Random nerd who has an interest in computers, privacy, AI, videogames, and CDs. I also like dogs and horses.

Mastodon: https://mastodon.nl/@Cambion

  • 0 Posts
  • 34 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle

  • Historical Chinese drama, especially the palace intreague ones. The better ones are high budget productions with the most beautiful aestethics and well thought out stories. Instead of seasons with set episodes they just have shows of 4 to 100 episodes. Due to that each issue can take the time it needs to be told, without the need of season finals and such, making the pacing very natural. The better ones are also not always predictable and keep you hooked. Most western dramas can’t compare, exceptions like Julian Fellowes’ shows asside.

    I would suggest watching 延禧攻略/Story of Yanxi Palace (not the spin-off on Netflix!) if you want to give it a try. It’s not too old, has a good story, and is quite fast-paced despite it’s length, making it a great one for starters. It’s also easily available with good subtitles, you can find it on Viki for example.


  • Average Joe wants an easy all-in-one solution. That’s what Google, Apple and Microsoft offer. An ecosystem. If you want to fight that, you need to be able to offer that. So that’s what Proton is doing.

    Of course it’s better to have it seperated. And the security and privacy nerds will likely keep doing that anyways. But Average Joe doesn’t want to take a hassle and rather looses privacy than do that.

    Issue is, things are only as secure as the least secure point. Average Joe using Google and Microsoft means your data also goes there when interacting. When Average Joe is swayed by a place that is privacy-friendly ánd convinient, it makes your weakest link also stronger.

    Meanwhile, Average Joe is also more save then when he was using Google or Microsoft services. Even when he would be less save than if he had his stuff seperated.

    It helps everyone.

    With that in mind, I applaud it. But I won’t use it. I use Proton for mail, Joplin for notes (encrypting them in Joplin and syncing with NextCloud), and my passwords are also elsewhere than ProtonPass.



  • You can try getting your hands on an AsteroidOS compatible watch and flash it with that. It’s basically Linux on your wrist. There is a health app here and the required sensor logging is here, which are in early development but work well in what it does, like step counting and heartbeat graph. Past days aren’t shown further than a week but they are logged, so you could probably get it by hand in terminal after accessing the watch with SSH if you need to until it’s implemented (I think it’s on the to do list).

    It’s my daily watch for months now, sold my Galaxy Watch4 in favor for it. It works well, is completely FOSS, and works without internet, bluetooth, or phone. Altrough both can be enabled and phones can be connected with GadgetBridge or their own app. Both are in F-Droid. You won’t find a more privacy friendly smartwatch solution really.

    There is an issues with the current nightlies tho, so downloads are taken offline for now. So you need to wait for that or see if anyone has old files from before the issue.

    Devs are quite active on Matrix. If you have no patience you can ask there if anyone has the files. Any kind of support is also allowed there, no matter if it’s very noob or advanced level.



  • Tfw you’re an Dutchy and simple home-prepaired sandwitches (read two slices of bread with some butter and cheese between them, nothing fancy), are the countries national breackfast and lunch. Warm food is for dinner traditionally 🤣.

    Either way, sandwitches (no need to limit to peanut butter, a lot can be put on bread!), salads (pasta or normal), fruit, veggie, cheese, and certain type of meat (like smoked or dried sausage, or beef). They all make great parts for cold meals you can keep in your bag till lunch (speaking from experience). Some cheese & meat are even packed per small packages for easy take along as snack usage.

    I would suggest you do go to restaurants a few times, just to try the local cuisine (or their variation of other cuisines). But it probably will be expensive for you indeed. Whenever I’m in Asia, I feel rich (and I’m really not). Even Japan, who is often said to be expensive, is cheaper than my country. Especially when it comes to food.


  • Article says:

    We’re also beginning the beta for our upcoming macOS desktop app for Proton Drive. […] Once the macOS app is released, we’ll also work on our planned Linux version.

    Based on Proton’s trackrecord in development times I’ld say a far future, but I must admit they’ve been making meters lately when it comes to releasing stuff. It may be sooner than expected (or it might take years, we’d have to wait and see).


  • Privacy is not a black & white thing. Every step you take matters. And being entirely private without digital footprint is impossible unless you isolate yourself from the internet entirely.

    To answer your question. Yes, they spy on you. To what degree depends on the OS and your settings. But they always cost you some privacy.

    But it’s never useless to take other steps just because you don’t want to or can’t switch OS. Because you’ll still give them less data if you do. They might still have info on you. But the less, the better.

    Taking easier steps like switching mail provider and other services you use to privacy-minded ones are a good and easy start anyone can do. Replacing apps/programs on your system with FOSS or privacy-minded ones is another good one.

    Even the biggest noob can make a Proton account and use it instead of Gmail/Outlook. Use 1Password instead of your device/browser’s password manager. Use LibreOffice instead of MS Office. Check F-droid for apps before Google Play (and perhaps even use Aurora when you do need it). Use FireFox instead of Edge or Chrome. Install a FOSS keyboard on your phone. Get rid of Social Media. Use Signal instead of WhatsApp. Those are just some example of easy my-grandpa-can-do-this level of difficulty options that already greatly improve your privacy (in fact, after I installed it for him, my grandpa does many of these!). Is it as private as an extremely hardened custom device by a security expert? Nah, but it’s definitly much beter than a default device full of big-tech apps. Even if you just do 1 of them!

    Since every step counts, I think we should apploud people for caring and starting to take steps instead of deminish them for not going in to the max. Changes like this are slow, especially with a big mass of people. The more people show they care, the more privacy-minded alternatives grow and show up and the more normal it becomes to care about privacy.


  • Well, I also have both atm. Altrough I need to admit my DS Lite is only used as GBA console and for stuff that requires the GBA slot because of weird accesouries (like Guitar Hero On Tour).

    I think it’s because of that. I play the old DS games on my new 3DS. And while the games did improve, the games on 3DS still wheren’t that advanced even for most of the time it was alive, since it laster quite long. So it easily feels more “backwards” than "last gen”. I also don’t see as much difference between them as the jump from PS1 to PS2 to PS3. Or the jump from GameBoy to DS serries, and 3DS to Switch for that matter. For the most part, the different DS’ feel more like different models than different consoles.

    While the 3DS was released in 2010, the DS is only 6 years younger releasing in 2004. The hardware isn’t thát far apart. And while the last game for the 3DS was released in 2021, that still was made for at that moment 11 year old hardware (and by now 13 year old). And while the size of games may have quadruppeld between the first DS and the last, 4GB games where nothing in 2021. They bassically kept making games with restrictions of old hardware longer, rather than having a huge improvement.


  • Personally, for me PS2 era and older is retro for sure. There is a clear distinction where many PS3 games share similar feeling with modern games, while my PS2 ones feel from a past time. We also still had things like memory cards, altrough obviously not all consoles in that generation do. Still, I would put generations on one line, as most console games where ports of the same game across consoles of the same generation, so then that’s the last generation with these kinda old ways of storing. PS2’s gen is also the last generation console games where completely different from PC, and in my childhood gaming up to then wasn’t mainstream but a nerd hobby, causing it to have a very different community. With the generation of the PS3, all of that changed to modern standards.

    PS3 and DS I’m a bit in dubio about. Whenever I feel bored with modern games, PS3 and my (3)DS are on the list of “old” consoles I grab back to (together with PS2, PS1, and recently GBC/GBA which I’d consider retro for sure). On the other hand, at least half the games released on it are games I still play on my PC as “modern games”. DS is extra hard, as I barely distinct between 3DS as DS in my mind, unless it’s using the GBA port for stuff. After all, I play them on the same console and the transition was quite smooth between the DS models making it not feel like a huge gab, unlike the PS2 to PS3. But at the same time, early DS is much older than late 3DS, which I would consider too new for sure.

    Anything after that, modern for sure.

    (One of) the biggest tech sites in my country uses “at least two generations old” as definition, making PS3 the last retro generation currently. I like it because it fits my usage, but as said I’m a bit in dubio about actually calling the PS3 retro. It doesn’t feel old fashioned enough. I mean, that would technically make Skyrim retro. But that’s definitly one of those games that are in my “modern gaming” list on PC and Switch…

    I can at least personally attest that PS3 is currently the newest gen where people either think you’re awesome for buying it now because they get the fun of old stuff, or stupid because they think the old stuff is crap and only the new is cool. For that reason I would agree to allow it on retro places, as modern gaming places just wouldn’t appriciate it at all while people who are already into older stuff do on a somewhat regular basis.But that doesn’t make it truly retro per se, and it really should take over or be all you use.


  • it would be possible to bypass the correct accounting of funds. Financial fraud

    Well, sure but it’ll be quite difficult to hide a large increase in revenue still. Large unussual transactions generally have to be flagged by banks, so receiving and moving around revenue of sold data from your non-profit wouldn’t be thát easy unless they only allow crypto or cash. Surely it’s possible, but financial fraud on that level is quite difficult and often falls trough sooner or later. Or, the other option is that they don’t earn that much from it making it easy to hide, but that sounds like a lot of effort and potential risk for little gain.

    Either way, the financial numbers is just one of the reasons. But trust is never build on one thing, it’s built on the combination of them. With all things I mentioned, I don’t exactly get the feeling it’s all hanging on finacial fraud.

    The question is also how to check the traffic on the iPhone, if there are even no monitoring tools there.

    Use a network you controll (like your home WiFi) and check in- and outgoing traffic network wide instead of on-device.

    You cannot check other peoples stuff all the time, but I’d suggest not sending sensitive information to people you don’t trust as they could leak it (be it on purpose or not). And depending on level of sensitivity, just speak face-to-face in a private place. There is always a form of digital footprint when doing stuff digital. In the end, you should always assume that nothing is 100% safe, and anything cán be hacked. Trusting digital communication to be 100% safe is foolish. Look at situations like the Encrochat debacle for example. The question is more, which risks are worth it in your threat model. For most people, Signal is good enough as the risks it does have aren’t in their threat model at all.


  • Well outside of the general open source and E2EE stuff, there are a few more things.

    They’re under a non-profit foundation and charity to which donating is tax-deducatble. That means they have to publicice their financial numbers. Selling data would generate a sudden revenue, which would draw attention.

    They also regularily do external audits, both from external audit organisations as individuals. This list was made in august 2022, you can likely find a newer list somewhere. I just did a quick search for you. https://community.signalusers.org/t/overview-of-third-party-security-audits/13243

    Signal also runs perfectly fine without anything Google btw. It uses PlayServices only if you have it on your phone (otherwise it just uses WebSockets), as it preserves battery life. However, it doesn’t actually send data to Google over PlayServices. Instead it sends an empty notification, which wakes the phone and is recognised by Signal as a trigger to make it connect to Signal servers to grab data directly from there. If you wish, you can check this in the code yourself. I guess you may also be able to confirm this looking at network traffic from and to your phone.

    Also a note on the E2EE. Another important thing is that not only the message is encrypted, but also the metadata. Unlike most other chatapps like WhatsApp; who knows where you are, who you talk to, how often, etc. You could theoretically also check this by checking outgoing traffic if you wish.

    This also means that unless they somehow secretly have a copy of your private key, there is no data for them to sell anyways. The fact that even in court they’ve didn’t have data to show, them passing many external audits without this being a point (sometimes issues are found, which is nornal. If audits are always perfect I’d be more warry. But never on this point afaik), and that nothing in the code nor internet traffic points to them possibly having this, makes me not that worried about the idea that they secretly got a copy of peoples private keys.

    So overal while it’s perhaps technically possible they secretly run something else on their server and build a back door to read your messages, they are many things that show they don’t, and literally nothing that would say they do. And neither does there seem to be any reason why, since they can’t sell it nor give it in court. So unless you believe they have some evil bigger plan, I don’t see the readon to doubt.

    And a little note. Privacy people can be crazy, and I say that in a positive way! If you can check it, people no doubt have, and issues would’ve been found. Yet many people deep into it still vouch for it. That says something. And the less crazy people profit of this. This is similar to why many big FOSS projects are considered safe even if you didn’t check all code yourself. And before you say “but if everyone thinks like that”, realise that the craziest don’t trust other people either. While smaller projects could hide perhaps, the real big/famous projects like Signal, Linux, LibreOffice, etc would fall trough as soon as they start doing shit.


  • Cambionn@feddit.nltoPrivacy@lemmy.mlPrivate search engines.
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    1 year ago

    It depends on your goal.

    If you just want privacy for your daily not-to-weird usage and ease in both in the sense of setting it up and in that of good results and that’s it, DDG is probably fine for you.

    I use Brave, simply because unlike most others, it has it’s own crawler. For me it’s results have been slightly better than DDG too, but I also hear people claim the opposite so I guess it really depends. DDG uses Bing’s results, and many others are also more like privacy front-ends for Bing or Google. If you want to totaly leave Big Tech, be it to not help with their power or because of principle, that’s likely the one that’s the most easy with the best results that fits.

    SearXNG is self hosted and less accurate, but the most privacy friendly and not attached to any company as you host your own instance, while with Brave you still rely on Brave’s goodness. If you want total control, you want something like this.

    I don’t use anything else from Brave, and default search engines are easy to change, so I’m personally not too worried about Brave’s power over me. I do preffer to stay away from Google and Microsoft, and only access them (prefferably trough privacy front-ends) if no other option works decent enough for me. I also prefer not to self-host due to the time and knowledge needed to do so securely. Well, I have knowledge, but I don’t want to worry about those things for my peivaye stuff all the time. Hence the choice of Brave.


  • Cambionn@feddit.nltoPrivacy@lemmy.mlPrivate search engines.
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    It depends on your goal.

    If you just want privacy for your daily not-to-weird usage and ease in both in the sense of setting it up and in that of good results and that’s it, DDG is probably fine for you.

    I use Brave, simply because unlike most others, it has it’s own crawler. For me it’s results have been slightly better than DDG too, but I also hear people claim the opposite so I guess it really depends. DDG uses Bing’s results, and many others are also more like privacy front-ends for Bing or Google. If you want to totaly leave Big Tech, be it to not help with their power or because of principle, that’s likely the one that’s the most easy with the best results that fits.

    SearXNG is self hosted and less accurate, but the most privacy friendly and not attached to any company as you host your own instance, while with Brave you still rely on Brave’s goodness. If you want total control, you want something like this.

    I don’t use anything else from Brave, and default search engines are easy to change, so I’m personally not too worried about Brave’s power over me. I do preffer to stay away from Google and Microsoft, and only access them (prefferably trough privacy front-ends) if no other option works decent enough for me. I also prefer not to self-host due to the time and knowledge needed to do so securely. Well, I have knowledge, but I don’t want to worry about those things for my peivaye stuff all the time. Hence the choice of Brave.




  • but I think Google will do more. They’ve been trying to break it for ages. It’s one of those never ending fights. Doubt it’ll end soon.

    Even if it does, then we’re at a point that “just use a good browser and uBlock Origin” also won’t cut it. Honestly, those will break much sooner than dedicated projects that are much more sophisticated in getting around YT-stuff. As soon as they put a login requirement on the site, which is needed to break apps like NewPipe, the browser + uBlock idea already won’t cut it anymore, no matter if you got a VPN ot not.

    As for Aurora, as long as Average Joe still uses Google Play without a care I’m not too worried about it. People use AdBlock for the ease, but using Aurora doesnt’t give ease. It’s only the tiny group of privacy people interested in it, which is a much smaller demographic that’ll be hard to convert to Google services. If they break Aurora, the amount of non-playstore requests to developers is going to to pump up and as long as stuff like APKMirror and apk downloads from vendors still exist people will download by hand over using the Play Store. It’s a lot of trouble that likely just leads people further away from Google.


  • Well, you’re right. I was mixing a few things up in my head. My bad. Altrough I did find a few interesting ways that can be used by websites to find client side DNS, it isn’t exactly the norm or likely to hit you with custom setups.

    I retract my point on DNS, but the general notion that do-it-yourself isn’t always better stays. Al be it off-topic here now.


  • NewPipe (on Piped technology) is working fine here? As long as YT isn’t behind a login they will keep working. If they do put it behind login, tbf they’ll likely find way around it again sooner or later.

    I agree that front-ends are always in an endless fight against these Big Tech solutions. But for content not available on other platforms it’s an necesity and a better solution than simply an adblocker. And sadly it’ll take a long time before content moves away, Average Joe isn’t really worried about Google as much as they are about the cons of moving away from YT.