lemmyreader

lemmyreader OP , 3 hours ago

“helped” is very misleading. Companies can’t refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

You are suggesting all these companies are completely helpless against legal requests. That is not correct. A company should first make clear that the legal request is actually completely legitimate and correct. After that they can look at whether they should provide the information or not.

See the data here :

• https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain
• https://cdn-resprivacy.pressidium.com/wp-content/uploads/2024/05/Proton-Mail-logs.png

lemmyreader OP , 5 hours ago

I just used gThumb recently to try to post something I had inverted, but posting it to sopuli/lemmy scrubbs the exif data and it was posted as if I didn’t do anything.

Yes, uploading to Mastodon and Lemmy will likely automatically wipe EXIF data by those sites.

So, gThumb uses exif data to modify pictures which is likely what is added.

*What alternative are you using?

For image cropping I've switched to Gwenview which I'm pleased with.

lemmyreader , 6 hours ago

Your email relay or Beehaw could be "hacked".

lemmyreader , 8 hours ago

Other commenter mentioned usbmount. Debian has a page on that https://wiki.debian.org/usbmount which mentions pmount. The latter is packaged for Debian.

lemmyreader , 7 hours ago

Is it just me that dislikes when packages are mentioned instead of a series of terminal commands? I don’t want to install a package. Why would I want to rely on a package and it’s maintainer when I could write a shell script using the tools native to my OS?

Yes, that's just you and probably explains why you are on a programming Lemmy instance.
Personally I like to use the terminal myself for reasons including starting some GUI applications but I am sure that most people ("normies") would run away screaming if the first moment they would spot a terminal. See, everyone has their own preferences :)

lemmyreader , 7 hours ago

Since I haven’t found that here, I thought I’d add a comment to see if it’s just me.
And I wanted to check to see if there is an alternative forum for such conversations.

Maybe a shell, bash, scripting, or man page community. Idk.

Right. It's in my opinion not so easy to find communities or finding people wanting to share the same interests. How about these ?

• !shell
• !linux
• !bash

lemmyreader , 14 hours ago

Sure, sudo is a setuid binary, but it’s a fairly simple program, and at some point, you have to trust the code.

Have to trust the code ? doas for OpenBSD was created because of issues with sudo.

Talking with deraadt and millert, however, I wasn’t quite alone. There were some concerns that sudo was too big, running too much code in a privileged process. And there was also pressure to enable even more options, because the feature set shipped in base wasn’t big enough.

lemmyreader , 9 hours ago

What Chinera is doing with dinit and turnstile is really interesting. It would be nice to have feature comparable approaches to the systemd monolith that distributions could choose from.

Link for other readers about Chimera Linux, dinit, turnstile : https://chimera-linux.org/development

lemmyreader OP , 8 hours ago

Dunno. GDPR is a Europe only thing, and isn't it only related to how your private data (like name, IP address, phone number) is cared about ?

lemmyreader , 5 hours ago

Welcome to the penguin party! 🐧

lemmyreader , 1 day ago

The moment your VPN app starts it will change gateway and name servers for your host. If the virtual NIC of your VM is bridged with your host I would expect it to work fine for the VM. Is this with KVM or Qemu or VirtualBox or something else ? How is networking configured ?

lemmyreader , 1 day ago

This comes a few days after Jack Dorsey confirmed that he had left the board of Bluesky and then starting to use Tw(X)tter and calling Tw(X)tter "freedom technology". Coincidence ?

lemmyreader , 14 hours ago

https://www.theguardian.com/technology/article/2024/may/07/jack-dorsey-quits-bluesky-board-urges-users-stay-elon-musk-x-twitter

Earlier on Saturday, he unfollowed all but three accounts on X: Edward Snowden, Stella Assange, the wife of the WikiLeaks founder Julian, and Musk.

“Don’t depend on corporations to grant you rights,” Dorsey tweeted. “Defend them yourself using freedom technology. (you’re on one).”

Despite his promotion of alternatives to the site he founded, Dorsey has publicly shared his admiration for Musk. In 2022, he called the multibillionaire the “singular solution I trust” for the future of Twitter, though a year later he criticised Musk for his “fairly reckless” moves after taking control of the site.

lemmyreader , 1 day ago

You don't have to install Linux if you are not ready for it. You can test it without installing by using Linux live distributions. With Ventoy you can have 10 or 20 different Linux distributions on one USB stick and test them to see how well your laptop works with it and which flavors you would prefer.

lemmyreader , 2 hours ago

There is a lot of Ubuntu hate and it is easy to go with that and repeat.

• 2012. The Amazon button on the Ubuntu desktop (I believe it was not in the Ubuntu flavors) was removed after criticism.
• Ads in the terminal. I've only seen those when using ssh to a server. Ads like the k8 server options of Ubuntu. No flashy jumpy colorful big ads but just small text.

Telling people that there is no difference between installing Ubuntu and Windows is kind of cruel imho. A fresh Ubuntu installation allows the new Linux user to learn Linux and after some time they can decide to go for Arch Linux, Debian (The install is not that easy as with Ubuntu for a beginner Linux user), MX Linux or whatever they prefer.

lemmyreader , 2 hours ago

Why is asking for feedback a bad thing? IMO it’s better than just being on by default, and still gives the developers an opportunity to at least get SOME useful feedback instead of all the people that screech about how telemetry should be banned entirely. I would bet money none of those people are professional developers.

Indeed. Programmers really love feedback to improve their applications. I bet that everyone who installs apps for iOS or Android from the Google Play Stor will have lots of apps that have crash-a-lytics, or whatever it is called, installed.

lemmyreader , 1 day ago

Try Linux Mint.

lemmyreader , 1 day ago

If you want to test several Linux distributions Ventoy can be useful. You can have 10 or more different Linux distributions on one USB stick depending on the size of the stick. This will also save you time "flashing" an image iso to the stick each time because with Ventoy you'd simply copy the image iso files to the stick, quick and easy.

https://www.ventoy.net

lemmyreader , 1 day ago

the two you suggested though are US based though.

Disroot is in Europe.

• https://disroot.org/en/about
• https://disroot.org/annual_reports/AnnualReport2023.pdf

lemmyreader , 1 day ago

Proton is the only one I know of who takes mailed cash.

Proton accepts payments via postal mail you mean ? Posteo and mailbox.org do that.

lemmyreader , 9 hours ago

All the commenters suggesting that Proton is just a company and would always give in to legal requests and all other companies and any email provider would do the same, here's some more to add. Yesterday I saw a now invalid toot comment from ProtonPrivacy on Mastodon Social where they wrote that it was Apple who was to blame and that Proton gave the recovery email address only because this was a case of a terrorism suspect suggesting that if that (terrorism) was not the case they would not have given in to the request. Today their comment sadly gives a 404 error. Searching a bit further this article comes up mentioning Proton and Wire :

• https://www.elnacional.cat/en/politics/judge-garcia-castellon-accuse-mossos-police-officer-tsunami_1202609_102.html

In the new resolution, the National Audience judge recalls that in January, in a judicial report he issued on the case, he highlighted a conversation from July 12th and 13th, 2020, about the king's visits, which was included in the Tsunami investigative evidence, and of which he admits that until that point he had not made reference in his investigation which extends over the period from 2016 to 2022. Specifically, one of the people under investigation, the Girona businessperson Josep Campmajó, spoke to the figure named Xuxu Rondinaire, with profile @marietadelulllviu, about mobilizations in 2019, using the Wire messenger app. The judge has asked for the identification of this person, information now obtained by the Civil Guard, which details that they used Europol to ask the Swiss authorities for the Wire firm to identify the person behind this pseudonym, with a profile that is also used in Proton Mail, an encrypted email system. In the police cooperation form requesting the information, the Spanish officers indicate to the Swiss authorities that the investigation is for the crime of terrorism.

lemmyreader , 7 hours ago

I’ve never heard of those 2 providers and they don’t seem to be any better.

You never heard of the other two providers but yet you already draw the conclusion that they don't seem to be better. What does "better" mean to you in this context ?

lemmyreader , 6 hours ago

Exactly! I am not saying that Proton is some kind of virus but lots of folks are screaming "Proton! Proton!" (and "You have to think for yourself!" - Life of Brian) as if it is the only answer for privacy and security.

Riseup exists since about 1999 and is like Disroot non profit with focus on activism. Proton is like some other companies, I think, a response to the Snowden revelations, which is iirc 2013, a time after which self-hosting email (e.g. Mail in a box) became topical for a while and several other new email companies started to pop up.

lemmyreader , 4 hours ago

It is very strange to me that Lemmy users are behaving in a reverse manner to how they should. Are they too young? Or are they too bad at privacy game, believing all this Proton/Graphene/Brave and whatever else is trendy?

It is indeed probably a new and young generation preferring to watch videos on their smart phones rather than reading from a desktop computer. YouTube (with its influencers and content creators) is very popular and that is unlikely to change any time soon. Problem is that getting privacy and also security right is not that simple. Take for example the Riseup and Disroot comments in this thread. I trust Disroot and Riseup to do the right thing, and I bet that handing over personal data would be about the last thing they would ever do. I guess this is difficult to understand for people who have nothing at all in common with activism and for that matter anti-capitalism.

lemmyreader , 3 hours ago

PGP doesn’t protect anything but message contents.

Indeed, be careful with choosing your email subject line when using GnuPG to encrypt.

Additionally, if you key it compromised all of your messages are compromised.

Yes, maybe for some people it is. I once knew a person who created a new GnuPG key every few months. It is also recommended in some howtos that making your key never expire is a bad idea.

By the way, for all readers interested in using GnuPG, FSF updated their Email Self-Defense guide this week. https://hostux.social/@fsf/112405348416810419

lemmyreader , 3 hours ago

Their privacy policy. They log IP addresses and are not immune to legal actions, and as such, are not really better than Proton in terms of legal actions

They log IP addresses ? Source ?

lemmyreader , 3 hours ago

Law can be different per country and when there is nothing to hand over, then there is nothing. Here is an example of Mullvad : https://mullvad.net/sv/blog/update-the-swedish-authorities-answered-our-protocol-request

lemmyreader , 3 hours ago

Serious topics like privacy and self improvement have become very similar in people’s perception. They are also just another thing to consume, as unhinged as it sounds. Everything must be consumed, everything must be rented. Everyone must live in a distorted perception of “safety”, whose harbingers are fucking western corporations. It is insanity and it must be prevented from taking over Lemmy’s communities atleast on main .ml instance, and I will do what is needed to prevent that, in places I moderate.

👍

lemmyreader , 3 hours ago

Source: the 3 first words of my comment…

https://disroot.org/en/privacy_policy Section 4.1

You’re the ones defending a service yet you don’t know that. Seems like someone who just found out the service can do better research. But hey, thanks for not being overly aggressive and claiming to know everything like this other guy.

I simply asked you a question and thanks for pointing out more details. I have decided to trust Riseup and Disroot for reasons in the past. It is up to me to care about my privacy and security when there is the need for it. Other people will use Google Gmail with GnuPG, that up to them.

lemmyreader , 2 hours ago

Except with a VPN you’re not identified by the servers you connect to, so they can safely not log any traffic and as such, law enforcement can’t ask to hand out data about a specific account because they don’t know which account did it. Same goes for logging the IP of the account, because again, they don’t know which account it is, and can’t force a service to log all users for the sake of finding one.

VPN and Tor and I guess i2p can disguise your IP address indeed.

It’s not true for mail services however, as the email address is your login and/or is linked to a specific account, forever and exclusively.

I'm not following what you mean by this ?

lemmyreader OP , 2 days ago

Thanks! They have indeed several blog articles about that. Here's a few :

• https://www.scaleway.com/en/blog/zero-pollution-zero-water-in-datacenters-by-2030/
• https://www.scaleway.com/en/blog/breaking-the-code-of-silence-data-centers-and-water-consumption/
• https://www.scaleway.com/en/blog/how-sustainable-is-your-cloud-provider/

lemmyreader , 2 days ago

https://mastodon.social/@protonprivacy/112401461102514792 May 07, 2024, 19:29

The name/address of the terrorism suspect was actually given to police by Apple, not Proton. The terror suspect added their real-life Apple email as an optional recovery address in Proton Mail. Proton can't decrypt data, but in terror cases Swiss courts can obtain recovery email.

lemmyreader , 3 days ago

https://www.gnu.org/software/librejs/

lemmyreader , 2 days ago

Long time ago Riseup, focused on activists, required two invite codes, probably to avoid abuse. They've relaxed it with asking for only one invite code. You should imho not be asking for invite codes on the Internet but ask your activist friends or read this : https://support.riseup.net/en/knowledgebase/1-accounts/docs/13-how-do-i-get-an-account

lemmyreader , 2 days ago

Disroot stopped using RainLoop long time ago when people became aware of a security bug in RainLoop and the fact that the RainLoop project appeared to be dormant. I think Disroot switched to SnappyMail, and then to Roundcube.

lemmyreader , 2 days ago

Apparently it’s (by default) everything that doesn’t explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.

It is never to late to start something and make people aware of problems and as far as I am concerned not only about software licenses but JavaScript as a security problem.