Melody

Melody , 12 days ago

HAHAHHAHAHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHAHAHAHHAAAA

No.

Melody , 12 days ago

0.00000003% 3 Satoshis of a percent.

Melody , 17 days ago

Why Not Both?

Melody , 17 days ago

Why Not Both?

Melody , 21 days ago

In Short, No.

The Xperia phones are often horrendously locked down and don't provide bootloader unlocks all the time.

I would definitely recommend a Pixel device if you're going to go De-Googling. That, or go select your desired ROM beforehand and buy whatever they support the best. You can find out if you look into Graphene or Calyx or Lineage as examples for which devices they support the best right now. Buy it unlocked, and unlock your bootloader.

Melody , 22 days ago

This is why I use PFSense and Hurricane Electric as a v6 tunnelbroker. I have working functional IPv6 with SLAAC and DHCPv6 and full Routing Advertisements on my LAN running side-by-side so that no matter which the device implements how poorly; it gets an IPv6 address and it works and is protected by the firewall.

Melody , 22 days ago

I get a free /64 and /48 directly from Hurricane Electric using their TunnelBroker and use PFSense to deploy that v6 locally on my LAN. Everything in the house has a v6 and is protected by the necessary firewalling too.

Melody , 22 days ago

I run both because of this; and because SLAAC enables features in Desktop OSes that offer some level of additional privacy.

For example; Windows can do "Temporary IPv6 Addressing" that it will hand out to various applications and browsers. That IPv6 address rotates on a periodic basis; once every 24 hours by default; and can be configured to behave differently depending on your needs via registry keys.

This could for example, allow you to quickly spin up a small application server for something; like a gaming session; and let you use/bind that IPv6 address for it. Once the application stops using it and the time period has elapsed; Windows drops the IP address and statelessly configures itself a new one.

Melody , 21 days ago

I have a /48 that I can basically roll through.

A /64 is more than enough though to prevent most casual attempts at entry; and does force more work / enumeration to be done to break into a network and do damage with. I'm not saying the privacy extensions are the greatest; but they do work to slightly increase the difficulty of tracking and exploitation.

With a /48 or even a /56; I can subdivide things and hand out several /64s to each device too; which would shake up things if tracking expects a /64 explicitly.

I actually use /55s to cordon off blocks inside the /48 that aren't used too. So dialing a random prefix won't help. You'd be surprised how often I get intrusive portsweeps trying to enumerate my /64s this way...and it doesn't work because I'm not subnetting on any standard behavior.

Melody , 29 days ago

So much for using airplane mode to conserve battery.

Your understanding is slightly off.

Airplane mode Does In Fact Turn off your CELLULAR Radio This radio is what powers your (2/3/4/5)G and LTE (This is 4G btw) connection to the cell towers.

Most international radio communications laws can prohibit the use of Cellular Radio in flight; however they often don't prohibit the use of shorter range radio technologies such as WIFI or Bluetooth.

It's all about 'loudness'. Think about it. Your phone must 'scream louder' at a farther away cell tower than it would need to communicate with a nearby WiFi router or a Bluetooth headset.

Melody , 26 days ago

Your comment missed the mark entirely. Please don't reply-guy me; I know what I'm talking about.

Melody , 1 month ago

Now snap some pics of this kitty laying in different places all over this couch; you now have a new meme: Address Space Layout Randomization.

Melody , 1 month ago

Either Linux has no idea what your battery is telling it; or your battery is just...toast.

Let's just hope for your sake it's just a funny linux bug. Replacing specific laptop batteries can be a tremendous pain if you can't find a specific cell that works for your device.

Melody , 1 month ago

I must warn you of the dangers of pushing batteries in a failure state like this though; Lithium batteries can sometimes fail in explosive ways.

Keep an eye on the thermals and don't let it expand or pop on you.

Melody , 1 month ago

You would be surprised how hard it can be sometimes to source batteries due to shipping rules and regulations; as well as the general difficulty surrounding just building your own battery pack...which can end badly if you aren't an electronic engineer or similar professional who knows exactly what they are doing.

Melody , 2 months ago

Unsurprisingly, Brave will try to profit from privacy seeking users...I hope their company dies a horrible financial death.

I've always disliked Brave for their carelessness in pursuing their business needs, adding stupid things like worthless crypto to try to buy out the advertisers and selling out their search indexing to the highest bidder.

Instead of just going the meta-search route by indexing by themselves; spreading out queries to multiple services; caching results; and just providing the results to users privately like a real company offering privacy would; they just gave up and let Bing do all of it.

They could've even negotiated their API usage and allowed for relevant 'in-result list ads' that were clearly marked as Ads without compromising the privacy of their search services to help defray costs of hitting the APIs of bigger players like Google, Yahoo or Bing and allowing advertisements relevant to queries to flow without compromising on user's privacy or letting big advertisers know who's searching what.

Additionally Brave has done a number of other shady things that on the surface might be advertised as helping your privacy; but really isn't. In my opinion they should have hard-abandoned Chromium over Manifest v3 and rebased onto Firefox to keep their browser from becoming less privacy respecting overall.

Melody , 2 months ago

Actually; with the right plugins and configuration...even JS identification can be obscured in Firefox. I've done it before on Windows.

Melody , 2 months ago

Not offering my techniques to the public right now; I kinda blundered on it by tinkering and it does break a metric shit ton of things.

Melody , 2 months ago

I think I can explain some of the "inexplicable creepy" moments you mention here. Note that I'm not advocating for YouTube's favor; I'm just explaining how things tend to work in general.

1. Your spreadsheet seems to contain two key words or terms that are trending in the current year/week/month/day in your area. I wouldn't be too creeped out about this, it's just a lucky guess; Firefox cannot access your clipboard history, nor does it allow websites to do so. Furthermore websites cannot read your clipboard unless you have them focused as the active window and you click on a text field in that web page. Once again Firefox here is protecting you and most browsers behave the same way anyways. They don't get data about clipboard contents at all until they're focused. CAVEAT: If you were using Google Sheets or a spreadsheet application ONLINE that IS IN YOUR BROWSER then we have a different story. For sake of simplicity I assume you are using something like LibreOffice Calc or Microsoft Excel.

2. Second verse, same as the first! Your musical tastes are probably highly similar to many people in your vicinity and Google is using that to suggest content to you. This can even get spookily accurate if it even only knows your gender and age range based on what you watch. RECOMMENDATION: Clear your Watch History and keep it Paused.

3. Discord actually does load the video embed / information from the YouTube API. But unless you're living in SF; this is not linking back to you unless you are clicking on those videos at all. However, if you are loading Discord in your Browser; YouTube might be able to make some weird fingerprinting connections. The solution is simple: Download Discord Desktop and install it...or if you don't like Discord software you can always use Beeper ( https://www.beeper.com/ ) which is slightly more privacy preserving, but has limitations. Alternately you can isolate Discord tabs to a Private Window.

Melody , 2 months ago

Mandatory https://archive.is/Dt8FX link

Melody , 3 months ago

I would argue that federating with either of the biggest companies on the fediverse is a monumentally bad idea.

Not just because of "Reports of genocide" or anything specious like that; which can be debated for days and days on end by people in both good and bad faith; but because both Threads and Meta are simply too large to be moderated correctly and be capable of managing basic issues such as harrassment and extended bouts of hate-speech which should never be considered acceptable; even if you do not necessarily agree with all of the goals and policies of the Fedi Garden; as strict as they are.

Melody , 3 months ago

With that being said; I do fully support an Instance's choice to federate, not federate or even limit their federation with them.

In most cases this should not affect instances; but unfortunately there are people who will ignore all warnings and use the Fedi Garden as a whitelist instead of a list of instances that you know will handle policy violations quickly.

On the other hand I absolutely also respect the needs of communities who ABSOLUTELY, POSITIVELY WILL NOT TOLERATE instances who choose to federate with either X, Threads, or any other instance they deem to be too toxic to play nicely. As instance operators you absolutely have the right to block problems BEFORE they happen, and if you happen to KNOW an instance will absolutely be a HEADACHE, you have every right to say NO. If the users do not like your decision; they are free to find a better instance for themselves; or spin up an alt account on a better instance.

Melody , 3 months ago

Not only did they guess it should be updated; they even left plenty of mechanisms directly in the constitution that allowed for it to be updated radically whenever situations changed so drastically that a supermajority agrees that it should be changed.

Unfortunately that too is the downfall; as those who want to exploit the status quo are also empowered to leverage their money and power to prevent such a majority from taking place. The constitution is far from perfect, and it absolutely should've been amended many hundreds of times over, not just the paltry less than 30 times we've managed to do so already.

Melody , 3 months ago

Personally I think there are possible federal wiretapping laws that might have something to say about a telecom that is offering an E2EE secure phone line to someone who is not on duty as a police officer (cop), federal agent (glowie), or other authorized federal, state or local employee (bureaucrat, with data that has legitimate need to be protected).

That's not even considering the entitled political hand-wringing about terrorists, spies, drug dealers, pedophiles and other so called "EVIL" people who "should not have access to such a powerful tool" because "it's our law enforcement's right to catch them in the act." Unfortunately it's a nuanced problem and we can't wave away all of that hand-wringing, even if we think most of it is dramatic and performative. They do have some points.

But...even if we were to suppose for a moment that all of the above issues are not a problem... because something likely happened to wake people up to the need for privacy...we would be facing an entirely new set of technical challenges to hurdle over.

As our current cell networks are structured; we would need to deploy cell phones with phone numbers that do not typically allow routing of outbound unencrypted calls...instead all phone calls would need to be routed over cellular data (AKA LTE or 5G). These calls could definitely be nominally routed by an existing application such as Signal and would require that remote recipients also install the Signal app to receive encrypted calls.

Essentially you'd have a phone which is a Data+SMS only line with a phone number for ease of access. You wouldn't be able to make outbound unencrypted calls or send SMS messages except to emergency services.

Melody , 4 months ago

I'm sorry to say; but that feature genuinely does not seem to exist in any Open Source PDF reading/editing application.

Melody , 4 months ago

and I read various posts they said that this app spy location and do lot of other stuff.

The source(s) you heard these things from are blatant misinformation. They fail to correctly understand the technology; which is "Federated Learning". Basically it's a form of AI training that obscures the data from the operator(s) so that it cannot be read, but the AI can learn from it privately. Bits and pieces of work are assigned to devices to "train" the AI privately, on the device using it's AI focused hardware. Your device never allows your data to leave the device; even if your data is used to train the AI.

I tried to disable it but it again activates when I restart phone?

This is a core system component of Android and you cannot disable it. It is the core function of Android System Intelligence module. The Private Compute Services is what is allowed to read your data; and if you've not opted out, can train bits of AI on your data without revealing or sharing that data to anyone. I repeat, your data does not leave the device, it is only used as training material. Yes, that has some privacy implications that they do try to address.

Please see this comic first: https://federated.withgoogle.com/

and then feel free to read up on Wikipedia about it to learn more.
https://en.wikipedia.org/wiki/Federated_learning

In Android 14, at least on a Pixel, it's possible to opt out of these functions easily in Settings > Security & Privacy > More Security & Privacy. Similarly this menu can also "forget" everything your device has "learned" locally about your data and habits...which might help you with battery drain issues.

Melody , 4 months ago

Please do not spread misinformation. Instead read this comic: https://federated.withgoogle.com/ and look at the wikipedia article to learn how this works. https://en.wikipedia.org/wiki/Federated_learning

Melody , 4 months ago

No ROM exists without it. This is a core part of AOSP.

Melody , 4 months ago

Might help; but this is a nuclear approach which will just kill all data when all you needed to to was make it forget what it learned in the settings.

Melody , 4 months ago

That is a valid stance and feeling to have; and you can in fact turn off and opt out of the AI features in Android to reduce the issue to a non-issue.

Melody , 4 months ago

Officially; No.

Informally; there's a few mods of the stock Discord client; however they're all closed source because they cannot possibly be fully open source as the stock Discord client is Closed Source.

Basically; alternatives exist; However they are not FOSS, FLOSS, OS or even fully Source Available.

Beeper exists but this is not strictly a Discord-only client and it is not fully Open Source; as some client/server code is only "Source Available". Beeper is also not fully "Free"; unless you self-host it. Furthermore access to Beeper is heavily join-gated. You will have to source an invitation code from someone you know. (No, I will not provide one.)

If you do get invited to Beeper; use Beeper Cloud, and be aware that iMessage integration does not work.

Melody , 4 months ago

Just because it "Works For Me!" does not mean it will work.

Beeper very much does not currently allow new users to access the functioning legacy iMessage infrastructure; and Apple itself is making it impractical as well.

From the Beeper Community chatroom on Matrix:

---

[iMessage] Important Notice.

Beeper no longer provides support for iMessage-related issues.

It has become known that Apple has targeted users of legitimate Mac computers for using Beeper to generate iMessage registration data. Beeper has commented about this situation on Twitter/X here and coverage of this issue has been reported in the New York Times here.

As a result of this media pressure, many of those affected have been successful in having their hardware bans lifted. If you are still affected by a ban that you believe is related to generating a registration code on a Mac computer to use iMessage through Beeper please report it to Beeper Help here and please contact Apple Support as well.

As of this time Beeper has removed support for iMessage from Beeper Cloud due to Apple's actions. It is suggested that those still using registration data generated from a Mac computer to access iMessage through Beeper delete their existing iMessage bridge in Beeper Cloud.

For any further questions related to iMessage please visit our helpful Discord community.

Melody , 5 months ago

Yeah you can always take a hex hash output and convert it to Base64...which does conpress it significantly. Apply LZ Compression and boom.

Melody , 5 months ago

You didn't convert a hex number into Base64, you Base64 encoded the hex string.

TL;DR, you used the wrong tool.

Melody , 5 months ago

https://ciphereditor.com/share#blueprint=eyJ0eXBlIjoiYmx1ZXByaW50IiwicHJvZ3JhbSI6eyJ0eXBlIjoicHJvZ3JhbSIsIm9mZnNldCI6eyJ4IjozMjQsInkiOjB9LCJmcmFtZSI6eyJ4IjotMTYwLCJ5IjotOTYsIndpZHRoIjozMjAsImhlaWdodCI6MTkyfSwiY2hpbGRyZW4iOlt7InR5cGUiOiJwcm9ncmFtIiwib2Zmc2V0Ijp7IngiOjAsInkiOi0yMDR9LCJmcmFtZSI6eyJ4IjoxNjMsInkiOi05NSwid2lkdGgiOjMyMCwiaGVpZ2h0Ijo0OH0sImxhYmVsIjoiSGFzaCBCYXNlNjQiLCJjaGlsZHJlbiI6W3sidHlwZSI6Im9wZXJhdGlvbiIsIm5hbWUiOiJAY2lwaGVyZWRpdG9yL2V4dGVuc2lvbi1oYXNoL2hhc2giLCJleHRlbnNpb25VcmwiOiJodHRwczovL2Nkbi5jaXBoZXJlZGl0b3IuY29tL2V4dGVuc2lvbnMvQGNpcGhlcmVkaXRvci9leHRlbnNpb24taGFzaC8xLjAuMC1hbHBoYS4xL2V4dGVuc2lvbi5qcyIsInByaW9yaXR5Q29udHJvbE5hbWVzIjpbImhhc2giLCJhbGdvcml0aG0iLCJtZXNzYWdlIl0sImZyYW1lIjp7IngiOi02MDksInkiOi00NjIsIndpZHRoIjozMjAsImhlaWdodCI6NDcwfSwiaW5pdGlhbEV4ZWN1dGlvbiI6dHJ1ZSwiY29udHJvbHMiOnsibWVzc2FnZSI6eyJ2aXNpYmlsaXR5IjoiZXhwYW5kZWQifSwiYWxnb3JpdGhtIjp7InZhbHVlIjoic2hhMy01MTIiLCJ2aXNpYmlsaXR5IjoiZXhwYW5kZWQifSwiaGFzaCI6eyJpZCI6IjYiLCJ2YWx1ZSI6eyJ0eXBlIjoiYnl0ZXMiLCJkYXRhIjoiTkRBNFpEazBNemcwTWpFMlpqZzVNR1ptTjJFd1l6TTFNamhsT0dKbFpERmxNR0l3TVRZeU1RPT0ifSwidmlzaWJpbGl0eSI6ImV4cGFuZGVkIn19fSx7InR5cGUiOiJvcGVyYXRpb24iLCJuYW1lIjoiQGNpcGhlcmVkaXRvci9leHRlbnNpb24tZXNzZW50aWFscy9iaW5hcnktdG8tdGV4dCIsImV4dGVuc2lvblVybCI6Imh0dHBzOi8vY2RuLmNpcGhlcmVkaXRvci5jb20vZXh0ZW5zaW9ucy9AY2lwaGVyZWRpdG9yL2V4dGVuc2lvbi1lc3NlbnRpYWxzLzEuMC4wLWFscGhhLjEvZXh0ZW5zaW9uLmpzIiwicHJpb3JpdHlDb250cm9sTmFtZXMiOlsiZGF0YSIsImFscGhhYmV0IiwicGFkZGluZyIsImVuY29kZWREYXRhIl0sImZyYW1lIjp7IngiOi0xNTgsInkiOi00NzAsIndpZHRoIjozMjAsImhlaWdodCI6NTY2fSwiaW5pdGlhbEV4ZWN1dGlvbiI6dHJ1ZSwiY29udHJvbHMiOnsiZGF0YSI6eyJpZCI6IjkiLCJ2YWx1ZSI6eyJ0eXBlIjoiYnl0ZXMiLCJkYXRhIjoiTkRBNFpEazBNemcwTWpFMlpqZzVNR1ptTjJFd1l6TTFNamhsT0dKbFpERmxNR0l3TVRZeU1RPT0ifSwidmlzaWJpbGl0eSI6ImV4cGFuZGVkIn0sImFscGhhYmV0Ijp7InZpc2liaWxpdHkiOiJleHBhbmRlZCJ9LCJwYWRkaW5nIjp7InZpc2liaWxpdHkiOiJleHBhbmRlZCJ9LCJlbmNvZGVkRGF0YSI6eyJ2aXNpYmlsaXR5IjoiZXhwYW5kZWQifX19LHsidHlwZSI6InZhcmlhYmxlIiwiYXR0YWNobWVudHMiOlsiOSIsIjYiXX1dfV19fQ

Melody , 5 months ago

I wouldn't consider them that terribly biased personally; as their livelihood (Money) is put into shorting whatever company is being reported on (Mouth). Literally they put their money where their mouth is...and if they make a horrible mistake in reading a company going under and doing really shady things; they're going to basically go out themselves pretty quickly and lose a lot of credibility in the process.

Is it maybe a little scummy? Yes. But as they're calling out scumbags anyways; it looks more like a legitimate application of "taking a scammer to know a scammer". It's better that they're legitimately profiting from calling out companies that are cheating everyone and reporting on it to benefit the public in the process.

Melody , 5 months ago

There's always been an invisible 4th dimensional peg that's not talked about in most USB-A connectors, and you are required to flip your plug around so many times to get it in to the correct position.

Some of us have that inherent knack to sense the 4th dimensional peg without perceiving it...and thus we do not have this struggle. Meanwhile others completely lack intuition of the aforementioned 4th dimension and struggle endlessly with that peg.

</humor>

Melody , 5 months ago

Search through your settings for a "Quick Pair" or "Fast Pair" option. Turn it OFF. Do not leave it turned on except during times when you're wanting to use a known device you've bought new that supports the feature.

Turn the feature off when not setting up new devices to work with other devices.

Melody , 6 months ago

We need some mad genius to crack Widevine and make a plugin that works for Linux.

It's going to have to be restricted-source, but hey, honestly we need to break Google's stranglehold anyways.

Melody , 8 months ago

Or the opposite:

mysterytool -h

     -h unrecognized option, --help for help

Both need to burn.

Melody , 10 months ago

While I'm usually all for that sort of consequence to happen to someone who is legitimately being gross or creepy; I don't think they should've actually fired her. Legitimately it should've been a stern warning and a request to apologize for the statement at worst.

Do I think it was a good idea to tweet it? Of course not. Was it unprofessional? Probably. I guess it depends on if the tweet or statement was made IRL or on Twitter via an alternate account.

Melody , 11 months ago

There are So many issues/inconsistencies with this laundry list of "Problems".

Nefarious History of DDG founder & CEO:

• Every link under this header is effectively broken except the wikipedia link.
• Yes; onion links count as broken my friend. You need to link the clearweb version too for our clearweb using readers. Furthermore it is more difficult for the casual reader to verify that the server they arrive on when they use an onion link is actually the source it claims to be coming from. (Because TOR onions do anonymize locations)

Direct Privacy Abuse:

• Link is broken; onions don't resolve on clearweb

• Reaction link is broken (timeout)

• this is a good testable procedure to show your concerns

• four year old source that seems to heavily imply that this is just normal use of the Canvas API for layout purposes. source questionable; as it is not a typical tech news focused reporting outlet.

• The FAQ states why certain engines are not included with the browser but I see no hard refusal language. They do call it out that the relevant providers went silent when asked how things work and offer this as the reason why they have not yet chosen to include them. It's entirely possible that if the companies explained their ad-tech to Epic team's satisfaction they might consider the partnership. We know they probably won't explain that tech; but the possibility exists based on this document alone.

• This is probably a reasonable source; and if this isn't ever printed in English or made available in English ever; I can understand. However the lack of an English language version of this source could be frustrating. I did run it through translate and verify the claim though it's just one line in a newsletter.

Censorship

• This entire header is irrelevant. DuckDuckGo isn't specifically censoring the content. However; downstream search engines such as Google and Yahoo definitely ARE and DDG is returning what they do.
• No, they are not complicit in censorship by doing this; they are just as affected by it as you and I are and are working with the data they can obtain.
• Censorship requires specific action to suppress information and it is not evident that DDG is doing so in the example provided in the source links.

Cloudflare

• The reasons under this header are also irrelevant. These are nasty things that Cloudflare is doing. Go yell at Cloudflare.
• I'd suspect that DDG didn't do their homework on Cloudflare; but the alternatives to Cloudflare are simply not large at all; and may have been more costly.
• Not defending their choice to go with Cloudflare but; Cloudflare does have a rather absurd near-monopoly on the kinds of services they can provide.
• Show me a viable alternative to Cloudflare that meets your privacy model. I'd love to learn about one.

Harmful Partnerships with Adversaries of Privacy Seekers:

• Once again you're listing things that other companies have explicitly done. Everything under this header is largely irrelevant
• Amazon & AWS: a large number of FLOSS projects use it or provide binaries and containers you can run (for/on) it.
• Microsoft: like it or not they have to work with, around, near them; they provide Bing.
• Yahoo/Oath: Same as Microsoft they provide a search engine.
• DDG is one part "Metasearch Engine" and one part "Search Engine" in that they do also crawl the web to augment their results.

Advertising Abuses & Corruption:

• All of this lacks any usable sources or proof.

• Your one link is an onion; which is not a usable source link.

• The IRC logs provided appear to be missing a truckload of context and IRC logs never really do provide solid prove as they can be edited/cherrypicked to show/support your argument.

• The provided logs do only show ChanServ making a ban.

• IRC channels such as this one are notorious for being highly focused on their specific topic as they state in their rules.

• Your apparent ban in that channel Does not mean they are censoring you; but it does mean you barged into their IRC channel, probably without reading their rules carefully, and got banned for breaking those rules.

• As someone who has sit in channels like that on OFTC and even Freenode before the splits happened for 20ish years; I can assert that your communication style was not civil to the standards of that channel. Joining an IRC channel to yell at project maintainers is never going to earn you anything more than a ban if their channel is actually monitored or moderated.

• I may not have been there myself; but I know that is how things are typically done on IRC in general.