Just something to keep in mind for those not in the security space. When a security company does an audit, its generally a checklist of commercial and custom security software along with a couple people poking around looking for more manual harder to find stuff. But there’s a reason companies like Mullvad have a bug bounty program… Just because cure53 didn’t find it, it doesn’t mean some bored hacker won’t…

Absolutely better than nothing though.

Good stuff. Not thought about enough. GPS spoofing random routes also.

Do a lot of reading. Get a cyber informations systems basics overview on your own self-teaching before you try to understand it all.

Stay away from session and matrix. Signal, Nostr, SimpleX (nvm if you use Apple products) and the like are okay, but they are all hobbyist influencable products besides Signal which gets fat government grants and just happens to use the same encryption standards as all other huge name E2EE tools.

Stuff is fun to learn on, but get a good VPN (debates about… mullvad, ivpn, cryptostorm seem okay). here’s something fun for you and free: https://www.thc.org/segfault/

Then maybe you’re okay.

A number of people can see your IP, people will chime in and add to ane remove from this list:

Can’t see it:

• Random people you personal message with
• Random people you chat with in rooms

CAN see it:

• Server admins
• People you share (send/rcv files with) // this may have been fixed
• People who send you links and you click them, but this isn’t specific to Matrix, it’s a tale as old as time.
• You voice call with someone (may have been fixed)

Some info may be wrong. But having someone’s IP in the days of routers and all filtered ports means little, unless you piss off someone who knows some low level customer support person @ your ISP to pay to get your account info. Or you’re dealing drugs in which case use TAILS and stop fucking with technologies you don’t know the specifics of.

If they knock you offline and you can’t access anything at all, unplug your router AND MODEM (most importantly your modem) for an hour. Go touch grass for an hour. Widdle a wee branch. Plus your boxes back in and you’ll be bright as new.

@[email protected] this isn’t meant to be a dig at you, although last time you didn’t care to correct or learn if I recall,but often times you leave out the “if so,” “possibly, what and XYZ?'” and it ends up spreading misinformation because you didn’t know enough or care enough to type enough.

I love Matrix but we need to be open about what the fish is before skinning it…

https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0

https://blog.erethon.com/blog/2022/07/13/what-a-malicious-matrix-homeserver-admin-can-do/

https://www.reddit.com/r/PrivacyGuides/comments/q7qsty/is_matrix_still_a_metadata_disaster/

Just to confirm the obvious. Downvotes are expected but OP you should read this.

They are close enough to see that they are quad copters, and they make a buzzing noise, correct?

There have been a lot of UAP flaps where the objects (not quad copter looking) will fly low over the countryside, just above the tree-lines to much higher. They usually make no noise aside from reports of static or screeching or electronic interference.

Unlikely to be the case but if so, report to your countries MUFON type department and get as much evidence (video with sound, drawings, time and date, etc) as you can.

There is something else out there, whether it’s military black projects mapping areas or what have you, and it needs to be documented.

If it is for sure quad copter drones, you can get a device to blast the 2.4Ghz spectrum for a short time and make them ‘phone home’ and the operators will stop flying them over your property once they realize something wrong keeps happening when they do. Legality varies.

Many tutorials available to DIY. You can also buy them pre-built, just more expensive.

GPG/PGP turns takes the file and turns it into random bits that only someone with the private key can unrandomize. There is no file metadata left. There is no nothing left. I believe the sizes are even consistent (0-1024kB files will be the same output size.)

That’s true, there is the Scunthorpe problem. I guess we’re just doing another 20 year cycle like we have for all of civilization. If someone centuries in the future finds this comment chain, please name the solution to your 20 year repeating fractal math problem something like the CockSyn Solution. I want to be like Shadow from American Gods. Or more accurately like Pythagoras with his stealing murder cult.

I have no idea what this is but I don’t like it and you should feel bad.

This is both a primally philosophical and a pointed statement, but I mean the latter.

Can any late teen-early 20s armchair philosophers once-over this for me?

I have a theory. Never before on the internet (going on 30 years of it) have I seen so many curses used but not fully spelled out (‘f*ck’ for example).

I believe the change has to do with social media and specifically short-form video apps (Tiktok, IG Reels, Youtube Shorts) - not all of which I am familiar with, but I know at least YT and I believe TT does as well. When curse words or words like rape and murder are used in text (or ‘subtitle’ text on screen) the video reach can be penalized in some way. I assume it’s similar in comments.

So you have a ton of the younger generation consuming hours each day of censored curse words, and in their mind it becomes just what you’re supposed to do, socially. They end up doing it with each other over text, and consequently in comments. I have a younger co-worker who will gladly say “F*ck that dude hes a b*tch” in group chat, and when I asked him why he doesn’t just say the words he’s using, he said “I just don’t like to curse.” Which makes no sense to me, as it’s the same word and intent.

I know some Lemmy instances will remove words, but generally only ‘bitch’ and derogatory slur words.

So I hypothesise it’s simply unexamined social conditioning, where they see their peers doing it so they do it too, never questioning why.

You can’t with privacy.com or other big services, but there are other services that let you either generate a no-KYC reloadable credit card, or buy a prepaid international card that works for almost everything.

Just don’t run an exit node? We need more guard and relay nodes anyway. I fail to see the issue.

Yeah but he’s just a temporarily inconvenienced billionaire, the rest of these welfare queens are out here collecting rent and sitting around all day. They don’t need the money like he does. As soon as he gets a job, he’ll hustle that first billion in no time.

His YouTube shorts (500/day goal) is videos of Elon musk saying things, with the background music alternating between the sigma male tune and the movie clip tune.

Did you see how ELON MUSK OWNED💯 DON LEMON by getting flustered at the question of “half your advertisers have left the platform, if X fails, isn’t that on you?” so he told Don he should choose his words carefully because the interview clock only had 5 minutes left? And then Don was OWNED because he rephrased the question?

LMAO. SUCK IT CNN. OWNED!

So programming is gonna go from a “search, understand basics, copy/paste, make changes” industry to a “I breathe compiler optimization, pay me money” industry?

Can’t say I’m that upset, it had to happen eventually. But this will only kick the brainpower down the road for the copy/pasters because they’ll have a lot more time to dig in and specialize.

It’s not about anti-censorship (making your VPN traffic look like regular traffic) it’s about the IP address at the end of the VPN connection. They have a list of known VPN provider IP ranges and block those. If you run a proxy server or VPN on a your own private VPS for example, then it won’t be detected.

They started also blocking OLD.reddit.com this week. I made a comment a couple months ago alluding to old.reddit.com still working even though they were blocking tor and known VPNs on www.reddit.com. I’m sure about 10,000 other people figured it out at the same time as me, since it was such a simple bypass, and I’m surprised it took this long to fix.

There are still at least 2 other unpatched ways.

ProtonVPN, RiseupVPN and BrightVPN(only for windows), limited ones Windscribe and PrivadoVPN

Where did you get this idea?

Mullvad, IVPN, Perfect Privacy, and a few others have had independent audits of their no-log behavior and in some cases, law enforcement audits. They sure as hell don’t proxy your traffic. They all accept Monero and cash. They all have multihop.

Edit: I see you said free. Yeah, I wouldn’t trust a free VPN, regardless. If you’re not paying for the product, you are the product.

That’s true. I’d only use a VPN service that’s been audited (either by a security company or, preferably, law enforcement) not to keep logs. There are only a small handful of those however. It really all depends on your needs. There are far more VPN services that do log and sell the data, and/or turn your host device into a proxy for other users/services.

Is that better or worse than giving advertisers the data point that you’re high-tech knowledgable and browse personal accounts from a server in a datacenter?

I think it’s being framed wrongly for the narrative by the guy posting the screenshot.

A friend sent me MRI brain scan results

Without more context I have to assume guy was still convinced of his brain tumor, knew a friend who knew and talked about Claude, had said friend run results through Claude and told guy who’s brain was scanned that Claude gave a positive result, and friend went to multiple doctors for a second, third, fourth opinion.

In America we have to advocate hard when there is an ongoing, still unsolved issue, and that includes using all tools at your disposal.