If there were a real issue, Patreon would send a real reply
They did send a real reply. Just because you can’t and/or refuse to understand it doesn’t mean someone messed up. I get that you’re butthurt that your favorite place to upload shitty memes is in trouble, but it’s their own fault and I refuse to feel sorry for them.
What exactly are you confused about? The definition of continually? To be complaint with CSAM laws you have to actually make changes to your platform to ensure the same situation doesn’t happen again. Catbox doesn’t do that. They will eventually be prosecuted.
And my impression is Patreon said such handling was sufficient in 2021.
And it was. Because when pressed to make changes to ensure that it was more difficult to share CSAM, they refused. They were shutdown and then finally made the changes allowing them to operate again. In the same way that Catbox isn’t doing anything to actually stop CSAM from being shared on their platform. Compliance with the law after you’re caught with this type of content isn’t enough. They will eventually all be arrested for “facilitating” CSAM just like any of those dark web forums are.
This is not only incorrect (this particular law doesn’t apply here), but I can easily prove it beyond any shadow of a doubt.
Backpage was shutdown despite their willingness to comply with the law because they were found to “facilitate” CSAM. Omegle was also temporarily shutdown for the same reasons. There have also been quite literally dozens of prosecutions of website admins on the dark web for offering a platform for CSAM despite them arguing in court that they had no control over what their users uploaded and quickly moderated the content when discovered. In the end none of it matters–as a provider of a service you are required to make it difficult to share CSAM, not just comply with the law when someone catches you with your pants down.
It bedevils me that people are so laissez-faire about literal fucking CP–AI generated or not.
And in spite of literally all of that, none of this has anything to do with US law. It’s Patron policy. They don’t want to service someone who constantly has issues with CSAM, and they have every right not to offer their services to catbox.
Ultimately, yes, I think they are.
There’s no opinion to be had. You are absolutely morally and legally responsible for what your users upload. Period.
Seems like you’re completely missing my point. I’m not implying that catbox doesn’t remove this content, or cooperate with authorities. I’m saying that Patreon chooses to not offer their services to projects which continually have this issue in the first place…
The photos perfectly elaborate, though… They didn’t really get screwed, someone uploaded “animated child sexual abuse photos.” Which is not only illegal but against the TOS of Patreon. From the photos shared it looks like this isn’t the first time it’s happened, either, and Patreon clearly doesn’t want anything to do with it–which frankly is their right.
Not really sure how this equates to them “being screwed.” They’re responsible for what people upload to their service (they clearly understand that) which is why public uploads like this without restriction aren’t a great idea.
Probably the funniest linux meme I’ve seen in a few years. Nice.
https://github.com/Droid-ify/client
Can use any open-android store repository, including IzzyOnDroid and F-Droid. It’s the only real choice.
All the more reason to setup Adguard Home/Unbound.
I was unaware of this change, and it’s perfectly acceptable. No one has any ground to lambast Signal for requiring phone numbers to get an account. I think that’s a perfectly reasonable spam mitigation technique. The issue is having to shotgun your phone number to every Howard and Susan that you want to use Signal to communicate with.
This was honestly the only thing holding me back from actually using Signal. I’ll likely register for an account now.
I mean, twitter sucked when it first launched, too. Doesn’t mean it won’t get better.
Not sure why everyone is so hellbent on FOSS software to be in its most usable and polished state on launch but will buy prereleased and/or beta games and put in 10,000 hours into half finished games without batting an eye. The double standard for FOSS developers is insane to me.
So, you’re going to get two schools of thought on this, and one of them is wrong. Horrendously wrong. For perspective, I was a certified CEHv7, so take that for what its worth.
There’s a saying in security circles “security through obscurity isn’t security,” which is a saying from the 1850s and people continually attempt to apply the logic to today’s standards and it’s–frankly stupid–but just plain silly. It generally means that if you hide the key to your house under the floor mat, there’s no point to having the lock, because it doesn’t lend you any real security and that if you release the schematics to security protocols and/or devices (like locks), it makes them less secure. And in this specific context, it makes sense and is an accurate statement. Lots of people will make the argument that F/OSS is more secure because it’s openly available and many will make the argument that it’s less secure. But each argument is moot because it deals with software development and not your private data. lol.
When you apply the same logic to technology and private data it breaks down tremendously. This is the information age. With a persons phone number I can very likely find their home address or their general location. Registered cell phones will forever carry with them the city in which they were activated. So if I have your phone number, and know your name is John Smith, I can look up your number and see where it was activated. It’ll tell me “Dallas, Texas” and now I’m not just looking for John Smith, I’m looking for John Smith in Dallas, Texas. With successive breakdowns like this I will eventually find your home address or at the very least your neighborhood.
The supposition made by Signal (and anyone who defends this model) is that generally anyone with your private number is supposed to have it and even if they do, there’s not much they can do with it. But that’s so incredibly wrong it’s not even funny in 2025.
I’ve seen a great number of people in this thread post things like “privacy isn’t anonymity and anonymity isn’t security,” which frankly I find gobstopping hilarious from a community that will break their neck to suggest everyone run VPNs to protect their online identity as a way to protect yourself from fingerprinting and ad tracking.
It frankly amazes me. Protecting your data, including your phone number is the same as protecting your home address and your private data through redirection from a VPN. I don’t think many in this community would argue against using a VPN. But why they feel you should shotgun your phone number all over the internet is fucking stupid, IMO, or that you should only use a secure messaging protocol to speak to people you know, and not people you don’t know. It’s all just so…stupid.
They’ll then continue to say that you should only use Signal to talk to people you know because “that’s what its for!” as if protecting yourself via encryption from compete fucking strangers has no value all of a sudden. lol
You have to be very careful in this community because there are a significant number of armchair experts which simply parrot the things that they’ve read from others ad-nauseam without actually thinking about the basis of what they’re saying.
OK. That’s my rant. I’m ready for your downvote.
Directly from the developer:
iVentoy and Ventoy are two completely different softwares and have no shared files.
You seem to be implying that because iVentoy (which is not Ventoy) is vulnerable to this attack then that means that Ventoy is also vulnerable which is not only highly speculative, it remains to be seen.
Actually, when iVentoy boot Windows through PXE, it will boot the WinPE with test mode, so there is no need for the driver file to be signed. So httpdisk_sig.sys is actually not needed and can be removed later.
The dev goes on to explain;
the httpdisk driver will be installed only in the temporary WinPE environment (running in the RAM), not the final Windows system
The driver is singularly used in the PE environment. That’s it.
Is this a security issue? Sure. Is it as bad as everyone wants to make it out to be? Not really. From start to finish the Ventoy fever people seem to be getting by unsigned blobs is simply insane. Its a bout of hysteria and it’s not impressive at all.
I’m not saying it’s a bad thing. I’m just saying, some people might not realize that they’re still using Google.
I still fear that mistakes may slip through
Wikipedia is moderated by real people, so this is a non-issue. The fault tolerance for Wikipedia will be the same from AI vs People because it’s moderated by the same people regardless of where the content comes from.
I also use it for this. Sometimes I can get pretty draconian with my speech, so I feed my long winded responses into AI, and pull out a more readable responses. I even have AI write pull requests sometimes. Works great.
Literally any uploader that requires an account to upload. Any one. Any provider that requires registration will be infinitely more compliant and well suited to deal with these issues than one that doesn’t.