ssm

ssm , 1 day ago

If you've ever watched Overlord you'd know the dead deserve to rule over the living

ssm , 1 day ago (edited 9 hours ago)

For someone that hates the right you make a lot of generalizations. Every country with power is a mess politically, but that says nothing about their art.

ssm , 1 day ago (edited 9 hours ago)

That's funny because if you actually watched Overlord you'd know Ainz' goal (besides getting back to the real world) is to create a utopia where all races are equal. But keep throwing buzzwords if it makes you feel good.

ssm , 1 day ago (edited 9 hours ago)

I've only finished the anime up to season 4, but I don't think the theme is that "Nazarick is evil and evil skeleton overlord is fun", but rather "do the ends justify the means Nazarick takes", given that Ainz wants to create a utopia where all races live in harmony. It's very interesting writing given how much time and humanity is given to side characters that are eventually destroyed or imperialized by Nazarick.

ssm , 1 day ago (edited 9 hours ago)

I was making a general statement about when anime has a political theme, not on that particular anime.

Only anime I know of where this is actually a thing is Attack on Titan, but I haven't watched the last season (apparently it deviates from the source material, maybe for this reason, which is why I haven't).

Though I guess you could find a utopian vision in a nation that views all to be equally worthless and champions genocide and calling the dark young of shub niggurath to stomp on people.

Yeah, I do like multifaceted morally grey and villainous characters with interesting or even aspiring motives. I highly recommend Hunter X Hunter, The number of characters in that anime that aren't majorly flawed in one way or another you can count on your fingers. One of the communities favorite characters is a murderous pedo clown that serves as the main characters mentor and drop-in father-figure for a large part of the story. If you watch any single anime and never watch anime again, let it be HxH.

ssm , 1 day ago (edited 1 day ago)

Encrypted XMPP/IRC+ZNC/other plain text protocol is the best. Mobile data is everywhere and cheap, especially for text messages. Only one person has to do the heavy lifting setting up the server on a VPS with encryption; connecting the clients is easy. The hard part is getting people to use them when network providers and Android/iOS devs shoehorn SMS/MMS/RCS as the default and only option.

ssm , 2 days ago

I don't trust the google kernel when it comes to privacy or security. You think with how many people use Android and with how bad actors Google are they wouldn't put a backdoor somewhere?

ssm , 1 day ago (edited 1 day ago)

Unless you want to tell me that the Android kernel is the first OS kernel without bugs, it takes at the very least one bug to be left intentionally unfixed and shared with the feds to introduce a backdoor. I wouldn't consider it infeasible with how large the android kernel is, and how high a barrier of entry kernel dev is. If the bug is found, just move to the next one. Normally I wouldn't be so paranoid, but this is Google we're dealing with, on one of, if not the most popular kernels on the planet.

ssm , 1 day ago

Left

ssm , 2 days ago

Russian/Chinese software contains spyware: 😡😡👿👿💢💢

US software contains spyware: 😇👉👈

ssm , 2 days ago

I'd like to see this "CEO of AI" stand on the same ground as the CEO of Sex

ssm , 3 days ago

Watch out Girl, if your hair stands up like that, it means you're about to be struck by lightning!

ssm , 3 days ago

Watch out Girl, just because FISH can breath underwater doesn't mean you can!!!

ssm , 2 days ago (edited 2 days ago)

Random hardware suggestions, using mobile Linux support as a litmus test

• Pinephone (Pro): Main downside is that OG Pinephone has extremely anemic hardware, and the charging circuit is not controlled through hardware for some insane reason; hope the kernel devs of whatever OS you put on it knows how to not turn your phone into a bomb. Also Pine64 as a company has gotten flak for their support of Manjaro. Can't deny how good the price is though.
• Fairphone 4: Good hardware, but expensive. I don't own it, but it works good on postmarketOS according to the wiki.
• Librem 5: Overpriced compared to the earlier members on this list, but you can guarantee the phosh interface will work well considering it was developed by Purism as well.
• OnePlus 6 and 6T: I don't know much about these, but they're very popular with the mobile Linux crowd.

As for the pixel, there's work on it but it's still broken at the moment. As for the hardware being too old, I haven't used anything Android in a while, so I don't know how much performance degrades each release, but a mobile Linux distribution should run just as good today as it will 20 years from now, assuming you use the same interface.

ssm , 3 days ago

You are correct, and thankfully peertube exists and is currently not full of nazis (at least from the instances I've checked). Their federation model seems to be opt in instead of opt out though, so it's hard to actually find content, unfortunately.

The most populated instance I've found is https://tilvids.com/, which has a bunch of educational and tech videos.

ssm , 3 days ago (edited 3 days ago)

https://lemmy.sdf.org/pictrs/image/a3879f19-e94b-4a6a-a6d9-b71b7eeac088.webm

oh my reddit lois this is so wholesome chungus

skibidi joe, can you get me a beat?

ssm , 3 days ago

truly a modern classic

ssm , 4 days ago

First off: Can’t switch to Linux, Windows is a work requirement. Please spare me.

Did they give you a very funny reason for this requirement, or is it just some windows exclusive garbage that doesn't work in wine?

ssm , 4 days ago (edited 4 days ago)

Why do people always ask this kind of crap?

Fuck you too. 👍

It will contain software that is also centrally licenced so that your boss doesn’t have to figure out how to pay for thousands of dollars of software, they can just tell IT to bill a licence for software X to your cost centre at $13.75 a month.

To think they could be paying nothing for better software instead.

It will contain company sensitive data which will usually be encrypted by bitlocker, whose keys are stored with your domain account.

As soon as you need to decrypt that data, you're at best trusting that data to the NT kernel if you use a memory filesystem.

It will have a domain login that is your corporate identity which will usually require multi factor authentication.

I've never heard the terminology domain account. Does it prevent you from using a different OS?

It will have the usual Teams/Outlook/SharePoint stuff with a centralised calendar and contacts for your company, and likely security classifications for all the communications you do through it, allowing you to join groups, accept invites to restricted groups, and limit access, all linked to your domain account.

I'd be surprised if there wasn't some way to get some of these to work on not-windows / not-macos. Either a webclient or Pidgin, the everything client :)

If you're on Linux, the company may have even released a proprietary native client, but I'd consider that a last resort as it compromises security and privacy.

It will probably have OneDrive, synced to a corporate server, again, linked to your domain account.

https://github.com/abraunegg/onedrive

And finally, your work laptop does not belong to you. Wiping it and installing Linux plus Wine and keeping company sensitive data on an unmanaged device will attract the ire of HR.

If your HR is that cancer I'd try looking for a different company. If they are scared of "unmanaged" devices why are they using a spyware OS.

Your IT department won’t give a crap. But they also won’t help if anything doesn’t work, such as trying to join a domain to access allllll those domain-linked features with an unauthorised device.

You shouldn't be using Unix in production unless you know how to use Unix, I agree.

ssm , 4 days ago (edited 4 days ago)

But still, the fact that the person already said that not using Windows isn’t an option and you persisted questioning wasn’t very nice

I wasn't telling them that they should use Linux anyways, I wanted to know why they weren't allowed to.

ssm , 4 days ago (edited 4 days ago)

Set your system-wide DNS to a provider in a country with better privacy laws. I use quad9. Disable DNS over HTTPS (DoH) in Firefox if you have it enabled, as it sends DNS queries to cloudflare, which may be even worse than sending your DNS queries to your default ISP servers (also disable DNS prefetch). If you're hosting a DNS server, you can also set up a DNS blocklist if you use something like unbound or unwind.

I would get away from proton, they're too popular and too much of a target, and most critically they fucked over a climate protestor, and then removed "we do not keep any IP logs" from their privacy policy. If they're willing to lie about that, what else are they willing to lie about? If you want a fun project, set up your own mail server. Easy (relatively speaking) to do on OpenBSD with a cheap VPS provider like buyvm. Password manager is easy enough to write yourself with an openssl script, or you can use some other open source password manager if you hate scripting. Storage should be cheaper on a VPS than whatever proton is providing, and you can even host your own VPN (though this has potential to be easily routed back to you unless you serve multiple users with your VPN).

Disable javascript everywhere you don't need it. I use qutebrowser, and javascript is disabled by default, and I only reluctantly enable it per-domain when I absolutely have to.

Use 3rd party open source clients for propietary apps, or move to open source ecosystems (like lemmy!).

I would get off of Android all together, and switch to a real Linux phone, if you can tolerate the jank. I don't trust Google not to put a backdoor in the Android kernel (which forked all the way back at Linux 2.something). You could also try switching to a dumb phone, but those still run some amount of spooky blackbox software and I wouldn't totally trust it from any major phone manufacturer.

ssm , 3 days ago

Perhaps trusting law-abiding businesses is bad for privacy

ssm , 3 days ago (edited 3 days ago)

• Use a fork of Firefox (librewolf), or a different open source browser
  • even if you modify Firefox to remove all telemetry, Mozilla are bad actors, and will update to add new telemetry like Anonym or Cliqz by default after an update. Unless you really trust your package maintainer, use a fork or a different browser
• Force a common useragent
• Disable javascript everywhere, or use a browser without javascript, whenever possible
  • trying to defend against fingerprinting with javascript enabled is futile, even things like your number of cpu threads (navigator.hardwareConcurrency), list of fonts, webgl support, supported codecs, browser permissions, and variations in canvas rendering can be used in fingerprinting
    • tor browser is the only project I know of that can come close to avoiding fingerprinting with javascript, but even then you're advised to avoid using javascript with tor browser
  • use 3rd party clients for things like youtube that would normally need javascript

ssm , 6 days ago

richoids

ssm , 6 days ago

borderline aneurysmposting

actually not even borderline

ssm , 7 days ago

their

ssm , 10 days ago

Plain text files.

ssm , 12 days ago

Except the gold is actually poop and the shovels require burning several trees per dig

ssm , 13 days ago

Protonmail sucks because you can't use it with 3rd party mail clients like claws-mail or mutt without handing over $$$ (even gmail lets you do this for free, I believe). The plaintext mode in Protonmail appears not to be actually be plain text because I've had trouble submitting plaintext patches to the OpenBSD lists several times with it.

Have no experience with Tuta.

Self host on a VPS. OpenBSD makes it easy, follow a guide like this one.

ssm , 13 days ago

• open source gamedev
• uses discord

https://lemmy.sdf.org/pictrs/image/fc60dea8-33ea-4fa0-a025-31746c02f53b.png

ssm , 13 days ago

That's fine and I understand; and I'm cool if projects have multiple ways to make contributions. What I hate is when open source projects only exist and allow communications on closed platforms.

ssm , 12 days ago

Oh I assure you I am no fan of Microsoft/Github :)

ssm , 14 days ago

wonder what fraction of a fraction of a percent of their yearly profit they'll be charged this time

ssm , 15 days ago

SteamOS on steam deck, PostmarketOS on pinephone. On desktop I use OpenBSD, but if I used a Linux it'd be either Alpine, Void, or Devuan.

ssm , 14 days ago

Really wish when I clicked on the alternative for change.org one of the choices would have just been "a gun"

ssm , 16 days ago

• Closed software (and hardware if we count in house arm chips?) ecosystem is bad for security and privacy
• Apple is subject to ancap US corporate law, which means they can realistically do whatever they want with your data (and it would be a bad business decision not to) with no real punishments/business expenses if they're caught
• Large number of users increases interest for state backdoors
• *BSD has mostly the same userland, is totally free, and open source

ssm , 18 days ago

You're saying this like Micro$hit isn't just going to revert back to recall being opt-out (or non-removable) in a few weeks after the outrage dies down

ssm , 22 days ago

I love searxng in theory, and I use it as my default search engine, but very often I am missing results; I don't know if it's deliberate censorship from bing and google so you don't use their apis on 3rd party platforms, or if searxng is just buggy, but no matter what search engines I enable in the config, I am missing results.

ssm , 23 days ago (edited 23 days ago)

I use quad9 with DNS over TLS systemwide with openbsd unwind

unwind.conf config

forwarder { 9.9.9.9 port 853 DoT 149.112.112.112 port 853 DoT }
preference { DoT }

firefox's use of cloudflare for DoH is irresponsible, and possibly worse than just sending your DNS queries to your ISP's default servers. It would be in line with Mozilla's other practices though.

ssm , 23 days ago

https://lemmy.sdf.org/pictrs/image/6c158eb9-a0eb-4f49-b34d-a031d78c2cee.png

fvwm?

ssm , 23 days ago

yay!!!!

ssm , 24 days ago

maybe consider buying hardware that supports a real mobile Linux like https://postmarketos.org/ next time

ssm , 24 days ago (edited 24 days ago)

The software that runs on mobile Linux is the same that runs on desktop arm64 Linux, minus a few mobile-specific components packaged by postmarketOS/etc. Minus the few mobile-specific components (modem drivers, userland components like the virtual keyboard and window manager), the software is very well tested and used regularly. Only thing I'm sketched about is the sim card, which has quite a lot of control over the device from what I was told. It's not like non-linux phones are any safer from this though; if anything they're more likely to be targeted by any hardware vulnerabilities/backdoors due to being more popular devices.

ssm , 24 days ago

Linux can be hardened, but is very open by default.

yup.

It also offers no out of the default sandboxing of apps from each other.

I don't use applications that need sandboxing. I would enjoy if OpenBSD's pledge and unveil were ported to Linux at some point though.

It isn’t immutable, unless postmarketOS is, which is a large security threat when considering device integrity.

How does immutability improve security beyond standard unix file modes?

Full disk encryption isn’t enabled by default (unless changed in postmarketOS).

I used to do FDE, but now I prefer just encrypting the files I actually need encrypted. FDE doesn't protect you from an attacker that can get access to your phone while it is booted.

Root login is enabled by default (a huge attack vector).

What huge attack vector? It's just as secure as any account if it's given a good password. I'd argue sudo/doas is a lot less secure when authenticating to root, since if an attacker knows your user password, they now also have root access.

I recommend a deblobbed Android ROM like DivestOS (my personal fav and more deblobbed of proprietary blobs than any other ROM) or GrapheneOS.

I will use my already deblobbed Linux distribution, but thanks ;)

ssm , 24 days ago

Did you go to any of my links about Linux hardening? Do you implement any hardening yourself? Do you harden kernel flags or replace malloc with hardenned_malloc?

No. Why would I need to do this compared to a standard Linux desktop PC? Does having a WWAN radio somehow open me up to some massive amount of exploits compared to another mobile device, say a linux laptop?

Linux kernel also has proprietary blobs for firmware and device support. That is the difference between Linux normal or libre kernels.

I don't think my hardware (pinephone) needs any blobs (If any, the GPU? Panfrost exists so probably not). It may need proprietary firmware, but firmware doesn't touch the kernel and is loaded onto the auxilliary device's CPU, so it's not as big of a security compromise (excluding CPU firmware). I already replaced the modem firmware with an open source version, so I think I'm fine there.

ssm , 24 days ago (edited 24 days ago)

Blocked lemmy.world after this nonsense, I was already sick of how closely that instance mirrored reddit; including the witch hunting and moderation double-standards (banning piracy and allowing floods of corporate capitalist news propaganda spam is fine, but deleting misinformation and whitewashing of US history is moderator overreach). Had a few communities there I liked, but I can live without them.

ssm , 24 days ago

some tiny hyper-specific communities like c/DeepRockGalactic, as well as c/AssholeDesign (there's a c/AssholeDesign on .ml, but it's as dead as a doorknob); also enjoyed c/shitposting from time to time

ssm , 24 days ago

Companies: Will slurp up and sell every last bit of your user data to the highest bidder just to make one fraction of a cent extra profit

Open Source Projects: Stop giving us money!