irotsoma

Yeah. They can’t get Mastodon moderators to suppress negative publicity like they can on Reddit and other platforms.

I really would love something like Amie Street before Amazon bought it to kill it. I got so much great music on there for pennies which then led me to buy more and more from those artists. My problem is I need to hear a song a few times before it digs into my soul. And preferably not when I’m paying too close attention to the technical aspects so it can hit me more emotionally. So just having a 10-30 second preview or just hearing it one time is never going to be enough to hook me on an artist. Also, cheaper b-sides since it was demand based meant I was much more likely to hear more of their music and get more invested in the artist.

Is the app designed to prevent screenshots, and if so, is there an option to disable it? I’ve noticed a lot of apps that implement that in nonstandard ways don’t work with Bitwarden or often with other accessibility tools.

Yeah, I just meant people are used to decades of using meaningful usernames. Having to use a cryptographic key has traditionally made it very difficult to get enough people to adopt to make it worth adopting yourself as a technologically savvy person. I never would have used Facebook in a million years if it wasn’t for the fact that it was the only place I could get in touch with many people. Having to build your networks in-person is tedious for many people and sharing the codes securely through other means is cumbersome if you don’t have an existing method for sharing.

Just like HTTPS needs several layers to make it work and still relies on an untrustworthy and corruptible thing like DNS to verify the destination and it’s keys are the thing you’re expecting to connect to. There’s no secure way to share the route to your device electronically in a user-accountless system with no secure, trusted middleman translating names to addresses unless you do it in-person.

The common, vernacular English word ape, not the version of the term that refers to all Hominoids which is not a common usage outside of scientific communities.

The common, vernacular English word ape, not the version of the term that refers to all Hominoids which is not a common usage outside of scientific communities.

deleted by creator

DNS over TLS handles that. No need for DoH really. Unless DNS ports are blocked or captured by NAT or something and you need to use port 443 with DoH. At least not with a DNS server.

DoH is useful for individual applications to do their own DNS lookups bypassing the OS or network level DNS. Otherwise DoH and DoT provide the same basic protection. DoT is just at a lower network layer and thus more easily applies more broadly across the network or OS rather than being application or resolver specific. There’s never been a real need for a DNS server to use DoH instead of DoT unless DoT is blocked upstream.

Use VPN or DDNS connected to your domain registrar. Of course DDNS might not update immediately, especially if your domain host is not the same as your DNS provider, so you might have outages for short periods when your IP changes. So, depends on if you’re OK with that or what kind of connection you have and whether it changes your IP a lot.

Also, might be able to get an IPv6 address for free depending on your ISP or at least you can set up your router to request that your address block is retained for you. I know Comcast does this. Unfortunately, my ISP does not.

Unbound supports DoH if compiled with the support and given TLS certificates. I don’t use it internally on my home network because I have a pihole that I want to capture the traffic. I do use DNS over TLS for upstream communication, though.

I mean it’s kind of like the “humans evolved from monkeys” or whatever primate you want to substitute for monkey. No, they branched off from a common ancestor though.

I mean lots of people get mixed up between BSD, Linux, UNIX, and all the variations over the years. Is MacOS a version of Linux? No. Is a human a type of ape? No. Are MacOS and Linux way, way closer than either are to Windows, hell yes. Just like people are way closer to being monkeys than swallows. There’s a lot of mixed breeding in both examples and a lot of total incompatibilities as well.

But it’s a difficult concept for the average person to not have an account, but everything is device oriented. Same problem with people not using gpg for email. Having to maintain a thing similar to a private key that’s not memorizable like a username and password and back that up in case your device is lost. Is a big hurdle for many. And then additionally having to share a qr code or link through some external means for someone to connect with you rather than just telling them to download an app and enter your username HSS always been difficult.

So, IMHO, Signal has the best implementation possible with the level of usability that many nontechnical people expect in a chat application, even if it’s not the most secure. I am interested to see how SimpleX solves these issues in the future, though.

I think it’s similar to the idea of clicking on the unsubscribe links on spam email. It lets the spammer know it’s a real, active address, so, often, it just ends up giving you more spam since they share that info. Only unsubscribe from things you actually subscribed to in the first place.

Yes, that too. I should have said want to code stuff…and continue to maintain it…

KDE if you want to just configure stuff. Gnome if you want to code or manually style stuff.

deleted by creator

“There’s nothing to suggest that these people will be approached with any claims directly.”

No, but they’ll be pressured to testify with the threat of such a lawsuit. And if the RIAA wins, then ISPs will likely start giving the names to them openly so they can start those lawsuits back up again, at least in the US where it’s again no longer considered an essential utility service by the government thanks to Republicans. There’s a reason they’re not targeting the bigger ISPs that have enough money to fight back anymore. This way they can get a judgment to use against them later.

Yeah I think hashes in the same folder are only valuable as a check to make sure you downloaded the file successfully. Which isn’t a big issue for at least the around 80% of internet users who have access to broadband. They are only useful for security if the hash is on the website that you click on and then you download and verify it manually.

Yeah, IMHO Signal is the right balance of usability and privacy. Problem with not having a user ID is that you can’t easily use the application on multiple devices at the same time and if you lose the device, or don’t properly migrate to a new device, you will have to start over building your connections to others.

But the real issue with no user ID or centralized platform is discoverability. Same reason things like gpg for email never caught on. You can’t just type in a person’s phone number, username, or whatever and start talking to them. It only works if you have another line of communication with each person to set up the connection. This is usually the deal-beaker.

But the problem with user IDs is that anyone can create as many as they want and use them to avoid spam and abuse filtering. So that’s why phone number is used by Signal as a unique identifier. It’s not 100% unique, but it’s good enough to deal with all but the most determined abusers.

Can’t speak to this incident, but i do agree that in general, free VPNs are not safe because usually they are funded by selling your personal information and web traffic data or performing MITM attacks to inject ads and thus compromising security, even if that’s not the intention.

That being said, Rise Up is a donation funded organization and is specifically run by a nonprofit promoting activism, so really it all comes down to your trust that org. The cost of bandwidth required to run a VPN is high, their site mentions it costs them about $60/person/year. So that money has to come from somewhere. If you’re paying, and it’s a reasonably trustworthy company, then it’s unlikely they will be willing to risk selling your data. But if you’re not paying, then the incentive to not sell your data just isn’t there, thus it requires more trust, IMHO.

Also, if they are a legit org and I take their product without paying, I’m taking that money from activists in places that truly need VPNs to stay safe from arrest or murder, so I generally don’t feel it’s moral to use it just to save money, but that’s me.