Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

refalo

@refalo@programming.dev

This profile is from a federated server and may be incomplete. Browse more on the original instance.

refalo ,

Anki?

Encrypted services Apple, Proton and Wire helped Spanish police identify activist | TechCrunch (techcrunch.com)

By the way, the earlier posted article https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain had an update starting at the paragraph with title Update: Statement from Proton and additional commentary

refalo ,

Are you suggesting they didn't do those things? Good info either way.

Also there IS another alternative, the lavabit way... just go out of business /s

refalo ,

They are not going to shut everythin’ down just for a few people

Although lavabit did...

refalo ,

Most women I know also feel the same way i.e. they don't want multiple partners but their boyfriend does

refalo ,

wait until part 2 of git class where they use the MASTER branch

refalo ,

Corporations: laughs in DoH/DoT

(or even static IP)

refalo ,

yea just wait until they find out why the first digital computer was made:

ENIAC was designed by John Mauchly and J. Presper Eckert to calculate artillery firing tables for the United States Army's Ballistic Research Laboratory (which later became a part of the Army Research Laboratory). However, its first program was a study of the feasibility of the thermonuclear weapon.

refalo ,

That may be true, but wake me up when they capture 0.5% of the messaging app market :)

refalo ,

lmao

refalo ,

Are you sure you're taking enough?

refalo ,

Yes

refalo ,

There are absolutely devices that can do this already.

We even have Android eink phones now.

refalo ,

reMarkable 2

Kindle Scribe

Supernote A6X (Android)

Onyx Boox Note Air 3 (Android)

Onyx Boox Tab Ultra (Android)

Kobo Elipsa

Lenovo Smart Paper (Android)

Bigme (Android)

Huawei MatePad Paper (Android)

Why every TOTP app default uses SHA-1 hash encryption?

I use Aegis as my 2fa. Today on new token creation I observed that there's hash function set to SHA-1, later checked all my tokens and the result is same type of encryption used for all. So I have edited all my tokens to SHA-256 as a result my totp doesn't authenticate. Do I have to rescan my tokens for updating to SHA-256 or...

refalo ,

It's up to every individual website to use whatever specific type of hash function they want, so absent of really technical users that know how to change the cipher, they all just default to SHA-1 for maximum compatibility.

refalo ,

correct

refalo ,

What is your definition of gouging

refalo ,

don't forget the unbranded Chinesium calipers.

Mitutoyo or bust.

refalo ,

who remembers their passwords

just remember one master password for everything, totally secure bro

what

refalo ,

I have to think there's a bigger reason why telling them about it doesn't magically fix anything... I mean "if they were smart" they'd already be using it anyway, but because of "not smart", they also won't switch either.

refalo ,

I think one of the most important things people should consider when discussing or deciding to improve your privacy is to first define your threat model. In other words, what is it you want to protect exactly? What are you worried about? Because there are some things that just can't be done realistically, or things one person might take as a requirement that really doesn't matter to the next person, sometimes for surprising reasons.

For example if you're worried about three letter agencies doing something, well, sorry to say but you're probably screwed if you're reading this.

If you want to be able to browse online 100% anonymously, that's also extremely difficult (and some say impossible, cough creepjs) even for the smartest people.

If you're worried about companies and advertisers selling your data, I think there's a lot more you can do to mitigate this than the above things. But some will still argue even going outside at all, having a job, or spending money on things can be a big threat to that too.

Basically decide on what things you actually care about, and start there vs just reading randomdude.com's "subjective guide to privacy 101".

refalo ,

does not make sense

Define sense... are we talking linguist nerd sense or common casual conversation sense? Because one holds true and the other does not.

refalo ,

I wasn't confused about plural vs singular though. I meant it exactly the way I wrote it

refalo ,

why say many word when few word do trick

refalo ,

Japan wouldn't know real ham if it oinked in their face.

The best thing you can get over there is "raw ham" like prosciutto which is disgusting to me.

Good, crispy bacon is also completely foreign to them. Although Costco does sell some imported American stuff.

refalo ,

it's compromised (explicitly part of PRISM). nice try FBI shill

refalo ,

woosh

refalo ,

crickets

refalo ,

You would hate LibreJS.

refalo ,

Apparently it's (by default) everything that doesn't explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.

What if they did this with HTML too? :p

refalo ,

where is the line drawn though, and who gets to decide?

MANY people say "html code" even if you consider that wrong.

Is a shell script or python "code"? Because it doesn't directly translate to machine code?

See what I'm getting at?

refalo ,

They also openly use youtube for distributing passwords and pastebin links to such content. I have seen multiple channels from a specific country (starts with I) that does this, sometimes going so far as to flash a single letter of the password at a time throughout innocent-looking childrens videos, with the encrypted pastebin link on the last video that requires the full password to unlock. Some others on a site I will not name have been trying to report these channels for several days (they have actually been operating for years with millions of views) but youtube isn't doing anything. Only company who has done anything was mediafire for removing some actual content.

refalo ,

Apple

something something altstore

refalo ,

You: thinking they weren't already tracking you by a zillion other means including wifi/bt and cellular triangulation

Me: google-free wifi-only phone with all radios/mic/camera physically disconnected unless I need something specific

HDMI stream live processing?

I’m getting tired of the extremely loud ads on that don’t seem to be subject to the old TV broadcasting laws that prevent them from being blasted 10db louder than the actual content. Wondering if there’s stuff out there that would let me take the hdmi stream from my Apple TV or other streaming source, and do ad detection...

refalo ,

take the hdmi stream from my Apple TV

I think there's two big obstacles here: HDCP and processing power. Most legal devices you can buy will not support simply handing over HDCP-unecrypted raw frames for you to mess with as that defeats the whole point of HDCP.

But even if you get past that, you're going to need at least a very high speed FPGA or ASIC, optionally also connected to a reasonably high-end PC, in order to be able to modify the stream in real-time and send it back out... certainly no current rpi can do this in even 1080p in real-time, and many devices now are going to 4k and beyond.

refalo ,

Yes those are FPGA/ASIC based solutions like I mentioned. That should work for 1080p at least, but getting to 4k is still prohibitively expensive.

impossible

My understanding is the DMCA explicitly allows reverse engineering of encryption for interoperability purposes... the only problem is that would have to specifically be tested in court to know if the government would agree in this instance, and nobody wants to try it.

refalo ,

So you came here with zero technical expertise or knowledge about the situation, and asking for specific steps on how to do this in order to make a product?

no need to be rude

refalo ,

Muxing has nothing to do with HDMI

refalo ,

Encrypted streams also don't have anything to do with a muxer, I really don't understand what you're trying to say. Muxers are for handling file formats, which is not being discussed at all, this is about raw video frame processing in hardware.

refalo ,

That diagram is describing the hardware side of the NeTV, which is an FPGA device doing all this. That "mux" is describing a hardware 2:1 mux on the raw video streams, such as https://vlsiverify.com/verilog/verilog-codes/multiplexer/

The "magic" is described here: https://www.bunniestudios.com/blog/2011/implementation-of-mitm-attack-on-hdcp-secured-links/

refalo ,

I consider "blacking it out" and "replacing" to be equivalent to "modify" in this case as you still need basically the same amount of processing power to do any of it.

Any web site that lets you share files with people like xender ?

I remember there being apps like xender, easy share etc. which lets you share files by one person activating hotspot and the other wifi you just have to have both party close to each other and they use no data . But they are all closed source and probably spyware and its too much of a hassle to get others to download a file...

refalo ,

I think they're asking about the text on the website that says "not compatible with VPNs" which I think is a reference to an Android system limitation where you simply must turn off an existing VPN connection to use the app merely because it interferes with the app becoming its own localhost VPN to get around android networking limitations.

The Best Secure Email Providers in 2024 (blog.thenewoil.org)

Like it or not, email is a critical part of our digital lives. It’s how we sign up for accounts, get notifications, and communicate with a wide range of entities online. Critics of email rightfully point out that email suffers from a significant number of flaws that make it less than ideal, but that doesn’t change the...

refalo ,

Well do you want privacy or do you want convenience? You can't really have both here IMO

refalo ,

Nobody is going to defend your useless data

refalo ,

it works fine IMO as long as you don't happen to have an IP with a bad reputation, but you'll likely need a VPS or similar as most home ISPs don't allow mail server or even incoming tcp ports

refalo ,

Personally I'd rather my ISP see more of my browsing history as I think they are less likely to be interested in using/selling as much of my data (or be compromised in some way) as a VPN company. But I could be wrong.

refalo ,

Ah that's too bad, guess I can't really blame you then.

refalo ,

That's not how VPNs work, you can't just "block all of them". I think OP just needs to use a pure-TLS VPN solution (like SoftEther) or an obfuscated one like shadowsocks/obfs from a not-super-well-known provider (or self-host it on a VPS/etc.) and they should be golden.

refalo ,

I understand, that's why I suggested some non-easily-detectable solutions.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • incremental_games
  • meta
  • All magazines
    •