Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

FutileRecipe

@FutileRecipe@lemmy.world

This profile is from a federated server and may be incomplete. Browse more on the original instance.

FutileRecipe ,

Do they all really? I know GrapheneOS does, and I think DivestOS even says "use my OS to stay as up to date as possible, but if you have a current/supported Pixel, use GrapheneOS instead for superior security." But I don't recall other OSes really going "we're more secure than GrapheneOS and here's why."

FutileRecipe ,

But generally I'm not a fan of the stuff I've heard and read about the Nostr protocol so far.

Can you elaborate?

FutileRecipe ,

It's doomed to become a nazi bar...you can just go to an instance with admins you trust better or make your own instance

Ok, how is that different than Nostr? Don't like your Lemmy instance admins rolling against your Nazi views? Join a different instance. Nazi sympathetic instance gets defederated by everyone else? Make your own instance.

FutileRecipe ,

Yeah billy should be build IUDs not 3d printed guns

I see the /s but...The Ukraine war videos don't show how to build IEDs, though. And even if they did, who would the parents sue? Ukraine, a nation at war? As opposed to 3D printed guns show you how to make them, and you could try to sue the gun company who it belongs to. And YouTube in both cases.

we didn't do a good job transitioning from religious to secular values in that way.

A lot of religions were founded on and/or expanded by violence (Pilgrims to America, Knights Templar, Spanish Inquisition, etc), so I don't remotely think "religious to secular" is the reason.

FutileRecipe ,

Other than Google pay...

Google Pay's Tap to Pay does not work on GrapheneOS.

FutileRecipe ,

Startpage, which is still recommended over at privacyguides.org

For now. There is an open pull request to remove it due to Startpage fingerprinting users (I didn't delve into it to see if it's true, but that was the reason given). And just because it's been suggested doesn't mean it will be removed, so time will till.

https://github.com/privacyguides/privacyguides.org/pull/2577

FutileRecipe ,

So is bullshitting. More so, only human minds can bullshit.

And a bull's anus.

FutileRecipe ,

This chud uploaded potentially sensitive information to a public service.

A bill draft, which eventually/maybe gets signed and is public by its very nature is sensitive?

People really need education on how to intelligently use these services.

Agreed on principle, but I don't see how what he did was wrong...other than calling ChatGPT a subject matter expert.

FutileRecipe ,

Is there a Lemmy community like R4R? If there is, I can't find one.

Just did a search, and there are 3 with none active.

https://lemmy.world/pictrs/image/5921004b-ba76-4117-8beb-3aaf5d38c492.png

FutileRecipe ,

We need hardware requirements so that not just pixel phones can get grapheneOS.

GOS has strict hardware requirements to increase security that currently only Pixels meet. They won't, and shouldn't, compromise their standards which would give you a weaker OS. Want GOS on other vendors? Convince those vendors to up their hardware game.

FutileRecipe ,

Unfortunately the fact that NFC can't be used on anything that's rooted anymore is kind of a deal breaker.

NFC can be used on GOS, and they frown on rooting.

If I could use google pay and my normal banking apps with GrapheneOS I would switch to it today.

It's due to PlayIntegrity API wanting a "Google certified OS," which is ironically less secure than hardware attestation that GOS supports. I doubt Google would change their model, but your bank might. Some banks do support GOS, and they have changed at the request of their customers before. Send them the GOS documentation and you might get lucky.

https://grapheneos.org/articles/attestation-compatibility-guide

[Thread, post or comment was deleted by the author]

    •
    FutileRecipe ,

    case in point: people still use twitter.

    And WhatsApp over Signal/Molly.

    FutileRecipe ,

    The ending period? Not for me on Voyager.

    FutileRecipe ,

    Sounds to me like you need an upgrade. I tried Jerboa, but it felt like it always lagged behind or was buggy for some reason. Then I switched to Voyager, which gets constant updates. Also, it's a PWA, so I don't need an app and it can thus be used on mobile, tablet, desktop, etc. Not to mention the theming is one of the best, in my opinion.

    FutileRecipe ,

    Even their server codes are publicly available

    Last I checked, their provided server code lags behind their production server, so you rarely get to see the current version. However, that's kinda the point of E2EE, is you don't have to trust the server.

    FutileRecipe ,

    I don't know, sounds reasonable chief.

    They want to talk to everyone so they're blocking someone/anyone? That does not sound logical. If that instance defederates, all that person has to do is just not use them as their home instance. They're saying they want to talk to everyone, but they're going out of their way to not do so (by blocking an instance, for whatever reason). Makes no sense to me.

    FutileRecipe , (edited )

    Out of curiosity, can you link where Proton said they don't have the user's recovery email, that the users themselves attached to their Proton account?

    FutileRecipe ,

    I have left, I just view Reddit...

    So you haven't left Reddit. Like saying you left Google but still Google search without logging in.

    FutileRecipe ,

    Nobody is doing that now, with regular money, either.

    I think it's more for ACH between banks as well as some banks have limits. Also, a government literally stepped in to actively block people's accounts. Just because you can swipe your card and buy a soda, doesn't mean there aren't restrictions or people being blocked.

    Deputy Prime Minister Chrystia Freeland said Thursday financial institutions have moved quickly to freeze the accounts of people linked to the demonstrations in Ottawa, leaving an unknown number of protesters in financial limbo

    https://www.cbc.ca/news/politics/ottawa-protests-frozen-bank-accounts-1.6355396

    FutileRecipe ,

    But even if I have a server, I'll have to have my own separate Internet if I really want to be able to pay unrestrictedly.

    Separate Internet? I mean, yes, you do need Internet. Not sure what you mean by "separate." And you don't need a server (node), though they are handy for privacy. You could choose one that is reputable.

    Otherwise the government would just shut down my internet connection, right?

    If they knew where it/your Internet was. All you really need is your phone or PC. You could use a cafe or library or cell tower or etc.

    FutileRecipe ,

    Yes, you need an Internet connection at some point. This can be a cafe, a library, an office, your house, friend's house, etc. As for controlled by the government, well, that depends on your country.

    Worst case, if possible, you can move countries. I understand that might not be feasible, but my point is, you can move countries to escape the government and Internet restrictions. But the government locks your account/bank? Moving countries doesn't fix that, and you're locked out of any money you had there.

    FutileRecipe ,

    when humans were asked to solve distorted text CAPTCHAs, they were able to solve them in 9 to 15 seconds...and were only able to get the answer correctly 50-84% of the time....bots taking the same texts were able to answer the same tests in less than a second, and they were able to do it more accurately — 99.8% accurately, specifically.

    https://www.pcmag.com/news/bots-better-at-solving-captchas-than-humans

    FutileRecipe , (edited )

    Why isn't Rumble an option?

    For most people who refuse to use it, it's probably because they view it as more a haven for extremism and hate speech, as it seems to have made its niche by allowing those who were banned elsewhere (not always a bad thing...depends on offense).

    Most of Rumble’s prominent accounts are run by individuals, not organizations, and about a quarter have been banned or demonetized on other social media sites. The Center’s study examined 200 prominent accounts on Rumble, selected from those with the most followers. As of June 2022, about eight-in-ten accounts (78%) were individuals while 21% were organizations. About a fifth of these prominent Rumble accounts (22%) have been banned or demonetized on other platforms.

    Guns, abortion and LGBTQ issues were among the subjects that prominent Rumble accounts focused on in June 2022. A review of posts from these 200 prominent Rumble accounts found that about half posted about guns and gun rights (49%) or abortion (48%), 44% posted about LGBTQ issues, and 42% posted about the Jan. 6 attack on the U.S. Capitol. These posts came amid widespread discussion of major events and issues that were regularly covered in the news at the time.

    https://www.pewresearch.org/short-reads/2022/12/21/key-facts-about-rumble/

    Israel using Meta's WhatsApp to kill Palestinians in Gaza through AI system (www.middleeastmonitor.com)

    According to software engineer and blogger, Paul Biggar, however, one key detail on the methods employed by the Lavender system that is often overlooked is the involvement of the messaging platform, WhatsApp. A major determining factor of the system’s identification is simply if an individual is in a WhatsApp group containing...

    FutileRecipe ,

    For like the past decade. I'm guessing you don't have a WhatsApp account? When I had one for work (I used a disposable number) the splash screen on app launch had "by Meta" and the settings had "by Meta" at the bottom. Might've been a couple other spots but I remember those two.

    FutileRecipe ,

    That's not correct. It just says not recognized, and let's you try again. I just tested it. Do you have documentation that it should work the way you said and mine is faulty?

    Safest way of using WeChat

    I live in Canada. My girlfriend is Chinese (also living in Canada), and while we are able to communicate via SMS, her mobile carrier isn't the best, and so there have often been issues for us with regular texting. She expressed a strong preference to use WeChat, at least as a backup option for when texting fails us. While I...

    FutileRecipe ,

    See Exodus...

    Hard for me to take anything they say seriously when they say Facebook does not contain any trackers:

    We have not found code signature of any tracker we know in the application.

    https://reports.exodus-privacy.eu.org/en/reports/com.facebook.katana/latest/

    Edit: I'm not saying WeChat is clean, just that I don't exactly trust Exodus for tracker reporting.

    FutileRecipe ,

    Isn't there some overlap between NAT, DHCP and DNS, they feel like they should be the same thing?

    Absolutely no overlap. Now, can a conventional home router do all those? Typically NAT and DHCP, but not too often DNS (except to point at a real DNS). That's like saying "isn't there overlap between milk and eggs? I mean, sure, they deal with animals and stored in the fridge, but used for different purposes."

    Because DHCP is assigning IP addresses, DNS is looking up IP addresses and NAT is saying that IP address points there 👉🏾

    Sure, they deal with IP addresses and some devices (home routers) can do 2-3 of those fuctions, but that doesn't mean they overlap. I can read a book (IP) and my book (IP) can be stored in a book bag or on a book shelf, but that doesn't mean myself, the bookbag, and the bookshelf overlap.

    FutileRecipe ,

    win10's dying next year?

    Windows 10 reaches End of Support on October 14, 2025, unless you opt for the paid Extended Security Updates (ESU) program (prices not released, that I saw), which some businesses with "legacy" apps do.

    https://learn.microsoft.com/en-us/lifecycle/faq/windows#what-options-do-i-have-for-continuing-to-use-versions-of-windows-10-that-reach-end-of-support-on-october-14--2025-

    FutileRecipe ,

    man stars at you in public? Or, is starring at you? That sounds like some kind of situation in which you could probably call the cops.

    Staring is illegal?

    FutileRecipe , (edited )

    It's super uncomfortable.

    I absolutely get that, but I just didn't think it was illegal or worth calling the cops for, which the person I replied to said should happen. But maybe I'm being naive.

    FutileRecipe ,

    It takes Googles results and filters out the crap and orders results differently...

    It uses more than just Google's, FYI.

    https://help.kagi.com/kagi/search-details/search-sources.html

    FutileRecipe ,

    but if I'm going to pay for search it's something like Perplexity.

    Generative AI search engine Perplexity, which claims to be a Google competitor and recently snagged a $73.6 million Series B funding from investors like Jeff Bezos, is going to start selling ads, the company told ADWEEK....“Advertising was always part of how we’re going to build a great business,” said Shevelenko.

    https://www.adweek.com/media/gen-ai-search-engine-perplexity-has-a-plan-to-sell-ads/

    FutileRecipe ,

    my main workhorse.

    I see what you did there.

    FutileRecipe ,

    Sounds very similar to Safing Privacy Network. They route different applications across nodes (Tor-esque).

    https://lemmy.world/pictrs/image/75549281-786f-4151-b027-7d8bddd4e4b8.png

    FutileRecipe ,

    So, scrub my papers for alliteration. Thanks for the tip.

    FutileRecipe ,

    No adblocker built in

    They actually added a basic content blocker back in mid February, and plan on improving it over time:

    Github source: https://github.com/GrapheneOS/Vanadium/releases/tag/122.0.6261.43.1

    Discussion forum: https://discuss.grapheneos.org/d/11000-vanadium-version-12206261431-released

    FutileRecipe ,

    It depends on whether you need Google services or not.

    I would get a Pixel with GrapheneOS regardless of if you need Google or not. Graphene does a lot more than just sandbox the Play Store.

    https://grapheneos.org/features#grapheneos

    FutileRecipe ,

    From what I understand, NewPipe has been abandoned...

    That's completely incorrect. From NewPipe's Github:

    We are planning to rewrite large chunks of the codebase, to bring about a new, modern and stable NewPipe. Please do not open pull requests for new features now, only bugfix PRs will be accepted.

    ...and someone else forked it to Tubular which includes SponsorBlock.

    polymorphicshade "stopped" development on their fork of NewPipe, which included SponsorBlock (because NewPipe did not want to include it) and started working on their rewrite of their own fork and/or NewPipe, which is now Tubular.

    FutileRecipe ,

    Mobile Fennec (or pick your poison for any Firefox fork)...

    I can't get behind Android Firefox/Gecko-based due to their lack of security:

    Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn't have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn't happening for their Android browser yet.

    Ref: https://grapheneos.org/usage#web-browsing

    FutileRecipe ,

    okay with shouldering the security risk

    To me, that depends on what you use the phone for. I sometimes use mine for banking as well as logging into various sites, so I want to reasonably minimize the security risk I am taking. If I wasn't, then sure.

    FutileRecipe ,

    After following your Github link, I found my way to the blog post that it looks like you are quoting

    You mean the quote block where I said it was undergoing a large rewrite and don't submit any feature PRs? That was actually the first two sentences of the README.md on the TeamNewPipe GitHub link I gave lol.

    FutileRecipe , (edited )

    Gecko-based browsers are, what, 1% of the browser market?

    Last I checked, Firefox was close to 3%, but you right, still not a large number.

    Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that's for sure.

    It doesn't have to attract the most attackers, especially if it is notoriously weak. You shouldn't choose software that is easier to exploit simply because it's more obscure. Do you also choose weaker encryption algorithms because no one uses them? I sure hope not.

    And your comment would probably ring a little more true, except we just had the xz debacle, and guess how much Linux has of a market share? Probably close to Firefox's, both in the single digits.

    FutileRecipe ,
    • Mainstream cloud storage providers like Google Drive and iCloud have access to users' files, posing privacy and security risks.
    • Nextcloud is the preferred secure cloud storage option, but has drawbacks like the need for technical expertise to self-host and issues with end-to-end encryption.
    • Filen is a user-friendly secure cloud storage option, but has some concerns around encryption implementation.
    • Mega offers a large free storage plan, but has had past security issues and controversies.
    • Proton's secure cloud storage is part of their broader privacy-focused ecosystem, but has some app and feature inconsistencies.
    • Cryptomator is a useful tool to add an extra layer of encryption to any cloud storage service.
    • Apple's Advanced Data Protection is a proprietary solution that lacks transparency compared to open-source alternatives.
    • It's important to weigh the risks versus benefits when choosing a cloud storage provider based on the sensitivity of the data.
    • Switching to a more secure and privacy-focused cloud storage option is worthwhile, even for non-sensitive data.
    • The article encourages users to take steps to improve their cloud storage privacy and security, rather than relying on mainstream providers by default.

    Courtesy of Kagi's Universal Summarizer's Key Moments.

    FutileRecipe ,

    Could you show us a few not so biased news sources? I suppose this will also vary wildly by topic. A news outlet might be narrative/propaganda driven on one topic, but not about another.

    Have you heard of Ground News? It's basically a news aggregator that shows multiple stories on the same event, but with a bias rating and a factuality score, as well as a ownership category. Also, a blindspot category which shows articles being shown predominantly by one side and not the other.

    The Ground News bias ratings are calculated using three independent news monitoring organizations: All SidesAd Fontes Media, and Media Bias Fact Check. This score does not measure the bias of specific news articles. It is an assessment of the political bias of the publication. The rating takes into consideration things like the wording, story choices and political affiliation of the outlet.

    FutileRecipe ,

    Unfortunately, not to my knowledge. Cheapest is $9.99/year.

    FutileRecipe ,

    maybe $1. That's way more than the ad revenue search engines get

    And where did you come up with this info? Source? Do you really think that search engine ad revenue (for the engine itself, not what one measly advertiser gets back) tops out at "way below" $1 per person?

    In 2023, Google's ad search revenue amounted to 175 billion U.S. dollars.

    FutileRecipe ,

    As you said, it's hard to calculate an exact number. But if you think your search results are only worth $1/month, that's up to you to determine. I know if I was an ad-broker or profiler, I'd pay more than $1/month/person as that's valuable information, in my opinion. And Kagi is worth much more than that to me. Proton theorizes:

    If Google Search market share is also 90% in the US, that’s over 274 million people using Google, and the company earns $393 per year from each of them.

    Ref: https://proton.me/blog/what-is-your-data-worth

    FutileRecipe ,

    You don’t need a video camera pointed out towards the public 24/7.

    Depends on where you live. Being notified of packages at your door is handy before they get stolen.

    And being able to see who knocks on your door is also handy without exposing your eye to the tiny (and glass) peephole.

    As well as being able to see who approaches when you're not even there.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • incremental_games
  • meta
  • All magazines
    •