sudneo
@sudneo@lemm.ee
🇮🇹 🇪🇪 🖥
- Comment on Every Country That Has Their Own Lemmy Instance 5 days ago:
Thanks. Very interesting, I would think that is a nightmare for phishing and similar threats, but maybe they have good monitoring or oversight.
- Comment on Every Country That Has Their Own Lemmy Instance 5 days ago:
I am actually surprised they got that on the first place. That’s a very major domain name to have…
- Comment on Every Country That Has Their Own Lemmy Instance 5 days ago:
Would lemm.ee count for Estonia?
- Comment on Italy to require VPN and DNS providers to block pirated content 1 week ago:
It’s Italy, there is no chance of that efficiency. This is - as usual - stuff done to prevent pirated sport content. Nothing else has ever and probably will ever be done.
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
Right, then let me elaborate.
Take furries. Using a moralistic approach such as yours I could conclude that they are freaks who encourage bestiality. Instead I think that consenting adults can do what they want as long as they are not harming anybody (this part was obviously implied, but suddenly you lost the ability to use context and imply things when it was convenient to build a strawman).
Take women with control-related kinks. Using your moralistic approach I could go tell them that they are victims of bla bla bla who internalized bla bla bla, and that ultimately men who accept to please those kinks perpetrate bla bla bla. Instead, I think that consenting adults can get off the way they want.
I could go on, but the point is clear, hopefully.
On this topic you are a bigot. You are a bigot because you are essentially using a dogma that women can only act as victims of a system that oppresses them and nothing else. You are stripping away agency, and applying rigid moral rules grounded in that dogma. You are using a very similar approach that homophobes use to hate on gay people, you just think that you are doing it for good© reasons to defend oppressed minorities; or singular actually, because this only applies to women dating older men I suppose? Or you also have other definitions for wrong couples? Black woman/white man? Indigenous woman/white man? Poor woman/rich man? And what if this was a lesbian couple? 25yo woman/50+ woman?
I would like to know the mental gymnastic to bend that “moral principle” so that you don’t end up against mixed race couples or similar, because if you consider people only expression of their social group, you absolutely can conclude that some (all?) of those relationships represent and perpetrate the same power inequality that exists between their demographics.
Elsewhere you suggested to people to “check your own biases”, maybe you can take your own suggestion here and try to see if your analysis fell short.
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
Yes, it’s the same thing here, great parallel.
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
“We don’t judge other people sexual preferences, unless they are the wrong ones according to me”
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
Hard disagree.
Also there are plenty of opposite examples (i.e., older women celebrities dating younger guys), what is that a symptom of?
This has nothing to do with feminism imho. In fact, I would say the opposite, it’s an attempt to prescribe what women should do. Religious morality.
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
I would or wouldn’t do lots of things that I accept others might do. My morality is not universal. I leave this kind of thinking to religion.
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
And this notion that you should date only people your age where does it come from? It seems a completely arbitrary moral claim to me.
- Comment on Leo knew it was a joke and laughed because it was just a joke 1 week ago:
People are allowed to date for whatever reason they want. As long as two adults are freely consenting it’s not up to you to be the moral police and decide what should push people to date each other.
They can date for the looks, to look or feel younger, to go outside their comfort zone, for sexual pleasure, for pure intellectual attraction, for material benefit, for […long list].
This is one of the instances in which the good goal of fighting abuse becomes bigotry. It’s basically like religious moralism.
- Comment on Kagi Introducing Fair Pricing 3 weeks ago:
Actually they have no VC in the traditional sense! They did private investment rounds, and I think they raised like 400k from like 60 investors or something. The actual numbers might be off, but I remember looking into this and it was lime 10/20k per investor on average, basically retail amounts.
- Comment on Kagi Introducing Fair Pricing 3 weeks ago:
I always found it funny that in Italian kagi is read “caghi” which is a mediumly-rude word for “you take a dump”.
Not what you were looking for, sorry for the OT :)
- Comment on Co-op campaigns are a rarity these days, and that should change 3 weeks ago:
If you likes it takes two, in march the same studio should release “split fiction”.
Other titles that come to mind: cuphead, untitled goose game, overcooked (!), valheim.
- Comment on Selfhosted alternative to google keep/onenote/evernote/goodnotes? 3 months ago:
For browser, there is a webapp that can be selfhosted. See here github.com/logseq/…/docker-web-app-guide.md
I think you need chromium browsers due to the API they use, but it should work.
- Comment on New largest prime number discovered by former Nvidia software engineer 4 months ago:
Many encryption algorithms rely on the assumption that the factorizations of numbers in prime numbers has an exponential cost and not a polynomial cost (I.e. is a NP problem and not P, and we don’t know if P != NP although many would bet on it). Whether there are infinite prime numbers or not is really irrelevant in the context you are mentioning, because encryption relies on factorizing finite numbers of relatively fixed sizes.
The problem is that for big numbers like n=p*q (where p and q are both prime) it’s expensive to recover p and q given n.
Note that actually more modern ciphers don’t rely on this (like elliptic curve crypto).
- Comment on American tourists visiting the EU, what do you think of it? 5 months ago:
As someone from Rome, I feel you. Pickpocketing is somewhat an issue. In more than 20 years living in the city (before I moved) I never suffered from it, but it’s very common among tourists (especially in the underground and certain bus lines). It sucks and often police does nothing because by the time they catch the people (if they do), everything is gone anyway.
That said, beside pickpocketing Rome is very safe (or at least most of the places where a tourist would go, except maybe the surroundings of Termini station).
- Comment on How to treat a man 6 months ago:
For too long it told men they can treat women however they want
This is demonstrably false, as we have certain narratives that are literally millennia old (latin literature) about courtship, romantic gestures, protection and all the other stuff usually associated with how men should treat women. Usually this is some form of protection/care for a lower/weaker being, but it is absolutely a way society has been telling men how to tell women for centuries.
- Comment on How to treat a man 6 months ago:
I would say that what you said applies not to feminism in general (who historically had strong links to class struggle and anticapitalism), but to a part of the modern status quo feminism which is focused purely on individuals and has been absorbed by the ruling class (e.g., once the CEO is a woman, the goal is reached). This is not a representation of feminism in general though, and I would say the same can apply to many other movements as well (e.g., ambientalism, antiracism, etc.) that (in part) lost their revolutionary nature and are left fighting for small changes within the status quo.
- Comment on How to treat a man 6 months ago:
I think that in fact in at least some cases the lack of respect (or general ability to live a relationship with a man in a mutually loving way) is exactly due to that education. At the end of the day the flipside of the “subservient” attitude is that the man in the relationship is represented as a provider, with all the gender stereotypes that come with it: lack of emotions, self-reliance and of course the expectation for him to be a provider. I would say that most of the examples of bad relationships in this thread boil down to exactly these dynamics.
Also we are not anymore in the 1950, so that education today mostly happens implicitly, but it also gets mixed up with a lot of other messages from the wider society.
I personally also disagree about the fact that men are not taught how to fit in their gender role. I think they are, since very little, symmetrically to how women are too and possibly even more explicitly: you need to protect women (incl. sacrificing because that’s what heroes do), the whole courtship thing, the fact that as a man you are responsible to provide for others, that there are certain activities that are manly, etc… Essentially is the exact same problem: gender stereotypes and sexism go both ways and impact both genders, although in different ways.
- Comment on If "Master/Slave" terminology in computing sounds bad now, why not change it to "Dom/Sub"? 6 months ago:
I agree, personally.
In general I feel the words are so abstract (blacklist and whitelist) that I can’t really see how someone will see some other meaning…
- Comment on If "Master/Slave" terminology in computing sounds bad now, why not change it to "Dom/Sub"? 6 months ago:
Totally discussing useless stuff here, but green and red to me give the feeling of temporary actions (and possibly alternating). Intuitively sounds more like slowing and speeding than it does permanently blocking or allowing something.
Black and white have the polar opposite meaning. At this point allowlist and blocklist might be a simpler solution to the “problem”.
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
You should definitely be! I take backups every 6h for my self hosted vaultwarden (easier to manage and to backup, but not official, YMMV). You can also restore each backup automatically and have a “second service” you can run elsewhere (a standby basically), which will also ensure the backup works fine.
I have been running bit/vaultwarden now for I think 6 years, for my whole family and I have never needed to do anything, despite having had a few hiccups with the server.
Don’t take my word for it, but the clients (browser plugin, desktop app, mobile app) are designed to keep data locally I think. So the term cache might be misleading here because it suggests some temporary storage used just to save web requests, with a relatively quick expiration. In this case I think the plugin etc. can work potentially indefinitely without server - something to double-check, but I believe it’s the design.
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
Interesting! That’s very close to this blog post I read long time ago (unfortunately medium.com link)! Are you actually sending emails from those addresses? Like if you need to drop an email to your bank, do you use the banking one or your personal (or something else)?
Fwiw, I do something similar. I use a mix of domain aliases without address (e.g. made-up-on-the-fly@domain.com) and actual aliases. Since I have proton family (and the same when I used ultimate) I have unlimited hide-my-email aliases, so I have it integrated with my password manager, and I generate a random password and email for everything I sign up now. These though are receive-only addresses. In fact, with this technique I probably use 3-4 addresses in total, but I have probably 30 domain addresses that go to the catch-all one.
Spam on these addresses are basically non-existing and you can still create folders based on recipient without having a full address (e.g. bank1@domain.com, bank2@domain.com). You can make folder categorization based on recipient regex and this way you also have the “stop bothering me” option: if some email gets into the wrong hands, you can create a spam rule for that dedicated address. However, my approach is that all of these are used just to receive emails, to send I have just a handful of actual addresses or -if really needed- I can create on-the-fly an address from a catch-all one, send the email and then disable it again (so it doesn’t count towards the limit, but I still get inbound email to the catch-all).
Nice setup anyway!
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
Your requirements are totally fair tbh.
That said, I think you can use aliases for the use-case you have, you don’t need full addresses. Proton supports “+ aliases” as well, so
name+service@domainworks, and most importantly they support catch-all addresses if you have your own domain. I now use actual aliases (the ones from simplelogin), which I generate on the fly, but if you can usewhatever@domainand it will be redirected to your configured address. You don’t even need to create this beforehand, so many times I was around and had to give an email address for some reason and I just made up an address on the fly. As long as you use your domain, the catch-all will get the email.So the 10 addresses only include actual addresses, the ones you can write from. You can have as many as you want to receive emails (which is generally the use case for signing up to services, right?). Just a FYI in case tuta supports the same and you are making more effort than needed!
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
If XMPP were to replace emails, that would’ve been great
Who knows :) But XMPP also needed all kind of extensions to support even relatively old security measures.
Anyway, I still don’t trust Proton. Have a great day.
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
Encrypted or not, the fact that someone else has it stored somewhere in their computers is dangerous.
Of course. You are simply over-representing this risk, though. Besides, regular people realistically don’t need to worry about Proton being backdoored, because their device is 10-100x more likely to be breached instead. Security is not a binary, it’s a shade. Performing a software update is also “dangerous”. Do you check every time you update the software its code, to verify no malicious backdoor is there? No, exactly, you trust the maintainers and the package infrastructure.
The only recommended way to store private keys are offline and encrypted.
So you don’t store them on your device(s) (encrypted)? I store my GPG keys that I use to sign software on my yubikeys. That said, email is something I check from my phone and multiple computers (as most people). Do you really use a hardware key to do on-the-fly decryption, every time someone sends you a message, from each device?
As a security engineer, I also generally discourage such absolute “recommendations”. My threat model is different from a regular Joe threat model, and both are different from Snowden’s. There is no such thing as “only recommended way”, because this is not a religion, it’s a risk decision. Most people use Gmail, where the content of their email is literally available server side. Those same people can gain privacy and security using GPG via Proton, and in their threat model “provider gets compromised and software backdoored” is completely irrelevant. Is it relevant in your threat model? Good, then yes, you should only store keys offline and encrypted. Actually, you shouldn’t use email at all, and you should use dedicated tools and protocols that are meant for security, where metadata is not transmitted in clear text, for example. You should also have virtually no session duration and perform a full login with 2FA every time, you should probably access the software that you use to communicate only from a secure machine dedicated for the purpose etc…
I think you trust Proton a bit too much.
I simply have clear in my mind what my threat model is and what risks are acceptable. I perfectly fit in the “Anyone with privacy concerns” category in the threat model they built. What about you?
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
Oh that makes sense. Yeah, definitely simple encryption and exported (unencrypted) emails are not going to work together.
I am all in support for European tech companies, so I think that mailbox.org, tuta, proton etc. Are all good options.
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
From what I read though, the GPG security model for mailbox.org is the same as it is for Proton webmail (except for the browser plugin, where the difference is not really there). I like mailbox.org, to be clear, but I don’t get how it is an alternative to the bridge.
- Comment on Proton is transitioning towards a non-profit structure | Proton 6 months ago:
I can’t comment on this, since I don’t use the bridge for a while. But it’s just an IMAP/SMTP server, so not sure why certain features wouldn’t work. What service did you end up using which has gpg integration?