• 2 Posts
  • 71 Comments
Joined 1 year ago
cake
Cake day: December 27th, 2023

help-circle


  • Your experiences are anecdotal.

    by pulishing them they become measurable, which also removes the “anecdotal” flag with numbers, also maybe ask archaeologists how much of an evidence a complain written in papyrus actually is a “while” after it was written.

    also the studies that found out “why” public services don’t serve in the first place have become quite old* meanwhile, which is the very opposite of anecdotal, but nothing was done so far to change the known state of not serving services for decades, so why should they have changed without changing actions affecting them?

    *) i read parts of them >20 years ago and the studies observations and conclusions i read fitted 100% of what i personally experienced/witnessed from within a family “working” in such services.



  • well for e2ee you obviously have to let one e encrypt the data for the other e. (good luck with newsletters then) for usual services kindly asking them to support either s/mime or gpg for outgoing emails, that would at least make them know the wish, but good luck there too.

    i think the already mentioned solution with encrypting incoming messages on your side just before mda to your inbox should be the closest possible to what op wants. one would need to check if the message is already encrypted and skip encryption for those.

    if you only want the admin of that email (imap) server to not be able to read all emails, maybe placing a separate encrypting server (smtp+encrypt+forward) inbetween outside world and your email imap server could be a solution.

    one should have a look into the logfiles too as some mailers might log message subjects and of course sender/recipients along with ip adresses of incoming/outgoing servers which the op might not want to be readable as well (i dont know protonmail that much)

    also gpg IMHO allows for sign-then-encrypt hiding the signature within the encrypted data which could be wanted. also one might want to look exactly what parts of the messages contents and its headers are encrypted or plaintext on the server before feeling safe from the threat one wants to be protected from.



  • smb@lemmy.mltoMemes@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    3 months ago

    the OS was not the comparison, but the hardware it runs on (just as @Freefall said) but also you seem to be wrong with your other assumption:

    And both those devices are tied to a specific OS.

    Which seems not to be the case as install instructions for another OS can be found here (i didn’t try it though) for the mentioned device:

    https://wiki.lineageos.org/devices/pdx215/

    lineage os still is an “android”, but another vendor with clearly different approach than the original firmware and what hinders you from writing bsd drivers and compiling a bsd kernel for it instead? So i count the Xperia 1 III as NOT bound to any OS or OS vendor.

    But despite the way longer possible support/security, freedom of choice and endless other possibilities that often come along with free OS choice, this pure and great advantages weren’t even mentioned there, thus it wasnt an OS comparison as it also wasn’t a bound-to-an-OS vs. absentness of vendor-lock-in-limitation-jungle comparison.



  • maybe there was a mixup of individual datapoints and individual persons.

    lets see if that could fit.

    as far as i read things in this thread, the whole security is based on exactly these datapoints: Full Name, Date of Birth and SSN (three datapoints) plus username and password for 3 sites (six datapoints) makes 3+6= 9 datapoints per person.

    2.9 billion (us) should be 2.900.000.000 (correct me if i’m wrong, but where i live one “billion” is actually “1.000.000.000.000” thus a “bit” more)

    divided by 9 those 2.9billion would be ~ 320 million.

    on wikipedia they say the us had 331 million people in 2020…

    that would fit like an ass on a bucket! lol just to mention that.

    have a nice day!


  • What’s the alternative to ads, though? Not everyone wants to (or can afford to) pay for every site they use.

    its not about paying for the site a user uses, its about paying those who run the site (and less to pay for someone only “managing” the site by doing actually nothing)

    maybe these could be alternatives:

    • patreon
    • flattr
    • micropayment in general
    • donations (somafm runs on donations)
    • link to shopping platforms (musicians on somafm mostly have links to the songs on amazon that you see while playing the song for free)
    • communities, like FSF, local groups
    • some small payed supporter part (like lwn.net) while the important stuff that makes the win-win of the site is free to use
    • maybe the list from this page can help too: https://kinsta.com/de/blog/patreon-alternativen/ Kickstarter Indiegogo Podia Sellfy Buy Me a Coffee Memberful Hypage Ko-fi Substack Kajabi Gumroad WooCommerce Mighty Networks MemberPress Uscreen

    maybe even a combination of multiple of those *whoa!!! mindblow!!! could be a good choice to allow usersvto choose how to contribute.

    so really only choosing to offer exactly one option that also puts all users at a real risk of real attacks where they can get ripped off of all or lots of their real money and data for the sake if earning 0.003 ¢ per each putting them at high risk is not really what should be done, or do you personally profit from their users high risk and are thus completely okay with it? hope not.

    if you have to earn money with your project or whatever, why not offer several options to choose from? why only one? and while we’re at it, offering an ad-free “membership” for 400 times the price of what they would earn by the same visitor with ads like they try here sometimes, does not make any platform look good, but the opposite.

    there are many platforms that i would pay for monthly and i would spend much more money alltogether than now on that if their price would not be artificially pushed into astronomically heights per service…

    there is one project where i do donate each month a little bit via recurring bank transfer since years. my transfer says the name of the project and “donation” thats pretty easy to setup for both sides, but too complicated for those who pay designers money so they can place the ad layers on top of the 400 other layers of spypixels and navigation controls… really ? lol*

    if those you are talking about cannot afford to have a bank account for some reason, i guess they also cannot receive the revenue of ads on their webpages ;+)

    saying there are no alternatives to ads is rather a candidate for the lamest excuse award ;-)



  • its not just ads and malware, and its not only about beeing sorry for them. ads are also manipulating how people think. not only the obvious things like “that product is good”, but also that products in general would help (with problems you didn’t have). and the format itself of ads (even without considering its contents) already has a changing effects on the minds of those who watch it. i am thinking of some parts of neil postmans thoughts about television back then and i guess there is plenty of possibilities to make a realistic conspiracy theory out of it why exactly the most poisonous parts of television are replicated to the internet with massive force even though everyone ignores ads in the net. i like theories

    unfortunately, feeling sorry for them does not help society to stability. 😥



  • smb@lemmy.mltolinuxmemes@lemmy.worldCorrect usage of a hand-me-down MacBoo
    link
    fedilink
    arrow-up
    3
    arrow-down
    3
    ·
    edit-2
    4 months ago

    well there is plenty of what is possible to try. but unless one had looked at the real cause i’ld suspect one of apples hardware backdoors to cause the crashes like if the backdoor doesn’t work, crash the kernel, so we never loose control over the sheeapple thing. or more realistic if you want:

    First maybe just crappy hardware:

    There is a reason why i suspect apple’s hardware, cause my shitty macbook at work should(!) go to something like hibernate, sleep, or its spyveillance-only mode when closing the lid, and it should also lock the screen when doing so, the actual results seem pure randomly choosen, sometimes the sleep mode survives the weekend with lots of accu left, sometimes its completely depleted and i even have to charge it for a while before it has enough power to show the charging logo. for security reasons i have to manually lock my screen, verify it and then close the lid, which is pure annoy. this could just be buggy hardware, a sensor so broken that reading its inputs directly could crash any OS that assumes i.e. no division by zero, pointers to nonexisting ram or whatever, and maybe apple just knows what faulty measurements mean what (but cannot make that stable too, only no crash occurs)

    secondly with a hardware backdoor:

    https://www.kaspersky.com/about/press-releases/2023_kaspersky-discloses-iphone-hardware-feature-vital-in-operation-triangulation-case

    “The discovered vulnerability is a hardware feature, possibly based on the principle of “security through obscurity,” and may have been intended for testing or debugging. Following the initial 0-click iMessage attack and subsequent privilege escalation, the attackers leveraged this hardware feature to bypass hardware-based security protections and manipulate the contents of protected memory regions.”

    which is that (some/all?) iphones have at least one memory page where one only has to accidently or intentionally write something into it, that could trigger the backdoor feature to let you choose which memory address to overwrite with what bytes, bypassing every(!) security mechanism in hardware AND of course those made of software too. that is how i understood documentation and presentations about it. now apple said they “fixed” it in software, from what i remember that fix was just a “os preventing apps from writing to that memory backdoor page” thus not a fix but only a mitigation, while “fix” is more a lie than only misleading words to just pretend it wasn’t permanent and unfixable. let us assume that linux does not include hardware backdoor mitigations for apple devices AND that apple placed the very same backdoor memory page into macbooks as well but maybe at (an)other physical address(es). now the code that runs on closing the lid “might” just reside at or write to the very same memory page on every boot for a given exact same kernel, which might be a memory page that acts the same or similar like that iphone hardware backdoor, overwriting some other memory page depending on what is actually written to the backdoor page which immediately crashes the kernel. if that’s whats happening there, t2linux is not broken, but macbooks are just insecure costly (loss of money, time, security, trust, work performance, patents, stability, a.s.o. …) waste.

    how to find out? (maybe)

    • get the kernel code.
    • deactivate every driver not needed to boot and run the lidclose stuff like i.e. the sensor, compile the kernel anew and try booting from it.

    changin the kernel a lot by removing everything(!) not needed should in theory/hopefully also change the pages that would be affected when closing the lid. same effect: likely no backdoor. no effect: maybe something you deactivated, maybe yet another backdoor discovery.

    it might also be solveable by sth like acpi settings or such, probably switchable from kernel boot cmdline , maybe change settings for hibernate / suspend to ram (does apple hardware even support such? i mean without the buggy behaviour i experience?)l


  • but you did notice that compilers can be manipulated to include backdoors into resulting binaries AND put the same manipulation into newly compiled compilers as well, right? then where did you get that compiler from? did you have a look at the binary output? then if so, did you look at it using the hexeditor of that same compiler? 😎 plz have a look … 💥 bzzzt … really you are lucky to be alive after a blast like that, especially you, have yourself checked out with ems before you leave!







  • smb@lemmy.mltoAsklemmy@lemmy.mlWhat's your favourite country and why?
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    4 months ago

    antarctica:

    • no bad politics
    • no wars so far
    • people there are mainly interested in science
    • no economic abuse or exploitation
    • pinguins!
    • no air conditioning needed to survive the summer.
    • winter is offline time, visitors won’t arrive or leave then.
    • last place to stay cool during boomers heritage “heat death of our planet”

    well sure, it has downsides too. Next Rollercoaster park is -tbh- unreachable, internet connection is sloo.oo…oow (or did they already finish the submarine fibre cable?) and sunbathing basically only brings you frost bites (if you’re lucky).

    However i am not planning to migrate there.