I’ve also noticed that if you do a search, click a result, then hit back to go back to the results they manipulate the results in some weird way so they’re not the exact same results you got the first time. Infuriating
It’s just an NTP pool. The device is trying to update it’s time. Likely it made many other requests to other servers when this one didn’t work.
Maintaining up to date lists of anything is a game of whack a mole, so you’re always going to get weird results.
If you’re actually unsure, pcap the traffic on your pfsense box and see for yourself. NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.
That said, I’d still agree with the other poster about local integration with home assistant and just block that sucker from the Internet.
Agreed. To add to this because the traffic is being blocked it keeps retrying so it’s inflating the traffic size. I have about 14 tplink WiFi switches on a vlan and my pfsense rule for NTP is less than 6 megabytes. OP is conflating legitimate NTP traffic with Tor.
Exactly. The government isn't your friend. To your government you're a cog in the machine and nothing more - misbehave and they'll rip you out and replace you with another
You guys are walking the line of being prisoners. I was in NSW a couple years ago, beautiful country. Too bad its run by nutobs. After seeing the shit during COVID when the thought police were showing up at peoples houses for Facebook posts, I felt for you guys bad!
Govt’s are always corrupt, but when it makes it down to the police at that 1984 level, that’s when its time to pack the bags! Might as well be in China at that point.
Spot on. My wife and I are actually making plans to move overseas. I'm ready to get out of here, but she wants to wait until the next federal election to get a guage on where things will be heading. In the meantime, we're saving as much money as we possibly can, because Australia isn't the country it used to be, and it's clear that we're both deeply-incompatible with the general culture of apathy, government trust, and rules, rules, rules. It's suffocating.
Most of the country are change hating small c conservatives who genuinely believe the state knows best and is totally trustworthy. They get their news from the Daily Mail or The Sun because Britain is the best country ever. Its the mindset that ensures we still have a class system, a monarchy and brexit.
Because we're becoming increasingly like the US, where half of the country (or at least those who actually turn out to vote) are hellbent on voting for a party that doesn't give a single shit about their needs, just as long as they drivel out some racist shit now and again.
As @breadsmasher said, “Torys fucking the country? Better vote for them again!”
@CrypticCoffee
As for me, I will never, ever use any site that demands a drivers license or a face scan to get on. I'd sooner totally disconnect from the open Internet and move all my work to the darknet only.
I don’t think so. Porn is very much a mental thing too, not just a visual one. Knowing none of the subjects of the pictures and videos exist will ruin it for a lot of people.
Um, so, pretend you didn’t hear this from me, but there are LoRas you can use and even train yourself from a handful of sample images, for anyone in the world that you want to see.
I’d assume this will be a non issue once they implement ActivityPub. They can enable whatever account restrictions on their gitlab instance, but if I don’t want to provide this information to report a bug, then I can use another instance or self host my own, without the account restrictions.
The end goal of this proposal is to build interoperability features into GitLab so that it’s possible on one instance of GitLab to open a merge request to a project hosted on an other instance, merging all willing instances in a global network
Sure, fuck WhatsApp, but Telegram isn’t even end-to-end encrypted most of the time. Their group chats never are, and their “secret chat” encryption for non-group chats must be explicitly enabled and hardly ever is because it disables some features. And when it is encrypted, it’s with some dubious nonstandard cryptography.
It’s also pseudo open source; they do publish source code once in a while but it never corresponds to the binaries that nearly everyone actually uses.
And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯
State-sponsored exploits against WhatsApp might be more common than against Telegram, or at least we hear about them more, but it’s not because the app is more vulnerable: it’s because governments don’t need to compromise the endpoint to read your Telegram messages: they can just add a new device to your account with an SMS and see everything.
(╯° °)╯︵ ┻━┻
Anything claiming to prioritize privacy yet asking for your phone number (Telegram, WhatsApp, Signal, …) is a farce.
Simplex - requires nothing, just install. But you connect with other people by sending a code outside of SimpleX. Though they’ve added a directory service for groups.
XMPP
Wire (not Wiremin), though it requires an email account, which is easily addressed with a disposable email.
Signal is very secure from what I’ve read, despite the phone number identifier.
Telegram isn’t perfect, but it is infinitely better than Whatsapp because it doesn’t belong to Facebook, and also isn’t from the United States. Also it can be used by normies without problem, unlike Matrix or Xmpp or what have you.
Brother, it has servers all over the world (including the US) where it hosts your data unencrypted. Telegram is nearly not inifinitely better than WhatsApp.
And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯
Not only that, but I believe that they actively try to prevent VoIP numbers from being used to create accounts.
I don’t agree with everything but that last point of yours. Requiring your phone number only means your are not anonymous. There is no need to be anonymous to communicate privately. In fact, it can be counterproductive, since your are much more vulnerable to social engineering.
This is BS. It’s a 3rd rate marketing group trying to game SEO for lead gen.
Go ahead and contact them, claiming to be a prospective client with a few hundred (insert niche retail or service here) stores and that you’re interested in their product.
At best they’ll end up revealing they have a SDK or some crap to do the active listening in your own app if you have one.
If this were real, more than this company would be doing it, and you’d see actual case studies around it.
Also, it’s 1000% not legal in half the US states given two party consent wiretapping laws unless the users are agreeing to it in some way, which again brings us back to that at best this is some shoddy SDK (and unlikely even that).
Edit: Looking at it closer and given the way it isn’t linked at all from elsewhere and is a one off mention of the services, I’m actually wondering if this was an April Fool’s page that they just never took down. It’s pretty funny if that, especially given the ridiculousness of a lot of the buzz word heavy language in the bullet points. Like the idea that they are actively listening to the voice data and then having AI analyze the purchase history of the users to then cross attribute ROI using your “tracking pixel” is hilarious.
Even just one of those steps is such a pie in the sky claim even for most billion dollar agencies.
Also, it’s 1000% not legal in half the US states given two party consent wiretapping laws unless the users are agreeing to it in some way, which again brings us back to that at best this is some shoddy SDK
You are talking about advertising business, you know? They do business as long and as far as it isn’t yet illegal.
At least tracking via ultrasonic is a thing. calculator/game just needs to have the respective library.
Btw, store chains use Wifi/Bt for tracking, just so you know.
I have encountered a handful of sites that it broke as well. I use the strict protection option and manually add exceptions to the few sites it breaks - then I never have any other issues with them
I’ve been having a pretty good experience with Mullvad, however I don’t hear many people talking about it. I wonder why is that, IIRC it’s being developed with Tor Foundation, and is basically a Tor browser for clear web, and that sounds perfect. So far, I didn’t run into any issues, so is there a catch, or are they just not well enough known yet? Or, maybe people are turned away by their optional VPN?
Probably because LibreWolf is most of the way there, and the Mullvad branding + proprietary VPN is more than a bit much. I use(d) the VPN alongside it and found the add-on “hints” regarding the correct DNS settings more frustrating than helpful, too.
I was using LibreWolf before, but I really like the idea of bundling VPN + Browser, and also the way they handle payments - not only is Mullvad VPN kind of cheap, I can just pay with crypto and don’t need any account (kind of - you just generate username that also serves as an password, without any other contact information required).
But what I like the most about it is the idea of making a browser with the goal of having the same fingerprint between users (as much as possible), and offering it with a VPN - becuase that means that most of other users of the VPN will probably also have the same fingerprint from the browser, so you will blend in with them. I wasn’t really sold on the idea of VPN before that and didn’t use one, but this was what convinced me.
But tbh I haven’t done much research into the company, or into the effectivness of their implementation. I’m kind of betting on their cooperation with Tor Browser, which should have most of this stuff already figured out. But it’s possible that other browsers are just better at it, I never checked.
I do however still use LibreWolf for the occasional site that breaks with Mullvad, but it’s not something that happens too often.
I use(d) the VPN alongside it and found the add-on “hints” regarding the correct DNS settings more frustrating than helpful, too.
Hmm, I don’t think I’ve ever noticed anything about DNS. I think I’ve actually never click on the browser vpn extension, though :D Is it the encrypted DNS hint?
EDIT: Found this, apparently it’s doing pretty well privacytests.org
I’d absolutely use this. I’m glad to see people using this incredibly powerful concept to solve problems that would literally be impossible to solve without it. It is especially encouraging that they used Monero since it has an extra layer of untraceability built-in. Blockchain is experiencing kind of a backlash in public perception, but like tech closely related to it like NFT’s, it is a VERY viable idea that just so happens to be tainted by greed and disinformation.
Voting is another concept that would become unhackable overnight…but would also probably:
A. enable the creation of a CBDC (which would also allow the state to REVOKE ownership of your own money)
B. force a state to pick a technology/crypto of choice (and tip the scales toward that crypto)
both of which I somehow am vehemently against yet moderate a (ghosty) community on blockchain voting. 😅
Monero uses three different privacy technologies: ring signatures, ring confidential transactions (RingCT), and stealth addresses. These hide the sender, amount, and receiver in the transaction, respectively. All transactions on the network are private by mandate; there is no way to accidentally send a transparent transaction. This feature is exclusive to Monero. You do not need to trust anyone else with your privacy.
IMO, as a software engineer, leveraging the network effect of Monero was a wise choice. In decentralized systems, the network effect (the amount of unique, separate nodes on a network) is directly correlated to the security of that network. If I were to transact with you in a public place (like a mall food court), you could correlate the presence of other parties in the food court as unique nodes in a network. The more eyes you have witnessing you transaction, the more intrinsic security that transaction has.
Another concept that actually comes into play in cryptocurrency-based systems is that the intrinsic value of that token directly relates to the security of the data in its network. That could be another reason that they chose Monero. Since it already has stable value, it offers a pre-existing and stable security solution.
How does it address the issues with like money laundering, KYC, etc? Wouldn’t you, in practice, basically need a lawyer to help make sure you “use” it correctly and legally?
I could be wrong (since article is paywalled) but as a DApp dev, Proton probably has a wallet with enough Monero to run this smart contract without anyone needing to add any money at all. So you wouldn’t be getting a Monero wallet in it. It would simply mint an NFT that you could then refer back to for verification that this is the same address that I say it is. It would simply leverage the monero chain every time an account was created and mint that as a unique ID (NFT!).
Wouldn’t you, in practice, basically need a lawyer to help make sure you “use” it correctly and legally?
Using private cryptocurrency is not illegal, at least in the United States, nor should it be. This is like worrying if it is legal to pay for things with cash.
Thanks for lazily puking a couple of reductive, bankster-funded, cherry-picked, neolib rage-bait videos at me. Did you want to discuss this issue or do you want to lazily let the videos do it for you while forcing me to write essays that will be brigaded by the hivemind?
I like Dan Olson’s video but I don’t think it’s truly unassailable. There is some real use cases for block chains in low trust networks. One of those being global monetary policy. Another critic is that web3 applications (like Mastadon and Lemmy …) I think is moving forward even more so as the age of easy money comes to a full close.
It’s the coordinated decentralization that really defines web from web2 and 1. Cooperative vs competitive coordination is just a sub strategy within that, but I don’t think either strategy is always best for all problems.
As a sampler of the points made, web3 is already re-centralizing around gatekeepers because the average person doesn’t want to run their own server (or, in the blockchain case, host their own full copy of the blockchain) and, if the supermajority of users can’t see you because the gatekeepers block you, then it doesn’t really matter that you’re technically still up.
The takeaway on that particular point is that pushing for more and easier data portability is probably the best route in the face of how real-world users behave. (eg. anything stored in a git repository, including GitHub project wiki contents, is a great example of that. You’ve got your data locally with a simple git clone and you can upload it to a competing service with a simple git push.)
Voting is another concept that would become unhackable overnight
No. Voting on the blockchain is an even worse idea than money on the blockchain.
In many cases, there are good reasons why these things are done they way they are. I have yet to see a software system that is better at preventing voter fraud than humans looking at your government-issued ID at a poll site and humans overseeing other humans manually counting votes.
A single actor might be able to commit voter fraud in the order of dozes or hundreds of votes perhaps but with a digital voting system based on blockchain, they could do so on the order of thousands or even millions by compromising end-user devices used for voting or buy enough work/stake/whatever to perform a 51% attack.
Same goes for money btw. Our current system is by far not a perfect one but removing the ability for governments to i.e. freeze accounts of bad actors is not a boon.
I have yet to see a software system that is better at preventing voter fraud than humans looking at your government-issued ID at a poll site and humans overseeing other humans manually counting votes.
have you seen any of the research that the US government did on it? Homomorphic encryption enables votes to be both public and obfuscated at the same time. I don’t want to write an essay right now but are you truly up to date on this?
Our current system is by far not a perfect one but removing the ability for governments to i.e. freeze accounts of bad actors is not a boon.
I COMPLETELY DISAGREE. It should be exactly as hard as it is to freeze the cash of bad actors. That’s the point of it. I, of course, happen to be a libertarian socialist/anarcho syndicalist. You happen to be a capitalist. You seem to want be in the camp of “you will own nothing and you will like it” but I just so happen to not trust governments and their decisions. I believe in socialism but have seen it co-opted and destroyed by corruption. Anyway, I don’t think that those same clearly corrupted governments should have the unilateral right to prevent me from attemtpting to claw enough back from their corruption and greed to feed my family.
If you dislike corruption and capitalists, then why do you like cryptocurrency?
Because properly-implemented cryptocurrencies make corruption impossible. Even the shitty, scammy FTX project had a decentralized ledger, allowing the FTC to quickly and easily forensically untangle SBF’s tangled web of lies and fraud. Even Do Kwan’s TerraLuna hack would have been possible to detect had the project been open source (like any viable crypto project) but regardless of that, it will still now be quite trivial for the regulators prosecuting him and his co-conspirators with fraud.
It’s interesting that you can identify cherry-picking on my part but fail to identify it on your own. I merely mentioned situations where fraud (which I didn’t fall for because I follow certain principles about transparency and auditability of the crypto technologies that I prefer) was easily detected because the nature of the technology puts all transactions on an immutable ledger.
What valid criticisms of THE TECH have you offered so far? You’ve simply pointed to situations where stupid people failed to protect themselves from clear frauds then went and used that brush to paint the entire crypto space. You’re not really the intellectual heavyweight you seem to think you are.
I didn’t predict the failure of FTX or TerraLuna but they also didn’t smell right to me because they ticked MANY of the warning boxes above. I’m fairly centered around Cardano ecosystem projects but even in that ecosystem there’s bound to be some fraud. I protect myself by sticking to my gut feeling and using that small checklist. I have yet to be defrauded and I’ve been investing the space since 2017. It’s not hard and I am not Nostradamus but thanks for the compliment.
This video only mentions ERC-20 tokens as NFT’s. Are you so ignorant that you don’t realize that Ethereum is not the only crypto currency project? Do you realize that many projects have entirely different tech stacks? Actually, if you wanted to, you could go through my history and find me criticizing Ethereum’s badly flawed accounts model at least 20 times.
I’m not wasting any more time trying to have an intellectually honest debate with a person that blindly writes off an entire class of technologies yet doesn’t even understand beginner level things about it.
“You drink water and breathe air. Peter Thiel drinks water and breathes air too. Therefore you are just like Peter Thiel!”
You’re a troll. I literally hate Peter Thiel. He is invested in so many technologies that it’s VERY likely that we’re invested in the same tech somewhere. Pretty sure he doesn’t give a shit about Cardano which is the project I develop applications for.
Spreading your investments out is kind of how investing works when someone is a billionaire, dipshit.
Anyway, that’s enough feeding the trolls for today. Have a good night, intellectually dishonest hiveminder.
I highly doubt they’re worried about less than the 1% not seeing the obvious meaning of what they said. They’re marketing to the masses, which would very much know and pick up on the “I spy” thing.
That just expands the question: do they not know about other countries?
Many of us have certain connotations with google, and while we know the game in our native language, it’s not the first thing we think about when thinking “Google says: I spy”.
Probably why they published it in English and not your native language so you wouldn’t be confused and think they meant it that way. Too bad somebody will always go the extra step to be offended.
Sorry, I disagree, I don’t make the assumption that they’re considering a statistically insignificant group of people that hate them, or possibly countless other countries when using a well know saying in their marketing.
Are you assuming that Google, which, as far as I’m aware, is an international company providing service to a multilingual userbase, has less than 1% non-native English speaking users?
I mean, I don’t care much how Google advertises itself, even companies I do like sometimes make an unlucky promotion and that’s fine, but I do find the arguments in this comment thread to make some wild assumptions.
What seems like a wild assumption is that an ad in one language would be designed with what another language might think of the ad in mind. Why would a Chinese person care about a Mexican ad for Coca-Cola? You’ve found something to enjoy being upset at.
Are you assuming that Google, which, as far as I’m aware, is an international company providing service to a multilingual userbase, has less than 1% non-native English speaking users?
I’m assuming nothing, nor did I ever say their English speaking data sources are less than 1%. That would be the privacy crowd that would be the ones to take simple marketing using a well known term and go into paranoia about it.
However, if I were to assume anything, it would be that an ad in English, would be geard towards English speakers, not others.
Thx for showing me that. I had no idea. Still to me, someone who lives on the other side of the world opposite of America, to see the phrase “I spy… Do you…” From Google felt a lot like, well, my post says it all.
It also works with opening up the info to anyone, not just you. That’s one of the key issues, even if a trusted party is accessing the info there’s a chance that a malicious party can get access too. Or the trusted party becomes malicious later (government changes, company changes hands, etc.)
People generally don’t want everything in their home live streamed 24/7. If anything it has the potential for abuse, like if someone knows when you’ll be out of home for a few hours
Or use their app on your phone, which will “detect your driving patterns” and adjust your rates accordingly.
But honestly, even without all that, modern cars already have trackers and Internet connections even without your knowledge. (Mine did a couple of impromptu OTA updates for the media center at the beginning. It also has an SOS button on the roof, which you need to be subscribed to use, but can activate the subscription through the button. This implies there is a GPS tracker, as well as a cellular connection).
Provided that the developer can either remove contributed code or seek copyright licences from every contributor it can be done. Whether this did happen or not is unclear, the developer appears a little arrogant about having written the majority of the code, showing little appreciation towards minor contributors. We cannot tell whether the contributors gave permission for their code to be re-licenced or if their code was removed.
Personally, when contributing to GPL projects I would expect that this kind of thing wouldn’t be possible. Using the GPL is a very philosophical choice of licence and is a move to say that you really care about your users
Eventually I think sites will customize every URL for each user.
TikTok is quite sneaky. Sharing from their mobile app, you get: https://www.tiktok.com/t/[9digitCode]/
Only by opening the URL in a browser will you see: https://www.tiktok.com/@[user]/video/[19numerals]?_t=[alphanumericIdentifier]&_r=1…which can be sanitized.
Here’s how they took it a step further too: YCombinator.
Same with Reddit, FB Messenger, Instagram, TikTok… Some of them are harder to spot, like how Reddit now goes reddit.com/r/example/s/8913y4h93
Would be nice if social networks and messengers would automatically strip these parameters.
I started using URLCheck on Android and SO MANY links have some kind of tracker that you can drop and not lose any functionality. Things like Signal (and even Lemmy/Mastodon) could do something similar and throw up a little warning when it encounters a known tracker, then offer to clean the URL for you.
Another advantage is that the clean URLs are a lot more descriptive
I’m using FairEmail on Android. When tapping a link, thr app detects tracking parameters and offers to remove them. I really like that feature and wish other apps would offer something similar.
That was the first place I noticed it, thought it was really smart of them, someone would send me a meme or whatever and it would show their account at the top. Was impressed that they generate so many links, now they can see who knows who so easily
privacy
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.