cley_faye
@cley_faye@lemmy.world
- Comment on 3 days ago:
Maybe if they keep making it worse and worse it will kind of circle back to good.
- Comment on Pornhub, YouPorn, and Redtube and other content sharing platforms will block New users in the UK starting next week(February 2) 3 days ago:
Steganography is extremely far from undetectable, unfortunately. And trivial to find out once you know its there; if we ever allow a framework to be put in place to intercept communication at a large scale, it will be the inverse of the cat and mouse game we have with encryption : very hard to improve, very easy to detect.
And I’m aware of the many funky things we did. At some point people tunneled DNS queries through HTTPS, to get through wifi captive portal that only allowed HTTPS traffic until authenticated.
Just to be clear, I’m aware of the issues of detecting stealth data, and even detecting encryption against seemingly random data. It’s kinda fascinating to detect the difference, too; some people have looked into that. But the point is, if you’ve already agreed on “banning encrypted communication that can’t be listened to easily”, you can basically just say “this is gibberish, decrypt it or get to jail”. I also know that this sounds insane and throw away the “innocent until proven guilty” principle, but we’re slowly creeping toward a world where our device scans all our document and communication to notify of issues to a central authority, where black box in large networks are already present, and so on.
It’s been slowly creeping toward that. Finding way to hide traffic on public networks can only go so far if the listener can just stop you if it detect what looks like encrypted content.
And, since this is kind of a heated discussion, I’ll reiterate: it would be batshit crazy to go this way. But I would have found batshit crazy to have our own devices spy on us and report suspicious activities to third parties years ago, and yet here we are.
- Comment on Pornhub, YouPorn, and Redtube and other content sharing platforms will block New users in the UK starting next week(February 2) 3 days ago:
It’s not unsubstantiated. Push for government-sanctioned client-side spyware already happened years ago with the intent to scan all content and keeps happening every other year, each time with more support, inefficient laws about age control have been pushed in many countries and other are following suits, there’s constant harassment to tech company for them to create backdoor for spying on demand, device manufacturer are threatened for allowing custom software that can be used to circumvent such provisions, etc.
If you haven’t seen any of this, then sure, be surprised that a ban on general public encryption is not unthinkable.
- Comment on Pornhub, YouPorn, and Redtube and other content sharing platforms will block New users in the UK starting next week(February 2) 4 days ago:
Anyone who thinks a government can ban VPNs without destroying economy is deluded
Anyone who thinks government would never do something as utterly stupid as shooting itself repeatedly in the everything out of spite is deluded. Banning all form of encrypted traffic would be insane. Now tell me, how many insane things have we witnessed in the recent years from our collective governments?
- Comment on Pornhub, YouPorn, and Redtube and other content sharing platforms will block New users in the UK starting next week(February 2) 4 days ago:
Anything encrypted is blocked. Boom, done.
Is it stupid? Yes. Never stopped lawmakers.
- Comment on Lawsuit Alleges That WhatsApp Has No End-to-End Encryption 4 days ago:
It’s E2EE alright. Just, don’t ask what “ends” we’re talking about.
- Comment on Lawsuit Alleges That WhatsApp Has No End-to-End Encryption 5 days ago:
The drunk dude that’s always sitting on the ground near the park entrance and sell weird tissue dolls with curly hairs is more trustworthy, I’d say.
- Comment on Le Tits, Now! 6 days ago:
The fuck you’re on about.
You know what? Don’t bother. Ignoring that we’re “in control of violent Islamic extremists”, I’ll just keep on trucking in relative peace (even though I’m in one of the worst city out there).
- Comment on Just the Browser: tools to remove AI and other bloatware from Chrome, Edge and Firefox 1 week ago:
No need. It seem it got fixed along the way. But that’s the point; I tried this a year ago, and it would not work, either under the default configuration with DRM enabled, or after disabling most of the privacy features, so I just gave up on it.
Firefox, for all the flaws regarding the direction Mozilla is taking, just worked out of the box. And for adoption, working out of the box immediately is kind of a requirement.
- Comment on Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch 1 week ago:
Both are completely unrelated to the discussion. TPM sometimes have issues regarding their security, but you can certainly use Secure Boot with your own signing keys to ensure the kernel you run is one you installed, which improves security. And you can use TPM to either keep your FDE keys, or only part of them combined with a PIN if you don’t fully trust them to be secure, so you keep strong encryption but with a bit of convenience.
Without a (properly configured) Secure Boot startup, anyone could just put a malware between the actual boot and your first kernel. If the first thing that happens when you boot is something asking for a password to be able to decrypt your storage, then an attacker can just put something here, grab your password, and let you proceed while storing in a a place it can be retrieved.
Is this scenario a concern for most people? That’s unlikely. But every computer sold these last five years (at least!) can be setup to reduce this risk, so why not take advantage of it.
- Comment on Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch 1 week ago:
Just update a W10 local install. It won’t even try to ask you to add a microsoft account.
- Comment on Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch 1 week ago:
Sure. It’s not anyone. It’s anyone that can get a warrant. Or anyone that have enough power/underhanded influence to ask them nicely. Or any admin that have access to cloud storage at MS (remember they where caught with some exec having full access to that a while ago). Or any big leak that could exfiltrate these data. And probably a handful of other people, like, someone getting access to your MS account for whatever reason (which kinda happen, seeing how people lose their mail account to phishing/scams all the time) suddenly having access to your keys from there.
If your keys are in a DB somewhere, there’s a lot of way they could get out. Would these ways coincide with someone actually having your drive at hand? Probably not. Still, the key not existing in plaintext in some third party storage close all these holes.
- Comment on Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch 1 week ago:
Your computer generate a random key using (hopefully) a trusted PRNG with good enough sources. This key is then used to encrypt your data. This key is stored in your computer’s TPM module, and provided to the OS only if the chip approves all the checks in places. In addition, you get that key displayed to you, so you can write it down (or alternatively save the key file somewhere of your convenience). This is relatively good as far as security goes (unless the TPM is broken, which can happen).
And then, unless you jumped through hoops to disable it, your PC sends the key to Microsoft so they can just keep it linked to your account. That’s the part that sucks, because then, they have the key, can unlock your drive on your behalf, and have to produce it if asked by a judge or something.
Note that there are relatively safe way to protect these keys even if they are backed up in “the cloud”, by encrypting them beforehand using your actual password. It’s not absolutely perfect, but can make it very hard/costly/impossible to retrieve, depending on the resources of the attacker/government agency. But MS didn’t chose this way. I don’t know if it’s because of sheer incompetence, inattention, or because this feature is claimed to be here to “help” people that lose their key, and as such are likely to lose their password too, but it is what it is.
- Comment on Grok floods X with sexualized images of women and children: Grok generated an estimated 3 million sexualized images, including 23,000 of children in 11 days 1 week ago:
Don’t worry, I’ve heard they limited this wonderful feature to paid accounts.
- Comment on How to turn off Gemini in Gmail — and why you should | Proton 1 week ago:
That’s assuming the setting is respected server-side, of course. With the track record of company doing AI training, respect of rules and law isn’t really part of their actions.
- Comment on Just the Browser: tools to remove AI and other bloatware from Chrome, Edge and Firefox 1 week ago:
Open netflix. Even with a lot of features turned off and DRM enabled, it will regularly fail to load any content.
And, yes, the general user will want sites like netflix to work.
- Comment on Just the Browser: tools to remove AI and other bloatware from Chrome, Edge and Firefox 1 week ago:
This shows how unhinged the whole recent hate on Firefox is. Turning off GenAI is literally one single setting
We heard of that “kill switch” way, way after the general outrage. Also, other software and services have an “AI killswitch” that conveniently fails to work from time to time, and is fixed only when people notice it.
It’s not unhinged to point finger at someone doing something that, from experience, as always turned bad. Also, if you think the hate (I use your word, I’d say distrust) for Firefox is only related to the recent “AI” push, you’re severely misinformed.
- Comment on Trump Is Obsessed With Oil. But Chinese Batteries Will Soon Run the World 1 week ago:
Yeah? That’s kinda the plan? Do you see a particular problem with a mostly renewable (to the scale of our species’ lifetime) source of energy, that can be implemented in various way to accommodate different situations, locations, and use, while trying to make things more efficient?
Because I don’t.
- Comment on Trump Is Obsessed With Oil. But Chinese Batteries Will Soon Run the World 1 week ago:
Because batteries are a point of tension in the adoption of some electricity-centric techs. Electricity production can be done in many different ways already (unless you suddenly decide to 100x the demand for shit and giggles), but a lot of applications requires batteries, which makes them some sort of choke point for adoption. Making them better, more accessible, cheaper, more friendly on the environment ease that.
The comparison is also on one end of the world focusing on the dying down side of things, while the other end is (allegedly) looking forward.
That’s why they’re compared.
- Comment on AI boom could falter without wider adoption, Microsoft chief Satya Nadella warns 1 week ago:
Is it a “you’re holding it wrong” moment? Or a “no, it’s the consumers who are wrong” moment?
- Comment on E gjithë bota është shqiptare 1 week ago:
I’m sure if the only two options were Shrek or a moldy orange, a majority would vote for Shrek.
- Comment on Wine 11 runs Windows apps in Linux and macOS better than ever 2 weeks ago:
If you can’t get it to work with just the provided installer, you can look into this : github.com/zelikos/davincibox
It works perfectly fine. The “missing codec” issues usually boils down to some commonly used codecs not being supported in the free version.
- Comment on Meta has discontinued its metaverse for work, too 2 weeks ago:
I’m sure all the two people that were using it are devastated.
- Comment on Wine 11 runs Windows apps in Linux and macOS better than ever 2 weeks ago:
We’re close to the Microsoft ecosystem here; newer version being better is not a given.
- Comment on Wine 11 runs Windows apps in Linux and macOS better than ever 2 weeks ago:
DaVinci works perfectly fine with the native version.
Affinity works fine with wine as long as you can follow basic instruction, or can use the one-click launcher people made and maintain. (and I do mean one click, it’s an AppImage, download and run it).
- Comment on I don't understand how Trump gets away with all his senial BS. How come everyone is telling him to piss off or use the constitution to shut him the hell up? 2 weeks ago:
Whack people in the face with big wads of cash for long enough, and they numb out.
…and I’m generously assuming nothing more sinister was in play.
- Comment on 2 weeks ago:
One way or another, major company-backed OSes are moving towards that. Checking all your pictures, messages, videos, audio, for your own good. For now it’s creeping on mobile, but don’t worry, it’ll come to a windows near you soon enough.
- Comment on 2 weeks ago:
Easy. Remember a few years ago when google advertised that they’d have negative latency allowing you to play your games everywhere, on every device, in better conditions than on your own device? Just like that. You just have to hire enough salespeople to convince reality to bend backward.
- Comment on After RAM and SSDs, PSUs and CPU coolers are next in line for price hikes 2 weeks ago:
CPU cooler, as in, cheap-ass fans and a slab of metal with fins? Is that hard to come by too? Or is it professional grifters at work…
This is why we can’t have nice things.
(I know radiators are more than metal slabs, fans can be quite elaborate, and there can be liquid in the mix, but seriously)
- Comment on Epic Games CEO Tim Sweeney argues banning Twitter over its ability to AI-generate pornographic images of minors is just 'gatekeepers' attempting to 'censor all of their political opponents' 3 weeks ago:
On one hand, the technology exists, sure.
On the other hand, arguing that everyone should have easy, free access to child porn is not the “good look” he think it is. I wonder why people regularly shit on him.