Real world, it’s a royal pain in the butt trying to get a not-smart TV. There’s a couple of companies that sell them at consumer-accessible prices and they aren’t as frequently on the kinds of deep discounts bigger brands go for. You might just have to steer your parents towards using an Apple TV (the only ads are for Apple’s own services plus nice integration with iPhones if your parents happen to be iPhone users) then set it up to boot straight to the Apple TV so they never see the Smart TV OS, and of course never connect the Smart TV to the Internet so whatever data harvesting it does do is useless
I mean, the advice I’ve heard for one who’s threat model is “the feds are actively trying to identify me” is to have a dedicated burner computer that you do all of your illegal activities on and no other activities. Then of course on top of that avoid saving secrets onto the device and type them in manually every time (ephemeral distros like Tails are good for that)
i noticed both of the ethernet lights were on and blinking
So usually one of the lights on the port indicates the link state (up/down and if its at full speed or a reduced speed) and the other light indicates data flow. Both lights blinking suggests either a really shoddy link state or an unusual implementation of status lights on the port. Do both lights blink while its booted and actively transferring a large file? Can you find documentation of how your device implements the indicator LEDs? (I can’t tell if that’s a dongle or a port on your computer)
If the power cord is plugged in but the computer is shutdown, and the light is still on, then that means the network adapter supports WoL or OOB management and must stay on for that reason
Also worth noting that Windows is especially bad about actually shutting down when you tell it to shut down because something something fastboot. I’ve seen similar inconsistently on Linux but I strongly suspect that to be more edgecases with specific hardware and my install.
The lights are blinking because broadcasts packets from other devices on your LAN are sent to every device. This is normal and expected behavior.
Just building off of this, modern computers are chatty as heck and there’s just constantly little bits of chatter spamming out on LANs. This is normal and expected behavior
In the US the FDIC sets security requirements for banks and audits annually, and they keeps raising requirements every year or so. At this point its just easier for a bank to invest in following current best practices and keep updating to the current best practices than to keep chasing every new finding on the FDIC audits each year
Source: I worked in IT at a bank for a while
Just a quick tip: I’ve had good luck getting insurance through a broker. I have cheaper insurance through some B2B place that doesn’t work directly with consumers with better coverage than if I went through some national brand that spends millions of dollars a month on advertising to consumers. The other benefit of a broker is now you have a third party who’s incentivized to not only find you the best deal but also someone you can get advice from during a claim should anything seem off to you.
Who knows, maybe they’re required by Google to provide a privacy policy, like xscreensaver was
Chrome’s privacy sandbox is a very different protocol from Mozilla’s PPA protocol. I haven’t read about Safari’s variant so I don’t know if that’s a copy/paste of Chrome’s or it’s own protocol
The big difference between Privacy Sandbox (previously Topics API and before that FLoC) and PPA is that Google’s “solution” still tracks the user while Mozilla’s just tracks the ads and gives aggregate data to the advertiser
Non-profits of the scale that Mozilla is need good talent to continue to exist. Good talent needs to be paid close to market rates to work for non-profits, and retaining good talent requires even better pay and benefits than just what will get good talent in the door
No matter how much or how little the talent at a nonprofit is paid people will go “why are they paying the CEO a $1 million dollar salary? They could hire 6-8 developers for that much!” “Why are they paying developers 100k/year? Can’t they accept 80k for the privilege of working for such an important bastion of the open internet?”
15 million a year is a lot but it’s also 1/3 the median CEO pay rate. They have to pay the CEO at least semi-competitively to retain them
Totally free, open source, and offering a vast offering of office apps, with paid hosted versions.
When Mozilla was founded the idea of hosted webapps didn’t exist. Quite the frankly web standards didn’t yet exist to allow such a thing to exist. Those were the days when you’d use Flash, Shockwave or Silverlight just to view media content on the web.
But I do agree, they could be investing right now into feature rich hosted services, but they’ve only half-assed any paid services they’ve tried to integrate and then dropped them because they couldn’t get enough users to make it worth continuing the effort (mostly due to the half-assed effort they put in to start with)
For those dark pattern email boxes I like entering things like admin@[website that’s serving a dark pattern mailbox] or marketing@website because 50% of the time it just gives me whatever without any trouble and the other 50% of the time I clear cookies and consider if I really need whatever they’re gating behind harvesting my email…
I feel like a browser API that just gives info to the site when request of either “is under age, is of age to create an account, is adult” might be an easy way to establish something like this too
This way the site can voluntarily check if they’re illegally collecting data on minors, if they’re showing adult content to adults, and automatically display age appropriate content of applicable
Maybe an NSFW flag as well that sites can check to automatically show/hide NSFW content, for example on work machines or shared computers, but that’s probably getting a little too finegrained
The real question is how is the age flag determined? Is it determined by the browser? The OS? Browser seems the safest bet, since Google can base it off of the Google Account, Microsoft can base it off the Microsoft account and Mozilla can shove it in the settings and potentially base it on the Mozilla account
In regards to the DNS advice should I use that for both my PC and android ? And when would I use a vpn?
You should setup your preferred DNS server everything really. On your phone, on your computer and on your router if you can. DNS is the absolute easiest way to track and block/hijack browsing habits, so hardcoding your devices to use a standard one like NextDNS, Quad9 or Cloud flare will put you very far ahead
Regarding VPNs, commercial VPNs are really overhyped, and thats because they’re a cash cow for operators. See Tom Scott’s video on the subject if you prefer this britishplained to you. All a VPN is is a tunnel from your device to the VPN server wherever that is, so you’ll look like your traffic is originating from that VPN server, plus all of your traffic is going to that VPN server so you have to trust that that server isn’t compromised nor slurping up all of the data to sell/provide security agencies. Clear text browsing traffic will also be secured between your device and the VPN server, but that’s super uncommon nowadays. Realistically a commercial VPN is best for if you’re doing illegal activities such as piracy because it will add layers of abstraction should a private company or public agency wish to investigate your activities and try to identify you. I do use Tailscale with an exit node on my home network when connecting to public wifi just in case the network is misconfigured, but it’s really just another layer of Swiss cheese security.
I tried Graphene OS but my banking failed so back to stock Android
Any features in the mobile app that don’t exist on the website? I’ve had good luck checking my bank balance and all sorts of other things through Firefox on Android - pre-edit: I missed that it was app only. That sucks.
For browsing on Android I use Mull and on my android Proton VPN is always on. I visit twitter and twitter ocasionly but always through mull browser.
The VPN really doesn’t do much at all for privacy. It just moves the point of trust from the service provider for the current network to the VPN provider, plus now you have extra hurdles as you’ll show up as a VPN IP rather than a “normal” residential or cellular IP. Realistically set your DNS to be something like Quad9 or Cloudflare and you’ll already be several steps ahead on browsing privacy
For spending habniys I try to use Google pay as little as possible and use my master card.
Realistically any card is going to be selling your spending habits. Cash and crypto are about the only ways to have private purchases, and plenty of places won’t accept either
Personally I had a long hard think about my privacy practices and how they only isolated me and made me unhappy, and realized that if I’m already blocking all ads so I never get to see the results of the incredibly dystopian advertising hellscape, does it really matter that much if Google knows I spent $200 on random model train shit last month when they already know I watch a few hours of train-related content on Youtube? So I take smaller steps to not fully given in, but I don’t take steps that create extra hassle in participating in modern society and living my life to its fullest.
when Amerika is looking at a job shortage because of all the offshoring.
Ahahaha no there’s not! I work for a national company and we have hundreds of jobs we struggle to fill.
Even if you look at the data for manufacturing, the most infamously offshored sector there’s consistently more job openings than hirings
if you switch providers before paying it of
Usually a financed devicd is financed through the carrier, and therefore a carrier branded device, and therefore locked to the carrier (yes they have the unlock option but compatibility tends to be far more limited than on the manufacturer unlocked version of the model)
The biggest tool in the M365 suite will vary by organization.
Outlook is huge. It integrates well with Microsoft Exchange which can either be self-hosted or you can just pay Microsoft to handle it (generally recommended these days) the calendar integrates with Microsoft Teams where you can create a calendar event, have it create a Teams Meeting, then add your attendees from your Outlook contacts (which will also have all accounts from Active Directory searchable) then after the Teams meeting you can directly email a followup to all meeting attendees within outlook. Outlook will also very nicely handle emailing files as SharePoint links and giving access to the users you’re emailing to (again, integrating with Active Directory for authentication and listing users to set permissions) and when you and another user are both editing a document on SharePoint it allows easy collaboration in Word/Excel/PowerPoint much like how Google Docs work when sharing with edit permissions. These workflows are huge for a hybrid/remote workforce or for inter-office collaboration.
On the server & administration side of things Active Directory (AD) is a juggernaut. It has integrations into many web services (basically anything with a “sign in with Microsoft” button), many programs one might install onto a computer also support using your AD login as authentication, which means fewer passwords for users to remember and fewer passwords for admins to reset and manage for onboarding, offboarding and provide login assistance to. AD also directly integrates with file shares where you can set detailed permissions based on the users and groups in AD. AD also gives you access to Group Policies which allows you to heavily manage and configure your users workstations. This is where admins can restrict access to settings users should never touch, restrict the ability to install software, remove bloatware, restrict access to certain browser functions etc. and of course you manage all of this using Microsoft Remote Desktop Protocol or Microsoft Powershell which authenticates against AD. Most organizations use AD as a single source of truth on who works in the organization, with the HRMS (Human Resources Management Software) directly integrating with AD and automatically creating and deactivating users, applying groups based on the user’s job title, etc.
For a real world example, I currently manage a SAAS product as one of my primary duties (it’s like Salesforce without being Salesforce) we have extensive permissions setup within this SAAS product which we have to manually apply for every user that joins, leaves or changes positions. I’m currently pushing for AD integration since I spend about 8 hours every week on concerns that would be automated away by integrating the SAAS product I manage with AD, letting AD groups automatically set the users permissions and using single sign-on with AD, and this would also tie into a larger upcoming project of shifting some shared accounts for high-turnover positions into named accounts as it would ideally integrate with an ongoing project that’s ramping up to overhaul our current HRMS workflow and automatically create/deactivate users with appropriate permissions as they join/leave the company. This is the power of AD, it’s a single, industry standard database and authentication server that often runs entire organization’s security and infrastructure because of it’s heavy integration and potential for automation
got caught in a horrible recommendations loop because I’d like family photos of running and gymnastics for my nieces and cousins.
I never reach that point on Facebook. I scroll for about 5 posts to see what my family and friends might be up to and get too frustrated with unmoderated spam and report it as spam and close the tab and move on
The argument I heard is that all of the chatter about adblockers is causing normal people who don’t realize that adblockers exist to realize that they exist and try them out. I don’t know if there’s any evidence that this is actually happening, and I don’t know how much I can believe that argument at this stage
I believe they have like a month to comply.
According to my training when I was handling my workplace’s GDPR request email companies have 30 days to respond. Meaning they could simply have a bot respond to all incoming emails on day 29 and say “we’re reviewing your request” and be in compliance for a while longer
I used to work in support for a phone manufacturer. I spent more hours than I’d like to know helping people navigate Google account recovery because their only computing device was their phone which they just got replaced under warranty and they don’t remember their Google password. The lucky ones had set a recovery phone number and/or email, the unlucky ones were simply at the mercy of the ivory tower that is Google
Yeah 404 Media has been killing it and breaking a lot of important stories lately