• 0 Posts
  • 23 Comments
Joined 2Y ago
cake
Cake day: Jun 22, 2023

help-circle
rss

Back when Craigslist had personals ads I answered one saying that I had 10 laptop computers and no facebook account, and I actually got a couple of dates that way. Not everyone wants corporate media.

I’ve been chatting (non romantically) with someone I met on another forum, who is about the same way. No facebook or reddit or anything, not even Lemmy, just a few niche forums.


I think of cloud storage as meaning automatic synchronization to a phone app and crap like that. If you just want plain storage, I’m happy with Hetzner Storage Box. The one I have is in EU so that adds some network latency. I don’t think they have it in the US yet.

You could also go on lowenspirit.com and look at storage offers. servarica.ca has some nice ones that are supposed to be good, but I haven’t tried them myself. They are in the Montreal area.


The Geotrust queries might be OCSP checks which is somewhat legitimate. OCSP is a scheme for checking (via a server query) that a TLS certificate is still valid (hasn’t been revoked) before accepting it. It is or was somewhat mandatory for EV (extended validation) certificates that were fashionable for entities like banks for a while. Without OCSP (like if you disabled it in your browser preferences), EV certificates worked like ordinary certificates instead of showing the company name on a highlighted green background.

Today, people are mostly ignoring that stuff in favor of shorter and shorter expiration periods for certificates.


California ID just has a thumb print and has had it for decades. Renewing mostly gives them reiteration of info that they already have.


I thought airplane mode or power-off disables that, but maybe on some newer phones, that is left running because of “find me”. Hmm. BLE shouldn’t be able to reach any cell towers though.


It will help stop the phone from broadcasting your location, but the danger is the private stuff on your phone getting copied if your phone is seized. Better to use a burner phone with nothing private (such as contacts) on it. Used that way you don’t need multiple burners. Just keep it powered off til you reach the protest. I’d be hesitant to keep it powered (such as for mapping) on the way there, unless you don’t mind GPS track potentially being retained on the phone. OTOH they will probably track you anyway, through license plate and face recognition.

BTW the cheapest place I know of to get phones with minutes is below, especially the basic flip phones that are probably better for this anyway.

https://www.qvc.com/electronics/phones/tracfone/_/N-mlt0Z1z1393y/c.html


It’s more traditional to just print the key fingerprint.


Google gets lots of your email either way, since many of your correspondents will be on gmail. I’ve been getting domains mostly from porkbun.com which offers free whois privacy. namesilo.com has it too.


I mostly use porkbun but also namesilo and a few others.


I’ve transferred domains out of porkbun without seeing anything like that. I’ve had to release the domain lock and paste a transfer authorization code from one place to another. That’s how it has worked at other registrars too.


https://biggaybunny.tumblr.com/post/166787080920/tech-enthusiasts-everything-in-my-house-is-wired

Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!

Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.


I’ve been using Vitelity (paid) but Twilio is a bit cheaper and has a better API. However, the more obnoxious confirmation code senders can detect all of these as being in data centers. IME it’s only a few senders that are snotty about that. You could always get a burner phone.

Hmm, I don’t know what happens if you get a mobile burner phone, set up call forwarding to your VOIP number, then throw the burner phone away (i.e. shut it off so you don’t have to keep it powered and broadcasting its location). The cheapest mobile plan that I know of ($30/year redpocket) unfortunately went up to $45 a few months ago, but it gets you a usable backup sim.

Added: 1) r/nocontract on reddit showed a $36/year infimobile plan with a 20% off coupon (so a little under $30/y) on amazon. Similar deal to redpocket I think. 2) Another idea: get cheap mobile plan, port number into a voip provider, cancel mobile plan. I wonder if the number then reports as data center terminated.

There are now starting to be a few “free” mobile providers where you are required to keep a spyware app running. I don’t think I’d bother with those. textnow.com is the one I remember but there were others. textnow does NOT support call forwarding on free plans.


Thanks, it’s late here now but I’ll try to look soon. I didn’t realize significant improvements over Goldberg etc al were really possible. I’ll try to understand that too.


Is there another post somewhere giving a general description of what you are doing?


Do you have a link about your messaging app? And PIR doesn’t conceal the existence of traffic, so it doesn’t seem like the right thing for messaging. It’s more for databases as the name implies. What exactly are you trying to do?



If we told just anyone, it wouldn’t be private!!!

Srsly any phone app is inherently insecure because the phone itself is insecure. And there’s lots of metadata leakage, like the phone broadcasting its location. There is no “go to app”. It all depends on what you are trying to do and who you are trying to communicate with.


If this is for live disks or mirrors (not backup), LUKS is reasonable. Backup is different from mirroring since one of the things it protects you from is accidentally deleting files. If you delete a file from your main drive, it also disappears from the mirror drive, so mirrors are not backup. For encrypted backup, I’ve been using Borg backup which is quite well thought out, though confusing at first. The backups go on a remote server which is ok since they are all encrypted.


The PFS comes from deleting the secret DH parameters after you are done using them.


The codecs are built into the client (I’m using linphone) and they all sound like crap. Provider is vitelity.net but I have a twilio account so could try that. Also, they only work at all when the phone is online by wifi. Using the phone’s mobile data is total fail. Too many dropouts etc.


This forwards to an (oh the irony) blogspot post, https://articlesgallery8543.blogspot.com/2023/10/lets-decentralize-web-together.html It encourages people to move off sites like facebook towards sites like lemmy. Great but I think we knew that already.


Voip call quality is terrible, it is near unusable over mobile data IME, it adds latency etc.

I guess an intermediate measure might be to make all your phone calls through a forwarding proxy (e.g. implemented with Twilio API) so that all the mobile carrier sees is that your phone calls all go to the same number. Similarly you’d give out a VOIP DID number that forwards to your mobile, so all your incoming calls would appear to come from the same number.


Don’t know about Signal but the way PFS usually works is there is something like a Diffie-Hellman (DH) key exchange. Each person generates a random (private) number, remembers it, crunches it mathematically into a public number, and sends the public number to the other person. Each then combines their private number with the public number that they got from the other person, and this (because of how DH works) cleverly gives both people the same secret number they use for the encryption, but the secret can’t be reconstructed without knowing at least one of the private numbers. Finally, the PFS part is simply that each person permanently deletes both the shared secret and the private number they generated for that exchange (they will create new ones next time they want to communicate). That means there is no way to reconstruct the secret and re-decrypt the message.

Of course, authentication also has to be added to all this.

For more info, probably easiest to look up Diffie-Hellman key exchange online.