When I announced I would be closing my communities earlier this year, a curious thing happened: a surprising number of regulars replied with some variation of “I think this is my exit.” While some were specifically talking about Matrix, claiming that mine was the only room they were really active in and therefore they saw no...
The problem with a threat model is that higher threat models are plainly dismissed by the community. For example, if your threat model is to escape the NSA, it doesn't matter if you're using a burner over TAILS to post this message, you will be dismissed.
The problem is not the tech, it's the community that doesn't want to engage
Except that forums are exactly the best place to talk about (at least in theory) better OPSEC practices. Crowd-sourced knowledge is fairly good in technical spheres, even if they try to influence it
I torrent to a seedbox, and said seedbox has great access tools and you can install plenty of useful applications like Resilio Sync, Syncthing, etc....
Do they offer multi-region replication of storage? This stuff is fairly important to me and I've not exactly heard of BuyVM in the same league for Cloud storage providers like AWS, BackBlaze and Cloudflare
Hi, I was planning to encrypt my files with GPG for safety before uploading them to the cloud. However, from what I understand GPG doesn't pad files/do much to prevent file fingerprinting. I was looking around for a way to reliably pad files and encrypt metadata for them but couldn't find anything. Haven't found any...
I also have media and other binary blobs which I'd like to archive in an encrypted fashion, will GPG suffice? ChatGPT mentioned OpenSSL for this but I'm not sure where that's taking me.
I'm using rclone, do you recommend I run borg on top of it to encrypt said files? And does borg explicitly do what I'm trying to achieve? I'm going to take a look at the documentation, thanks
Is there no way to encrypt the metadata of files using GPG? And how do people pad their files to prevent fingerprinting? Surely I'm not the first person to be asking about this? I haven't had much luck searching online
When Bloomberg reported that Spotify would be upping the cost of its premium subscription from $9.99 to $10.99, and including 15 hours of audiobooks per month in the U.S., the change sounded like a win for songwriters and publishers. Higher subscription prices typically equate to a bump in U.S. mechanical royalties — but not...
It’s an Ubuntu downstream maintained by Linux box maker System76 which is targeted for both general usability and design/media applications. They will soon be debuting their own home-spun desktop environment, Cosmic DE, which is highly anticipated by the Linux community....
Wait, alternative to the fair phone in terms of software and reliability? Better performance than the Pine phones? Matching up to the Librems in quality?
This is a woefully underpowered laptop I got for free! I'm working to make it into a secure portable machine (since it does support secureboot & TPM-backed disk encryption) to take on the go that I don't fear losing. This is mostly for doing programming & study, on stuff that doesn't require high-performances, so the 2 gigs of...
Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA....
You should be using a seedbox to torrent in this age. Let the company run their business, if they don't want to be a part of the group that allows torrents, so be it.
I love these guys. Let's see if somebody can just bootstrap the FOSS framework directly on TCP to work on the internet without a VPN. Fantastic project
Considering that VPNs are Point-to-point too (home->VPN), I was wondering if one could use DAITA with TCP directly instead of having to use a VPN. Imagine if TCP had DAITA baked in.
If I were to send packets to a single entity over time, I'd have no use for DAITA. I agree with you on this.
However, let's say that I run a bunch of VPN endpoints across VPSes, and the entity trying to track me doesn't know about all of these IP ranges. I could be renting from a colo, the cloud and even a a bunch of friends who have their ports open. If I were to mix this in with my usual internet traffic, it becomes significantly harder for third-parties to figure out what I'm doing connecting to all of these different IPs. A state actor could put the resources behind it, but the average third-party will have a hard time with it. I can certainly see use-cases for it.
Except that I will not necessarily be connecting to the exact same IPs over time, just going to do so in specific ranges which the VPS/colo owns. There's plenty of people who are going to be renting VPSes and will have their traffic originate from the same IP range as mine, which means that if everybody using TCP had their traffic anonymized like so, the third party wouldn't actually know that MigratingToLemmy specifically was connecting to AWS at a certain time and from a certain location, so to speak. This hypothesis doesn't include correlation through other data in the threat model. But it could definitely prevent correlation with traffic across locations, which is similar to what Mullvad states
Not having an opt-out toggle should definitely be a cause of concern. Not everyone is running Debian just for the FOSS-only firmware, but there's definitely a sizeable number of people doing so. Letting the user choose whether they want to install proprietary firmware or not is absolutely an important choice.
This is assuming there really isn't an opt-out somewhere in the install menu.
Edit: it may be that I am running something without FOSS drivers for it. I happened to forget about it. So what? I'd rather it not run (unless it's critical), and I definitely want to be prompted that a proprietary driver is recommended to run the specific device because no FOSS driver is available. Not doing so is taking away my choice in the matter, and if Debian is really doing that, then I will personally have to rethink my options, including my donations
StartOS facilitates the entire process of discovering, installing, configuring, and using any variety of open-source software from anywhere in the world without trusting anyone.
Coreboot disables most of Intel ME on x86 except the parts required for essential functions. It certainty cripples external access to Intel ME.
I believe it is a fair assumption that for embedded architectures like ARM and RISC-V, a FOSS bootloader will likely deal with state-sponsored backdoors if they haven't been infiltrated themselves. This does not take into account baseband attack vectors because I simply don't know much about wireless, but I'd imagine someone working on these projects likely has their eye on the funny stuff the NSA is likely to try here. RISC-V is FOSS, the NSA cannot legally require anybody to include a backdoor into the architecture itself.
Halp! Calibrating touchscreen on Panasonic CF-30
cross-posted from: https://lemmy.blahaj.zone/post/12310804...
Is Privacy Worth It? ( blog.thenewoil.org )
When I announced I would be closing my communities earlier this year, a curious thing happened: a surprising number of regulars replied with some variation of “I think this is my exit.” While some were specifically talking about Matrix, claiming that mine was the only room they were really active in and therefore they saw no...
He had his last dose of round 1 amoxicillin ( lemmy.world )
Seriously, I can’t thank Lemmy enough. All of you are awesome people for helping him.
Syncing local server with seedbox
I torrent to a seedbox, and said seedbox has great access tools and you can install plenty of useful applications like Resilio Sync, Syncthing, etc....
TIL about the utility "Smokeless_UMAF" That lets you access advanced BIOS options on AMD-based systems. ( github.com )
What is it?...
[Repost] Reliable alternatives to AWS Deep Glacier for ~5TB?
Hi everyone,...
How to randomly pad files before encryption to prevent file fingerprinting?
Hi, I was planning to encrypt my files with GPG for safety before uploading them to the cloud. However, from what I understand GPG doesn't pad files/do much to prevent file fingerprinting. I was looking around for a way to reliably pad files and encrypt metadata for them but couldn't find anything. Haven't found any...
After announcing increased prices, Spotify to Pay Songwriters About $150 Million Less Next Year ( www.billboard.com )
When Bloomberg reported that Spotify would be upping the cost of its premium subscription from $9.99 to $10.99, and including 15 hours of audiobooks per month in the U.S., the change sounded like a win for songwriters and publishers. Higher subscription prices typically equate to a bump in U.S. mechanical royalties — but not...
[ META ] What is the community's opinion of Pop!_OS?
It’s an Ubuntu downstream maintained by Linux box maker System76 which is targeted for both general usability and design/media applications. They will soon be debuting their own home-spun desktop environment, Cosmic DE, which is highly anticipated by the Linux community....
SHIFTphone 8 Preparing Mainline Linux Support Ahead Of Launch ( www.phoronix.com )
[dwl] hacking together a search engine on a work-in-progress setup :3 ( lemmy.blahaj.zone )
This is a woefully underpowered laptop I got for free! I'm working to make it into a secure portable machine (since it does support secureboot & TPM-backed disk encryption) to take on the go that I don't fear losing. This is mostly for doing programming & study, on stuff that doesn't require high-performances, so the 2 gigs of...
TikTok sues the US government over ban ( www.theverge.com )
TikTok is taking the US government to court.
Mullvad VPN: Introducing Defense against AI-guided Traffic Analysis (DAITA) ( mullvad.net )
Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA....
General Availability of AlmaLinux 9.4 Stable! ( almalinux.org )
Sovereign Computing | Start9 ( start9.com )
StartOS facilitates the entire process of discovering, installing, configuring, and using any variety of open-source software from anywhere in the world without trusting anyone.
Chinese startup launching RISC-V laptop for devs and engineers priced at around $300 ( www.tomshardware.com )
Which programming languages do you know?