- 0 Posts
- 84 Comments
Biometrics are worst than a pin in a situation where your phone us hooked up to Cellebrite, because most likely they can just take your fingerprints, or make you press the sensor by force. Or even worse with facial recognition, because they can just wave the phone in front of you to unlock it.
It’s generally not super good otherwise either, at least not as a reliable way to derive an encryption key while being tolerant enough to damaged skin and positioning and all.
Biometrics are a good compromise for daily convenience: most people care about if they lose their phones or it gets stolen, and a thief will just factory reset it and flip it especially of the full qwerty keyboard pops up. Biometrics are still usually backed by a PIN or password, so biometrics makes it bearable to use a strong password since you only need to enter it once every couple days. And that password is the encryption key, so in BFU state you’re safe.
The website requests an image or whatever from 27748626267848298474.example.com, where the number is unique for the visitor. To load the content the browser has to resolve the DNS for it, and the randomness ensures it won’t be cached anywhere as it’s just for you. So it queries its DNS server which queries your DNS provider which queries the website’s DNS server. From there the website’s DNS server can see where the request came from and the website can tell you where it came from and who it’s associated with if known.
Yes it absolutely can be used for fingerprinting. Everything can be used for fingerprinting, and we refuse to fix it because “but who thinks of the ad companies???”.
There’s some value in having open-source clients to proprietary services. Of course ideally one would avoid using them, but since many are stuck with games they already purchased and the launcher was bolted on later in an update, it makes sense.
At the very least it probably doesn’t implement a lot of the telemetry, and it doesn’t require you to figure out how to make the launcher work under Proton, only the game.
Less proprietary is better than nothing.
Everyone’s approaching this from the privacy aspect, but the real reason isn’t that the cashier thought you were weird, they’re just underpaid and under a lot of pressure from management to try multiple times and in some cases they even get written up for not doing it because it’s deemed part of their job. They hate it just as much as you. Same when you try to cancel your cable subscription or whatever: the calls are recorded and their performance is monitored and they make damn sure they try at least 3 times to upsell you, even when it’s painfully obvious you’re done with them.
Just politely decline until they asked however many times they’re required to ask and move on.
If you can find where the antenna is, you can cover it with some metal tape to kill the signal. Or wrap the whole thing on a metal cage or foil, basically put the thing in a faraday cage.
I have a feeling they’d put the antenna in the front panel though, so that solution may not be super aesthethic if that’s the case.
Sorry for the YT Short, but of course the simpsons predicted this: https://youtube.com/shorts/rYb8geoO484
The identifier is unavoidable for push notifications to work. It needs to know which phone to send it after all, even if it doesn’t use Google’s services, it would still need a way to know which device has new messages when it checks in. If it’s not a phone number it’s gonna be some other kind of ID. Messages need a recipient.
Also, Signal’s goal is protecting conversations for the normies, not be bulletproof to run the next Silk Road at the cost of usability. Signal wants to upgrade people’s SMS messaging and make encryption the norm, you have to make some sacrifices for that. Phone numbers were a deliberate decision so that people can just install Signal and start using E2E texting immediately.
If you want something really private you should be using Tor or I2P based solutions because it’s the only system that can reasonably hide both source and destination completely. Signal have your phone number and IP address after all. They could track your every movements.
Most people don’t need protection against who they talk to, they want privacy of their conversations and their content. Solutions with perfect anonymity between users are hard to understand and use for the average person who’s the target audience of Signal.
It depends where you draw the line of what is GrapheneOS. Everything they do is free and open-source. If you build it for emulator or Waydroid, it would indeed be FOSS: no proprietary blobs in sight unless you count your host’s GPU firmware to taint the whole thing. The build scripts to dump your firmware blobs from your own device, building GrapheneOS, bunding it all back together, sign the build and flash it on your device, all open-source.
The only part where blobs are involved is the downloadable prebuilts which does include the blobs otherwise it wouldn’t boot at all. They’re not including blobs in their project. They’re including the blobs that are already on your device and also downloadable from Google. It’s not like they made their own proprietary blobs they hide the source for.
The GNU guys say that’s unacceptable as any proprietary software is unacceptable, therefore the whole thing is tainted and worthless. They think the same thing of coreboot/libreboot.
In my opinion, GrepheneOS is fine. It’s the best that can be done, and their project in itself is FOSS, even if running it on actual hardware requires a few blobs to be added, and it allows users to opt-in to installing a sandboxed Google package. The same I call Linux FOSS even if it can upload a firmware to my GPU so amdgpu works. At least the entire loading of the firmware is in my control, and I can verify that the blob being uploaded is the one I expect, even if the blob is proprietary.
Nothing that you replace with GrapheneOS is proprietary. The blobs are a no-op. Running sandboxed proprietary code is better. It’s a net positive and reclaims some of your freedoms by being able to control and monitor the sandbox.
I switched to cookie allowlist, and manually add the sites I want to remember me. I don’t want to play the cookie game anymore, period. The only reason they ask is because legally they have to, and even then they do the bare minimum and use dark patterns to make it as hard as possible to decline cookies.
No more cookies for anyone, should have used them responsibly in the first place.
I mean you can make one without the metadata or phony metadata, it’s primarily used by software to validate you. It’s not like it validates any of the info. You can put RatoGBM@lemmy.world as your email of you want, good enough.The general idea is that a PGP key is an identity, not just a key pair. There’s plenty of non-PGP ways to make key pairs.
It’s useful when other people look through their keyring, so I can easily find which key I’m looking for. People don’t usually go find your key every time you want to send a message, they import your key then specify the ID or email of the key to use which is usually automatic based on who you’re emailing. And then when you message back, they want their messaging client to be able to look up your key and validate it automatically. I’m not going to go browse my files to find your key again to verify every single one of your messages. And I’ll be messaging you at some email address or other identifier somewhere anyway, so the key ends up tied to a form of identity regardless.
Those are Java package names. Android is written mostly in Java/Kotlin. Java being Java, the recommendation for package names is to use reverse domain name syntax to uniquely identify your stuff. So most of Android’s core is under the com.android.* namespace, and Google’s extra stuff usually under com.google.android or something like that.
Android is also extremely modular, so a lot of the system is also just regular Android apps, including settings. That’s why you can see say, “Android Easter Egg” which is the hidden system app that gets launched when you tap the version number in settings a few times.
If all you installed is GrapheneOS and Google Apps, I wouldn’t worry about malware. Google’s stuff might be spyware but that’s up to you to judge, but nothing that wouldn’t run anyway on your stock OS.
I get that services don’t want to ruin their own email domains, but I should be allowed to do whatever I want with my own domain.
Email works with both domain reputation and IP reputation. Even if you have your own domain you’re still using their IPs for emails, they’re still tied to it for abuse.
I’ve been hosting my own for over a decade, works great and no limits other than what the hardware can do. I’d recommend doing that since you already have a domain.
Most modern operating systems randomize the MAC. DHCP does have extra fields such as the device’s hostname that can be used to counter that.
But as I said, that’s unlikely to be the weakest link. If you don’t trust the network you’re also likely in a public environment where people can just see you anyway.
I guess the hostname could be used to defeat MAC randomization if you use public WiFi like hotels, airports and coffee shops. You could probably identify repeat users if you cared enough.
But then your worry should be the security cameras not the WiFi, because that’s what’s gonna tie you personally to your device connecting.
No, simply because even with pure CSS and even pure HTML you can find ways to leak some information about the browser. For example, a background image that only loads on 1920x1080, another for 2560x1440, and so on. Make hundreds of those for every possible resolution (they can be the same file on the server but at a different path), and there you go, you now figured that the client downloaded img/background/2448x1280.png from the server logs. You can use the same trick for fonts as well, you just apply the same trick on a box on the page that is sized based on text content. Repeat for every font you want to test for.
There’s just a ton of those little features that are for performance optimizations because loading a 4K background on a 480p phone is a bad experience for everyone involved. Sometimes you need to know the size of some elements to position other elements relative to it. You need the mouse cursor position to open popups at the right place. You need the window size to realign popups and modals. You’d have to go back to text based only sites like it’s the 80s and 90s to avoid that kind of fingerprinting.
And thus Tor’s solution: everyone’s got the same window size, same fonts and everything.
I would trust them more than Microsoft because at least they would actually store it encrypted safely and not just basic ACLs that are easy to bypass.
Even with a root shell on macOS you can’t bypass certain things like access to the camera for example. You’d have to work way harder to access recall data, not in a way that malware can trivially access.
I still wouldn’t use it though, because I think the whole thing is dumb and I don’t need my computer to spy on me so I can remember what I did yesterday. I have browser/shell history for that.
Not in the way that Windows does, at that point your best bet is SysRq+REISUB or SSH in and kill kwin and possibly issue a manual reset in /sys. But even if successful, half your apps will have died as Wayland compositor handover isn’t quite reliable yet.
I also believe if the GPU hangs the kernel already tries a reset, I would start with a manual reset via SSH to confirm it’s even worth pursuing and then you can figure out a hotkey situation. Even if the GUI is locked up, you can listen to evdev devices and catch an arbitrary keyboard shortcut and run a shell script that resets the system to your liking.
That’s a hell of a lot of massively unsubstantiated claims and paranoia.
It’s end to end encrypted, that it’s hosted on AWS or who funded the project doesn’t matter. The encryption is open-source and auditable (and has been audited as well). It doesn’t even know who talks to who. For notifications, it’s decrypted locally on the device by Signal, and can be turned off. It’s also encrypted in transit on top of the E2E so only Signal servers can decrypt the little metadata there is, not everyone on the network.
And none of this is confidence inspiring about their own service. It’s 2024, how the fuck isn’t rebuilding their compromised server not a single command away, and why are they even attempting to fix it in the first place? Why do they even have access to the server at all?
Absolutely zero credibility. None.
ActivityPub makes this impossible. Everything on the fediverse is completely public, including votes, subscriptions and usernames. Even if Lemmy did offer the option, other servers wouldn’t necessarily.
And honestly this is a system that would be mainly used for spam and hate speech anyway. Just make a throwaway like everywhere else.
I route through my server or my home router when using public WiFi and stuff. I don’t care too much about the privacy aspect, my real identity is attached to my server and domain anyway. I even have rDNS configured, there’s no hiding who the IP belongs to.
That said, server providers are much less likely to analyze your traffic because that’d be a big no-no for a lot of companies using those servers. And of course any given request may actually be from any of Lemmy, Mastodon, IRC bots or Matrix, so pings to weird sites can result entirely from someone posting that link somewhere.
And it does have the advantage that if you try to DDoS that IP you’ll be very unsuccessful.
It’s derived by both a key from the TEE and the PIN/password.
The reason for that is so you need both the user’s correct password, and the TEE to agree to hand out the key, which it may refuse to do if there’s been too many attempts. When you factory reset it just generates a new key, instantly making all the previous data permanently inaccessible. The TEE will also wipe the key if you unlock the bootloader or try to break in the wrong way.
It’s still only roadblocks though, extract the key from the TEE and you have unlimited attempts on what are usually weak 4-6 digit PINs. It’s not a lot of tries. Then you better hope you had a good password.