL Checker provides though.
I use a VPN outside of my house and I use pihole at home. I am tempted to switch my DNS to unbound but the juice doesn't seem to be worth the squeeze. We'll see the next time I need to rebuild my pi.
I used to run unbound on my laptop just so I could configure stuff like forwarding zones with more precision than what a stub resolver normally gives you.
It can also be your validating DNSSEC resolver, which also satisfied that sort of morbid curiosity in me.
In the age of DoT and DoH, with endpoints hardcoded in browser binaries, that sort of thing has a lot less punch than it used to. Even back then Go binaries would start ignoring your nsswitch.conf…
DNSSEC always causes errors on my pihole set up and end up disabling it. The upstream is DoH though (via dnscrypt) so it's technically DNSSEC but without the clients seeing the authentication. That's enough for me.
At some point, I fully expect apps and websites to begin resolving DNS directly instead of relying on the OS to provide resolution services. At that point our options will be to wholesale block IP addresses at the router.
Like most things on the internet it's a game of one-upsmanship. User X uses Firefox with Incognito. User Y say's that isn't good enough for his own inconsistent definition of "good enough."
So User-Y suggests Firefox with 14 different add-ons and only browse through an immutable VM.
But then user-z comes along and says that if you are using windows at all, you don't really care about privacy, so you should be using Icefox on some obscure fork of ubuntu through an immutable VM, with a pi-hole.
Then user-w says well if you aren't using a VPN none of this matters, so Obviously you need to rent an Alibaba cloud server hosted in China, that you only connect to through a privacy respecting VPN, and then you only browse through TOR.
And so on. By the time a user is asking about how to stop google ads, the only "serious" answer by the community involves using Packet over Ham-radio -> and spending thousands of dollars a month on 4 different cloud providers, rented through several shell companies set up in Switzerland, the Cayman Islands and China, while only typing in Esperanto using an ASCII-only font.
A few weeks ago, I would have said 100%. I am needlessly careful.
I know I'm protecting against privacy threats that are technically possible, but unlikely. Preventing the tracking is just an interesting hobby, to me.
But earlier this month, we learned that Meta went "all-in" on what I consider some fucked up shit - running a mini localhost server to track the vanishingly few people who bother to block their tracking.
So now I guess I'm only about 30% sure I'm being needlessly careful.
like this
Rickicki likes this.
I have been thinking about this a lot recently. I live a life where OPSEC is relevant. Its something that I have had to consider always, and has been for 2 decades. Even so, I wasn't as concerned this whole time as I am these days. The fact is that technology is making it such that its no longer "im not a person of interest they wont spend resources on me" because data crunching is happening to such an extreme, on such a grand scale, that person of interest doesn't even matter. Do you exist, yes. Do you have a digital foot print, yes you do. Even if you dont do a lot online. Your metrics are being captured and being inferenced, and systems are using predictive analysis to determine what you "may" do in a given situation. Depending on who controls those systems they may decide not to give you a chance to make that choice.
Ill I can say is that there are a large number of groups that want your data, for a lot of different reasons, and none of them are for your benefit. So, are you going to let them have it, or are you going to take steps to reign in the amount of info you leave about?
The amount of times I've been told the nothing to hide argument is stupid.
Yes.
Like any interest, people get so far removed from the original point, it becomes about something new.
Like cast iron. People go from not really knowing about it to learning how to cook with it, to learning how to do basic maintenance. About 20% of people go completely off the rails, and they start buffing and polishing them like they are fabergé eggs, and joining cast iron groups.
Privacy is the same. Learn the basics, follow the basics, relax and get over yourself.
Many times throughout my life, what would seem like a reasonably easy question to answer has changed dramatically.
30 years ago you could look at data collection and go there's no way that they could store a meaningful amount of data about everyone.
20 years ago you could look at data collection and go there's no way they could have the contents of every phone call It's just targeted it's not a big deal
We are the point now, where everything you ever wrote or said could be thrown into a model with such unimaginable levels of lossy compression that they could simply ask it if you are the kind of person who is into whatever the future administration deems as unacceptable and deny you access to things. All you need is a fascist regime or a dictatorship installed and all of a sudden anything you ever did can be used as grounds to lock you up.
On a governmental budget it wouldn't even be that expensive and we're just at the beginning of this.
We have seen that governments can change quickly, We know the data collection is affordable and can be permanent.
Certainly some people privacy-minded to the point of compulsion. But I can't say that anyone is wrong to seek extreme levels of privacy based on trends and capabilities.
They leave your cell phone at home and make sure somebody opens your apps and uses them people aren't anywhere near as crazy as they used to sound
As Dem Establishment Backs Cuomo, Calls Grow for NYC Mayor Race to Be 'Referendum' on Party's Direction
As Dem Establishment Backs Cuomo, Calls Grow for NYC Mayor Race to Be 'Referendum' on Party's Direction
"Cuomo winning will not only legitimize the Islamophobia that has dominated this race... but would also prove that you really can just waltz in and buy an election," said one observer.julia-conley (Common Dreams)
adhocfungus likes this.
La Finlandia accende la prima batteria di sabbia più grande al mondo
La Finlandia accende la prima batteria di sabbia più grande al mondo
In Finlandia è attiva la più grande batteria di sabbia al mondo: 1.000 MWh di energia termica stoccati per settimane.Ilaria Rosella Pagliaro (GreenMe.it)
Jeff Bezos: questo matrimonio a Venezia non s’ha da fare….
like this
Rozaŭtuno likes this.
Is there a Linux version that is similar to Freedom app?
Freedom: Internet, App and Website Blocker
Easily block distracting websites and apps on any device. The original and best website blocker, Freedom helps you be more focused and productive.Freedom
With apparmor, you could enable and disable profiles that could restrict access to files and paths by name.
For network traffic, it's possible to use dnsmasq to blacklist or whitelist some domains.
Iranian-Aligned Hackers Attack Trump's Truth Social: Report
Iranian-Aligned Hackers Claim Responsibility for Attack on Trump’s Truth Social Platform
A group of Iranian-aligned hackers has reportedly attacked something President Donald Trump holds dear — his Truth Social platform.Joe DePaolo (Mediaite)
Rozaŭtuno likes this.
AI search finds publishers starved of referral traffic
The AIpocalypse is here for web sites as search referrals plunge
: Turn out the lights, the internet is overThomas Claburn (The Register)
Meta pauses mobile port tracking tech on Android after researchers cry foul
Meta pauses mobile port tracking tech on Android after researchers cry foul
: Zuckercorp and Yandex used localhost loophole to tie browser data to app users, say boffinsThomas Claburn (The Register)
Fact check: Viral drone video of Gaza destruction is real
Fact check: Viral drone video of Gaza destruction is real
A viral video is circulating showing the destruction caused by Israeli strikes in Gaza. DW has verified the footage of mass destruction at the Jabaliya refugee camp.Kathrin Wesolowski (Deutsche Welle)
Dal 27 al 30 giugno musica e gastronomia nella Sagra del Salame di Turgia a Devesi Di Ciriè (To)
La frazione Devesi di Ciriè si prepara a ospitare l’ottava edizione della Sagra del Salame di Turgia, evento che celebra uno dei prodotti più tipici del Ciriacese e delle Valli di Lanzo: il “Salam ëd Turgia” in piemontese, o “Salàm eud Tueurdji” in francoprovenzale. Si tratta di un salume preparato con carne di vacca, lardo e pancetta suina, aromatizzato con sale, pepe, aglio, vino rosso e spezie, poi insaccato nel budello torto di bovino. “Turgia” in piemontese indica una vacca sterile, ma può riferirsi anche a un esemplare giovane.
Organizzata dalla Pro Loco Dveisin Festareul e patrocinata dalla Città metropolitana di Torino, la manifestazione si terrà da venerdì 27 a lunedì 30 giugno in località Colombari, in occasione della festa patronale di San Pietro Apostolo. Una quattro giorni dedicata al gusto e alla tradizione, dove sarà possibile assaporare il Salame di Turgia in un clima di convivialità, accompagnato da altre specialità locali. La preparazione del salame affonda le radici nella cultura contadina e nelle famiglie che ne tramandano i segreti, rendendolo simbolo di identità e amore per il territorio.
Il programma prevede musica dal vivo, spettacoli e animazioni. Si parte venerdì 27 con l’inaugurazione affidata a Sonia De Castelli, cantante e volto noto della TV. Sabato 28 spazio alla discoteca mobile Energia. Domenica 29 salirà sul palco Luca Giordano, mentre lunedì 30 chiusura con l’orchestra Enrico Negro. Durante la sagra ci saranno anche momenti divertenti, come il Chupito San Peru e la gara di tiro alla fune domenicale.
Dal 27 al 30 giugno musica e gastronomia nella Sagra del Salame di Turgia a Devesi Di Ciriè (To) - ViaggieMiraggi
La frazione Devesi di Ciriè si prepara a ospitare l’ottava edizione della Sagra del Salame di Turgia, un evento che celebra uno dei prodotti più iconici della tradizione gastronomica del Ciriacese e delle Valli di Lanzo, detto anche Salam ëd...Redazione (ViaggieMiraggi)
Cina e l'inconfutabile dualismo nei ricami: da un lato scimmie, dall'altra cani - Il blog di Jacopo Ranieri
Cina e l'inconfutabile dualismo nei ricami: da un lato scimmie, dall'altra cani - Il blog di Jacopo Ranieri
Per anni quel ritratto mi ha fissato dall’angolo ombreggiato del salone, di un inquisitivo terrier a pelo lungo con gli occhi cerchiati di nero.Jacopo (Il blog di Jacopo Ranieri)
vfreire85
in reply to ☆ Yσɠƚԋσʂ ☆ • • •