activistPnk
@activistPnk@slrpnk.net
- Comment on E-Mail with own domain 6 days ago:
PM’s apps perform the encryption on your own device because it’s your device that runs the apps. That is e2ee, but still only in the two scenarios I mention and even then it’s also vulnerable to targeted attack. PM could ship malcious j/s if it wanted (the likely case being to comply with a court order). It’s better if your own non-j/s FOSS MUA handles the crypto, which is actually easier if you don’t use PM.
If mailbox.org works the way anonaddy works, then that’s not e2ee. The msg payload is seen by the server that does the encryption, in the very least. The sender’s ESP would have already seen the msg.
- Comment on E-Mail with own domain 1 week ago:
Indeed, which is more reason to not blindly block dynamic IPs.
- Comment on E-Mail with own domain 1 week ago:
Consider self-hosting HALF the service. Something like this:
Outbound
local Postfix on dynamic IP → relay (optional) → recipient
You can configure Postfix to use a relay depending on the recipient. E.g. if you need to reach
alice@outlook.com, MS will reject your dynamic IP. But if you havebob@outlook.com, you can tell Postfix to relay via MS servers using yourbob@outlook.comaccount for all *@outlook.comrecipients. And yes, you can still use a different vanity address in the FROM: field, likeGobbel2000@nerds.org, if that’s what you want to be known as. You can freetype whatever your want as the from address if you use a good MUA like mutt.Inbound
(your acct @ rise-up or disroot.org or danwin1210.de) → POP3 onion → local Postfix → dovecote or procmail → local files read by your MUA of choice
You avoid a lot of complexity and labor by not maintaining a WAN-facing server. Though you still have a fair amount of effort in configuring your junk, you need not do all the configuration up front. You can do it on a per-outbound msg basis to spread your config effort out over time.
You can even hack postfix to send over Tor. And you can make it possible to support *onion email addresses, which is something that no non-self-hosted service offers.
When I email someone for the 1st time, say it’s alice@someunknownneverseensvc.xyz, I first configure my mail server to relay to
@someunknownneverseensvc.xyzover Tor. If that fails (and it often does), I configure Postfix to directly send to that server from my dynamic IP (or VPN if I have that running). If that fails, then I can cave in and compromise my privacy by relaying through a 3rd party, if I choose. If I really want to send the msg but I really do not want an additional MitM, I may be able to create an acct on@someunknownneverseensvc.xyzand use that as a relay.This approach relieves you of the reliability problem… you need not maintain a server always online and listening. But of course you lose some privacy because all your inbound traffic is seen by your ESP. At least you can potentially cut out your ESP on outbound mail.
- Comment on E-Mail with own domain 1 week ago:
side note: downside is, your data there is more snoopable, less so with something like proton.
Can you elaborate? AFAIK, Protonmail only gives e2ee in 2 rare situations:
- Both parties use PM
- The non-PM user has a PGP key and the PM user is competent enough to add the key to their PM address book. (This is where Hushmail is superior to PM, but HM is not gratis)
In all other scenarios (no e2ee), PM traffic and data-at-rest is just as exposed as conventional non-PM.
- Comment on E-Mail with own domain 1 week ago:
True, but sending from a static IP that is linked to you yields less privacy. I’ve decided: fuck these email recipients who demand I compromise privacy in order to give them the convenience of relying on IP reputation. Sure, google and MS servers refuse email from me, but I prefer that anyway.
- Comment on Tomato: Software that aids community based organizations in redistributing resources. 2 months ago:
They apparently stole the brand of a FOSS router firmware (an openwrt alternative).
- Comment on Fair warning about vote manipulation 3 months ago:
Seems like it could be a non-stop game of whack-a-mole. Even if you ban accounts they can just create more. If you do a good job of the baby sitting, they can use even more accounts to mask patterns. I don’t see how an admin can prevail.
Disabling down votes would prevent the practice of down voting to suppress. But probably the most effective is to disable voting entirely.
- Submitted 3 months ago to infosecpub@infosec.pub | 0 comments
- Comment on Fair warning about vote manipulation 3 months ago:
Down votes have a suppressive effect. Views drop when the votes are <1. My Tyranny of voting thread gives some detail.
- Comment on When police neglect to use surveillance to protect actual victims, they must relinquish the surveillance 4 months ago:
I suppose the nuance I did not elaborate on is the proliferation of private surveillance that is shared with cops. I vaguely recall something about Amazon doing a backroom deal to give the gov unwarranted access to private Amazon Ring cams, which is not something the general public can access.
In the context of my dream law, police failing to use their Ring access to protect victims would have to lead to loss of access to the cams.
- Comment on When police neglect to use surveillance to protect actual victims, they must relinquish the surveillance 4 months ago:
When it comes to surveillance, the two characteristics are inseparable. That is, law enforcement /will/ abuse it while pitching the most seemingly legit cover story which is rarely the real purpose of the surveillance.
It’s always a matter of envisioning how it will be abused and working out whether it’s an acceptable evil compared to the likeliness of the legit use. IMO the answer is usually no, sadly enough. Snowden has put on display that surveillance users are in fact criminals themselves as they violate warrants and any kind of checks and balances.
- Submitted 4 months ago to rant@lemmy.sdf.org | 5 comments
- Comment on the tyranny of voting 5 months ago:
Can other piefed users say the same? I wonder if there is an interoperability bug there.
- Submitted 5 months ago to rant@lemmy.sdf.org | 5 comments
- Submitted 6 months ago to fediverse@hilariouschaos.com | 0 comments
- Submitted 6 months ago to fediverse@hilariouschaos.com | 0 comments
- Wrote a script to find decentralised communities w/in the fedi. It selects nodes w/active users < avg+2σ. Is that a good approach? Check my math plz.slrpnk.net ↗Submitted 6 months ago to fediverse@hilariouschaos.com | 0 comments
- Comment on Solar panels are gratis in my region. But 10× normal prices to buy. What’s going on here? 11 months ago:
What if you want to sell the house
I’ve not read the contract yet. Considering they include removal an reinstallation labor for free if someone renovates their roof, they theoretically might as well relocate them to another house when moving within their service area (which is constrained as well by the region of the green certificates).
What happens when you want to exit the contract within the 30 years?
Certainly you can buy the gear. Price per panel as they age is something like this:
- years 0-5: €850
- years 5-10: €750
- years 10-15: €650
- …
- year 30: €0
If you want to exit the contract and return the panels, I have no idea. But since these prices seem to be heavily inflated to cover their labor, I imagine it’s quite uninteresting to return the panels.
When the sun is shining at peak brightness, what’s the guarantee that you get to use all of it?
All the boxes have LCDs. The 1st box shows the power generation. Then another box shows what of that you are consuming. I assume the original electric meter is still installed, in which case it might be possible to check the math.
- Comment on Solar panels are gratis in my region. But 10× normal prices to buy. What’s going on here? 11 months ago:
I can only guess. I don’t think that could even be in contract. My guess:
- another company buys it: the buyer takes over the contracts
- liquidation: normally assets go to the creditors. But every homeowner is a creditor for the property in the future. So I think a reasonable court would just turn ownership over to the homeowner. OTOH, the energy company is also a party to the deal because the energy supplier gets the unused power. Perhaps the panels would be taken over by the energy supplier until the 30 year mark.
- Comment on Solar panels are gratis in my region. But 10× normal prices to buy. What’s going on here? 11 months ago:
The cost of installation, wiring and transformers is more than the cost of panels.
They likely factor all those costs into the panel costs. But would labor and parts overhead represent 9/10ths of €8500, for example? Looks like they install 3 boxes in the basement plus panels for around €7500.
After the 30 years of “borrowing” the panels, who pays for their removal and recycling?
I assume that’s the homeowner because the supplier simply makes it all the homeowner’s property after 30 years… likely so they don’t have to deal with it.
- Submitted 11 months ago to energy@slrpnk.net | 9 comments
- Comment on heat your body, not your house -- using an infrared heat lamp 1 year ago:
Great article. I think there are some flaws but it gives lots of good ideas.
Possible flaws:
- Insulating the underside of the work surface would prevent the work surface itself from getting warm. Hands have the most need for warmth. So I would be tempted to insulate the underside of the work surface as suggested but cut out a deliberate thermal bridge around the keyboard and mouse area – or maybe supplement a heating pad on top of the desk.
- Space heaters are discouraged because they output too much power (as they are intended for heating a small room). But space heaters often have thermostats. I have an a/c powered oil radiator on wheels. It may be high wattage but I think it will know when to quit.
- IIUC, they rely on the blanket to mitigate heat loss around the sides of the desk. That’s where I would be tempted to use insulating radiator foil, perhaps in addition to a blanket.
Thick insulation foam for roofing is often thrown out, like when a neighbor re-roofs and buys too much. I will be on the look out for scrap pieces to use under the desk.
- Comment on heat your body, not your house -- using an infrared heat lamp 1 year ago:
Yeah I do the hand sitting and some other tricks… but was looking for a slightly more productive level of comfort without heating the room or house.
- Comment on heat your body, not your house -- using an infrared heat lamp 1 year ago:
It’s not insulated. When I have batteries in the thermostat it has a floor of 5°C/40°F, at which point it heats even in the off state to protect the pipes.
- Comment on heat your body, not your house -- using an infrared heat lamp 1 year ago:
That would help when my wrists rest on the cold desk (which is ergonomically bad anyway). It doesn’t seem like a solution for typing, though if I take frequent rests for hand warming maybe that’d be viable (which I do now by via many cups of hot tea).
About the eyes, I would not want to wear goggles. But I wonder if a good lamp shade could be sufficient. Or is the reflected light also retina deteriorating?
- Submitted 1 year ago to energy@slrpnk.net | 24 comments
- Comment on California utilities scapegoat rooftop solar for high electricity rates 1 year ago:
Indeed standards can’t be relied on and my comment doesn’t assume that.
What I would envision is a company that needs to install a battery swapping infrastructure for a car like this one (which I hear is common in Spain). People and businesses with extra solar power could have a 3rd-party drop off a vending machine which could be brand-specific.
- Comment on California utilities scapegoat rooftop solar for high electricity rates 1 year ago:
How about this as a fix:
The excess solar energy goes to a battery charging vending machine for EVs. Someone with a low battery for an e-bike/scooter or nanocar books a battery and pops by to swap their low battery for a full one. That would perhaps be a way to profit from selling the excess energy instead of getting ripped off by the grid.
- Comment on California utilities scapegoat rooftop solar for high electricity rates 1 year ago:
schools and farms cannot use their own solar energy production and must sell it to the grid at a low price and buy it back at a significantly higher price.
The thing is, they are feeding the grid when the sun is hitting hard (mid-day) which is the time of day when the grid needs the most help. So they are helping to flatten the consumption peaks. They should be getting the best sales price at that point. So it’s like they are getting boned for improving the grid.
