Nothing. OP is a tankie / Russian PsyOps operative. If you care about a Russian billionaire who’s surveillance capitalism platform refuses to even acknowledge requests to remove criminals, you deserve to live under the boot of Russia’s authoritarian Kleptocracy.
Save your energy for the actual wars on encryption and privacy that western plutocrats and capitalism are waging under the lie of Freedom™️.
Maybe the difference is that the signal developers aren’t rich people flying around the EU on private jets? Maybe there’s no value in targeting the signal devs because they can’t legally be expected to moderate chats they literally can not access? Maybe it’s not worth backdooring because it’s open source?
I actually did something similar to this before. After a breach I torrented the data to query my own creds (old passwords were leaked, from my pre random gen password manager days). I then searched my friend’s emails and messaged them asking them if their password was still “xyz”. I got a lot of “bro, wtf!?!” that day!
If they agree that Trump/Republicans are fascist, ask them why they think it’s an acceptable risk to allow the government to construct the most pervasive and advanced surveillance state that has ever existed for fascism — a system so advanced it would make Himmler cream his pants — why build big brother so all they have to do is simply take over, turn a key, and use it against the world?
If they’re insane and think Trump/Republicans are the good guys, repeat the above but swap out the perpetrator for liberals/trans/immigrants, or whatever “other” is the flavor of the week.
If they’re not American, ask them what they think will happen if the world’s strongest ever superpower — a kleptocratic failed state, straddling the knifes edge of fascism — with a secret police who have backdoor access to the tracking device in their pocket, all their data, and all their historic communications — became a fascist dictatorship? … Point out how “woke” they are (sex before marriage, gay marriage, whatever) … and ask them how comfortable they would be if the tens of thousands of people working at the NSA/CIA were converted into fascist “troll farms”, and started using AI and analytics of all their personal data, to unilaterally wage a cyber war on everyone they deem “woke”? Do they think their government or military could defend them from a bad actor that has the ability to hack anyone on Earth… A bad actor who, if they want you out of the picture, just has to remote into your machine, download some child porn, and tip off the local police… Good luck trying to prove your innocence. You don’t even know what most of those words mean! You weren’t even aware that this was a possibility 30 seconds ago!
Html is as private as any language — only private when secret (encrypted) — so your comment is a worthless “vacuous truth”.
If you only included projects created in the last 2 or 5 years rust would be ahead of C/C++, possibly ahead of all other strongly typed langs. Kotlin is usually chosen explicitly for modern Android and Java lib interoperability.
I would be willing to wager that within the next 1-2 decades, LLM transpilation will be used to replace most C/C++ code, too. LLM’s can’t be trusted to write code, but they can be trusted to transpile in combination with TDD. If a codebase is already well tested then transpilation is many orders of magnitude easier.
This is why privacy policies are a virtue signaling joke. They all start with “we respect your privacy” which is so objectively, categorically, false 99% of the time that it should be considered illegal (e.g. false advertising) for the org to even associate those words with their business, in any capacity. Every evilcorp has one policy that is hundreds of pages long and covers everything they ever have done, and ever will do, across every subsidiary and product of the entire umbrella organization. The whole privacy policy system is designed so every consumer rubber stamps them and legally absolves the corporation for everything they will ever do, because it’s impossible for any human to read or understand them. By impossible I mean literally impossible – you would need more than a lifetime to read them, let alone comprehend them…
If we didn’t live in a capitalist dystopia, privacy policies wouldn’t be needed most of the time, because data laws qould be so comprehensive they explicitly apply for 99% of interactions, and every system would be designed from the ground up for zero trust (e.g. all data is E2EE). But in the 1% of cases where they are needed they’re dynamically generated from templates, based on a users current preferences/settings. The “use X app” policy would be different from the “integrate all of my other various PII linked services to my account” policy. In the case of a completely offline calculator, with no API, and no telemetry/analytics (or them all disabled by default) the policy would not even be a link; just a one-liner that says “App can be used with zero data collection”. If you download the app and choose to enable a data collection setting, that’s when you would be shown the policy related to the specific data points that setting relates to.
They can always go shittier. Nothing will stop them until the entire human population is strapped into a matrix style ad network, 24/7… paid for by you, renting your neurons as compute for AI to generate more ads and supporting analytics for yourself… until your profitability quotient falls below average and they liquify your corpse to feed a more profitable gen of the attention crop.
I consider this post as more of a thought experiment. If this sounds extreme to you, then the mass surveillance of society is even more extreme.
The fact governments almost always exempt themselves should be all that’s needed to prove the measures violate a democratic societies rule of law and civil liberties, and that their promotion should be considered treason — an attack on the civil liberties of the entire population is an attack on democracy itself.
Reolink and one other I can’t remember seem to be the most consistently recommended hardware (actual security companies rather than cheap Chinese hardware rebranded by hundreds of drop shipping start ups). They only need internet access for the initial activation, and can be connected to home assistant or ftp server. I created an account with an alias email, then blocked its internet access from the router. It works fine on LAN and via tailscale.
https://reolink.com/product/e1-zoom/
NOTE: these wifi cams are not a “security” system. They’re for basic monitoring and scaring your cat.
Custom domains mean that if the alias provider enshittifies, you can switch to any other provider near-instantly. As long as you never use the domains to host illegal or dodgy shit it’s extremely unlikely you’ll ever lose them — far less likely than losing a gmail or whatever.
With SL you can avoid spam by using the “beta” (been beta for 3+ years lol) “auto create” option instead of a catch-all, meaning that you can direct emails to different inboxes (or do nothing) based on specific regex strings you control — up to 100 of them. I had a catch-all regex (.*) as my # 100 and it took 2 years to receive catch-all fishing spam. Then I removed it and now have only random strings (e.g. .*fgyu.*) so new emails must have them if they want to get somewhere. Everything else bounces. All previous emails continue to work until you disable them individually.
I use a mix:
- SL-domains: anything I don’t give a shit about.
- Non-PII domain: anything I would want to persist if I changed provider, but don’t need my identity, or can give out a unique email in-person.
- PII-domain: banks and all other services tied to my identity.
- Top-Secret-PII-domain: critical services that could compromise all others (password manager, email/OS accounts, domain name registrar).
The obvious solution to me is sponsorblock switching to sampling pixels out of each frame, like that project that encoded data into video streams (yet resilient to compression), there are algorithms that could fingerprint any ad with an extremely high degree of accuracy. It’d be more complex than the current implementation, but it’d also be more resilient. I’d settle for it hiding the video and suppressing the audio for the ads duration, possibly displaying a countdown timer, vs actually watching the ad. Then Youtube would get paid, but have no way of knowing you haven’t seen the ad, and the metrics around their ad effectiveness would ultimately suffer, so users still win.
You could even go so far as to have the client cache the video, several minutes in advance, dropping all the ad frames, so it’s a seamless experience for the user. I got money, but will spend 10x as much ensuring Google gets less from me. It ain’t about money. It’s about sending a message!
Great job backdooring the entire EU, EU oligarchs. This is so recklessly dangerous to national, regional, and global security that efforts to implement something so authoritarian and anti-democratic should be considered both treason and a crime against humanity; worthy of the Hague and life in prison.
This is the kind of shit Putin or Xi would try to pass if they corrupted the EU’s institutions.
I think this question might be missing the point of TOTP and protection it provides. The reason 256/512 is used to encrypt data and passwords is to prevent the possibility of brute force and other attacks (e.g. using other data breaches). This doesn’t really matter with TOTP. They can’t reverse engineer a TOTP password out of you. They can’t use your info from prior breaches to gleen what your TOTP might be anywhere else. It’s not something where “cracking” the hash is likely to be attempted, as an attacker would still have to capture the generated codes and time of input in some way, then brute force hashes until they generate one that produces the correct codes at x time. Why would they ever do that when it would be a thousand times easier to compromise a device or TOTP app, and scrape the hashes directly from it; negating any need to brute force?
Note: I am not a cryptographer and have not implemented a TOTP server, so I could be completely wrong.
TL;DR 256/512 wouldn’t necessarily increase the security of TOTP at all.
Niceties like the rule of law and human rights are merely suggestions to oligarchs and surveillance capitalism.
“Remember, terrorists and pedos exist, so we need to abandon any presumption of privacy and monitor everyone’s activity 24/7… For your freedoms!”
— the oligarchy, including the wealthiest terrorists and pedos in history
If you’re on a VPN then the thousand other people using that server provide that type of obfuscation.
What you seem to want is a web crawler that is perceived to be a real human and navigates alternate sites in real time. That’s a near-impossible cat and mouse game. Ultimately not worth the effort. All you have to do is be harder to track than the majority. The value for ad tech is in efficiently profiling the 99% — not the 1% of paranoid folk.
Sounds like you want both https://adnauseam.io/ and https://trackmenot.io/
I know with tailscale you can set Mullvad as the exit point for all clients within a subset. I imagine you can do something similar with a private VPN, with a ton more effort.
So? That doesn’t absolve any of the former decision makers of their crimes. This is the kind of mentality that both enables and facilitates corporate criminals and corruption.
If you purchase a stolen car you don’t get to keep it if the crime is uncovered or the real owners are found. When you purchase a company you purchase its liabilities. If those liabilities/crimes were not disclosed, then you have a case for rescinding the purchase and prosecuting the former company/owners/investors for additional damages.
The corporation made TENS of millions from lying to customers, stealing their data, then selling it — they were fined $18 million… This is better than nothing, but still complete dogshit.
Would you consider fining a car thief a fraction of the value of the car they stole justice? No! Because that would be a sick fucking joke!
The corporation should be fined 10x the revenue of the crime, and the leadership who signed off on this should be criminally prosecuted, personally fined a percentage of their wealth, and imprisoned.
Corporate criminals should be treated like actual criminals.
Yeah… I’m like 99% positive Reddit wisened up to scrubbing and have been preserving backups for years, essentially rendering all forms of update/deletion useless.
All they’d have to do is have a separate “hidden” db that mirrors production, with separate business rules to ignore all non-mod updates/deletions beyond 12 or 24 hours.
The best you can do now is stop giving them content.
Yeah, there should be fine grained options (e.g. “marketing”) in the settings, or at the very least an opt-out toggle, where use of the wrong channel is against TOS and results in delisting from the app store.
Finer grained control is needed regardless — enabling apps and users to control critical and regular notifications based on each individual use case.
There should also be a notification log on the device, that shows you all associated information — many apps will offer something via notification that is not available to you, which is considered false advertising and is illegal in my country. This should also breach TOS. There are also many errors where the notification links to nowhere. Once you click the notification, it’s gone forever, which is a horrifically bad design decision.
Worthless opinion piece is worthless.