Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)H

hirihit640

@ hirihit640 @sh.itjust.works

Posts
2
Comments
103
Joined
2 yr. ago

  • Peer to Peer Messaging App

    Jump

  • so it sounds like this is more for group chats, to ensure at least one member is online at all times. Otherwise, if it were just 1-1 messaging, and one person's phone went offline, the other person would have to wait until it was back online to send a message, right?

  • YSK: you can buy (email) accounts anonymously using darknet markets

    Jump

  • It’s important to not go down that route because if you can’t ever trust then you can’t believe you can ever have privacy or anonymity except when you completely retreat from all communication or interaction both electronically and physically.

    I do agree that it's an extreme threat model, so it's not one I use personally. I guess some people may try anyways though 😅

    here's an article about the proton case: https://www.schneier.com/blog/archives/2021/09/protonmail-now-keeps-ip-logs.html

  • YSK: you can buy (email) accounts anonymously using darknet markets

    Jump

  • That was a colorful and fun read, can't say I can match that. But I think if you are against the feds the assumption has to be that they infiltrated the other party. This is the whole reason why canaries exist. Because many jurisdictions allow the feds to force companies to do things and keep silent about it (gag order). For example, Protonmail was once forced to log IPs to track down the owner lf an email account.

    By the same token, if Posteo is able to associate a nonce to an account, then they're also able to tell the feds. Even if you are in a different jurisdiction from Posteo, feds can work across state lines through international agreements (which I think was also the case in the Protonmail case).

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • ok first off, this community is about self-hosting, there just happens to be a lot of overlap between people who self-host and people who care about privacy.

    And if you thought privacy was about distrust, that is a very unhealthy view. Privacy-minded folk simply have different principles than the mainstream. But if somebody comes along that shares those principles, then trust can be earned.

    OP's product is open-source and self-hostable. This is aligned with the community. I'm not saying to throw money at the product before it's released, but it's worth keeping an eye on, and showing support for.

  • Cradicle the p2p github alternative (based on Radicle) is looking for users/testers

    Jump

  • I actually know somebody that was fined quite a bit for torrenting, so idk what you mean by failed meme. The ISP absolutely does collaborate with copyright lawyers. So if copyright lawyers with enough money want to take down a nintendo switch emulator, and they got the IP of the dev, they cound find the real person behind it easily.

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • Ok so you're a troll then. Fearmongering doesn't help the community. If you're against something give evidence. There's a balance between fearmongering and blind hype.

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • this reply adds nothing. Please explain your position

  • Cradicle the p2p github alternative (based on Radicle) is looking for users/testers

    Jump

  • How do you send a threat to an IP address?

    Unless, you're thinking ISP involvement

    There's many ways to track somebody down via IP address, but yes ISPs can corroborate. You ever heard of people getting letters from the ISP for torrenting? You think the ISPs actually care about piracy? They are forced by legal pressure.

    If the threat model is "lawyer", developers will be fine

    The threat model is massive fines and potential prison, depending on how the court case goes. Look up the Yuzu nintendo switch emulator and how that legal battle went. And I'm not arguing that those developers were the brightest of the bunch. I'm saying that those developers could use the privacy that Tor offers.

    bittorrent will not be the right protocol for this anyway.

    Bittorrent works well enough. Bittorrent works fine over I2P and is used plenty. Better to get something up and running before starting to design bespoke protocols.

  • Artificial egg hatched 26 healthy chickens

    Jump

  • this sets unrealistic standards for hens

  • Cradicle the p2p github alternative (based on Radicle) is looking for users/testers

    Jump

  • P2P already gives you anti-censorship

    until a lawyer joins the swarm and has the IP of every node. See which node pushes commits to the swarm first, and you found the dev. Send a couple of threats to the dev and watch the project grind to a halt.

    Plugging into Tor or I2P is a easy way to give network anonymity, no need to re-invent the wheel. Though it seems like Radicle already supports Tor and I2P so not entirely sure what OP aims to do

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • You don't have to pre-order, just wait until it's released and buy it then. And in this case you can get a raspi and test the product for yourself, so why spread FUD?

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • Matrix. Bitwarden. Nextcloud. There are many examples of open-source, self-hosted applications that have for-profit companies that offer to host them for you as a service. Now if you use one of those Nextcloud providers to store your notes, can that providers read all your data? Of course. But for people who don't want to self-host, it's often a more trusted option than Google.

  • Cradicle the p2p github alternative (based on Radicle) is looking for users/testers

    Jump

  • I don't see the point of forking Radicle. Radicle itself barely has any users, how many users do you expect your fork to have? Think about re-writing Radicle in another language later. It's not certain Radicle will even exist a year from now

  • Cradicle the p2p github alternative (based on Radicle) is looking for users/testers

    Jump

  • Anonymity makes sense in this case. Radicle is often proposed as a solution to the censorship of projects in other repos, things like Nintendo Switch emulators, Hayase streaming client, etc. These projects want to remain anonymous to avoid legal threats on their actual identity

  • YSK: you can buy (email) accounts anonymously using darknet markets

    Jump

  • “they know you care about privacy” as opposed to the actual thing they know, which is simply that you mailed a letter

    I should have been more specific. They are looking for somebody that mailed cash to an email service for account X. They know the mail came from postbox Y. They use surveillance footage and other factors to find the 10 people that used postbox Y that day. etc.

    And yes the Monero blockchain is public, just like Tor traffic, but it's all encrypted.

    The opponent still has orders of magnitude more resources than you

    Except with Tor and Monero, it's not them vs you, its them vs everybody using Tor and Monero. That's way harder. My point was that targeted surveillance is game over. Trying to break Monero is not a targeted attack. And the number of exploits on Tor and Monero are much more known than the number of exploits known for physical methods. You can look them up. Again, the fact that all this information is public is a good thing. It means security can improve over time. Hackers get better too, but if we look at history, in general computer security gets the upper hand over time. For example look at how hard it is to jailbreak an iPhone nowadays.

    Physical methods is where there actually might be a million exploits. Nobody knows how secure they are, and anybody who claims to know is probably overconfident, with very little rigorous evidence.

  • Need to clean my keyboard

    Jump

  • there's something like that in Bazzite! If you go to the menu -> system settings -> language -> keyboard, then physically unplug the keyboard, the keyboard should now be disabled!

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • These comments are why privacy products will always be behind. Why open-source is full of dead projects. These people are just trying to make a living off making privacy-focused products. And all the comments are like "They're a for-profit company? They had marketing material prepped to reply to people's comments?!".

    The code is open-source, self-hostable, built using commodity hardware (raspi), and they're just trying to make it sustainable by providing an optional paid service. This is not the enemy.

  • Privacy-preserving alternative to Ring cameras (Raspberry Pi Zero 2W)!

    Jump

  • I think they're just a privacy-focused startup that just wants to make a living off their work

  • GitHub - Lunarboar/debian-gaming-suite: Universal gaming optimisation for all Debian-based Distros — AMD, NVIDIA, Intel Arc

    Jump

  • my experience with these kinds of hobby scripts, is that they often don't work, and it's more work troubleshooting it than just installing things manually

  • Privacy @lemmy.ml
    hirihit640 @sh.itjust.works

    YSK: you can buy (email) accounts anonymously using darknet markets

  • Technology @lemmy.world
    hirihit640 @sh.itjust.works

    Github compromised by supply chain attack on a VS Code extension

    www.bleepingcomputer.com /news/security/github-confirms-breach-of-3-800-repos-via-malicious-vscode-extension/