arc99
@arc99@lemmy.world
Formerly known as arc@lemm.ee / server shuts down end June 25
- Comment on "Very dramatic shift" - Linus Tech Tips opens up about the channel's declining viewership 1 day ago:
I’m sure declining viewers has nothing to do with the various controversies such as auctioning off prototypes, rushed reviews with misleading or false conclusions, mistreating staff etc. Channels like Gamers Nexus really laid into him.
- Comment on Google: 'Your $1000 phone needs our permission to install apps now'". Android users are screwed - Louis Rossmann 1 week ago:
Code signing offers slight protection from malware but not as you might think. If a company signs an installer, or executable then it tells you it came from them but not what it does. It could still be malicious, or it could be inadvertently bundled with malware in DLLs or scripts and you wouldn’t know. You’re just hoping the company has done its due diligence and you trust them to run.
Microsoft does have an antivirus system on top and fingerprints downloads too and applies some kind of trust score that is better if an exe is signed. There is probably no single mitigation that stops malware infection but apply lots of smaller mitigations in in depth and most people will be safe.
The irony is Microsoft still lets people run files ending with .scr way too easily. Much of the malware on torrent websites is a file ending with .scr knowing the OS will hide the extension, e.g. movie.mp4.scr appears as movie.mp4 in File Explorer and people click through and get infected.
- Comment on Google: 'Your $1000 phone needs our permission to install apps now'". Android users are screwed - Louis Rossmann 1 week ago:
It really should be a 3 level setting, disallow/allow & check/allow. Where the latter option is available but users are strongly advised to apply common sense. Because I would not be surprised if a lot of sideloaded content comes from warez sites and is infested with malware so allowing & checking is still protecting people to some extent.
- Comment on 4chan and Kiwi Farms Sue the UK Over its Age Verification Law 1 week ago:
Their lawsuit will fail for the simple reason they only have to age verify UK citizens, not everyone. But it does go to show how stupid this law actually is. If the UK wanted to block 4chan (for example) to under 18s, then ISPs should provide optional filtering software with every account that can be enabled per device to do it. It would be far more effective than expecting websites around the world to police the UK’s own laws.
- Comment on Popup Ads in Your Pickup Truck? RAM Trucks Now Feature Scammy Ads on the Center Display 4 weeks ago:
I think the issues is that you can’t pick and choose exactly what you want in your new vehicle. You can’t say, get just a simple AM/FM radio and get bluetooth. You buy a package of accessories.
This was a Toyota RAV 4 IIRC and despite the vehicle having no subscription to this thing, it occupied the right hand side of the infotainment system and was prominent in the menus too. I had the car for nearly a month and I played around in the settings but saw no way of getting rid of it.
- Comment on Popup Ads in Your Pickup Truck? RAM Trucks Now Feature Scammy Ads on the Center Display 4 weeks ago:
I don’t live in the US but the last time I rented a car there the UI was festooned with icons for Sirius XM that couldn’t be removed or hidden. Not small icons, but big fucking chunks of the screen. I find this kind of thing intolerable. It’s one thing to plug a service but if people don’t want it, then hide it away and don’t nag them about it ever again.
- Comment on Meet the AI vegans: They are choosing to abstain from using artificial intelligence for environmental, ethical and personal reasons. Maybe they have a point 4 weeks ago:
Someone should launch a Project Poison which offers information to websites to protect themselves from scrapers and to poison and devalue AIs and companies that ignore their restrictions. I’m sure there are plenty of ways it could be done - nonsense about niche subjects, libelous facts about celebrities and people with money, false attribution for quotes & art, images captioned with things they do not contain, offensive slurs. Just feed AIs with sufficient trash and it will output trash.
- Comment on YSK that Gerrymandering allows politicians to choose their own voters. In many countries, it's illegal. Gerrymandering is common in the United States 4 weeks ago:
Most sane countries leave electoral boundaries to an independent commission
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
No, YOU don’t understand end to end encryption, and you don’t understand browsers. You say you could “write down a base64 encoded binary blob on a website”. Yes you could and how do you decrypt it? The asnwer is with a key (asymmetric or symmetric) that the recipient must have in memory of the receiving software - the browser that the filter has already intercepted and compromised. So “moar layers” is not protection since the filter could inject any JS it likes to reveal the inner key and/or conversation. It could do this ad nauseum and the only protection is how determined the filter is.
But this is also a nonsense argument just on a practical level. The problem is kids connecting to adult websites, or websites with some adult content. The government thinks it reasonable that every single website that potentially hosts adult content should capture proof of identity of adults. I contend that really the issue is kids having access to those websites at all, and that proxies can and would be a far more effective way to control the issue without imposing on adults. No solution is perfect, but a filter is a far more effective way than entrusting some random website with personal information.
- Comment on Microsoft suddenly bans LibreOffice developer's email account, blocks appeal 5 weeks ago:
Or the terrifyingly-random bullshit that happens when someone chooses to depend on a free service such as Hotmail as their primary mission-critical address. (This article is about the developer getting locked out of their Hotmail, and the generally-broken state of Hotmail’s account recovery process.)
That could be it. What is certain is that these big corps really don’t want to pay human beings to sort out issues so if you get caught in the middle of some BS you may have no recourse out of it.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
I honestly do not know what you are saying. Deep packet inspection through a firewall that does mitm interception demonstrably happens. It is not up for debate.
- Comment on Microsoft suddenly bans LibreOffice developer's email account, blocks appeal 5 weeks ago:
What isn’t made clear is if this had anything to do with him being a LibreOffice developer, or just the usual Kafkaesque bullshit that happens when someone’s account gets flagged and they cannot get a real human being to appeal or help reverse the problem.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
I really do not know what you are saying. I have just told you that Fortigate Firewall can and does do deep packet inspection on https connections. It does so by man in the middle proxying. If one filter / proxy can do it then any other could too. There would be ways for kids to circumvent this, e.g via VPN but that is no different than with age verification.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
I’m intimately aware about what it can and cannot do. And it can intercept and man in the middles any https traffic
- Comment on Duckstation(one of the most popular PS1 Emulators) dev plans on eventually dropping Linux support due to Linux users, especially Arch Linux users. 5 weeks ago:
Did you read the text? This guy was providing a package because the default one was broken and he’s fed up of dealing with complaints. And the solution to that is just flatpak the thing and tell users to use that regardless of dist.
- Comment on Duckstation(one of the most popular PS1 Emulators) dev plans on eventually dropping Linux support due to Linux users, especially Arch Linux users. 5 weeks ago:
The answer for this guy and other people stretched by supporting Linux is to say it’s flatpak or nothing. Stop trying to build for each dist because it’s not sustainable. If someone on a dist wants to maintain a package then let them take the heat if it is broken.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
You obviously didn’t know how it works if I had to explain it was already possible.
And it isn’t “madness”, it’s a completely workable way to offer filtering for people who want it for kids and have no censorship otherwise. It is a vastly better option than oneroulsy demanding adults provide their identity to random and potentially adult themed websites where they could be victims of identity theft or extortion
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
Deep packet inspection already happens on encrypted traffic (Fortigate Firewall) so it’s eminently possible for filtering software to do the same.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
Actually it can be done and is being done. Software like Fortigate Firewall can do deep packet inspection on encrypted connections by replacing certs with their own and doing man in the middle inspection. It requires the browser has a root cert that trusts the certs issued but the proxy but that’s about it.
And if Fortigate can do it then any filtering software can too. e.g. a kid uses their filtered device to go to reddit.com, the filter software substitutes reddit’s cert for their own and proxies the connection. Then it looks at the paths to see if the kid is visiting an innocuous group or an 18+ group. So basic filtering rules could be:
- If domain is entirely blocked, just block it.
- If domain hosts mixed content, deep packet inspection & block if necessary
- If domain is innocuous allow it through
This is eminently possible for an ISP to implement and do so in a way that it ONLY happens when a user opts into it on a registered device while leaving everything open if they did not opt into it.
And like I said this is an ISP problem to figure out. The government could have set the rules and walked away. And as a solution it would be far more simple that requiring every website to implement age verification.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
That’s a problem is for ISPs and content providers to figure out. I don’t see why the government has to care other than laying out the ground rules - you must offer and implement a parental filter for people who want it for free as part of your service. If ISPs have to do deep packet inspection and proxy certs for protected devices / accounts then that’s what they’ll have to do.
As far as the government is concerned it’s not their problem. They’ve said what should happen and providing the choice without being assholes to people over 18 who are exercising their rights to use the internet as they see fit.
- Comment on YSK: Deezer, the music streaming service, is owned by a company whose Founder and CEO is a Russian Oligarch with connections to the Kremlin and donates to the American Republican party. 5 weeks ago:
Of course it was piracy but it was friction free piracy. Not just the price which was low but having a really cool webstore and client application. There was nothing that the music industry offered that was remotely comparable in terms of the convenience that allofmp3 offered at the time.
- Comment on YSK: Deezer, the music streaming service, is owned by a company whose Founder and CEO is a Russian Oligarch with connections to the Kremlin and donates to the American Republican party. 5 weeks ago:
The best Russian music service ever was allofmp3. Sadly long gone but fondly remembered.
- Comment on UK households could face VPN 'ban' after use skyrockets following Online Safety Bill 5 weeks ago:
It would have been smarter for the UK to mandate that every ISP must provide a family filter for free as part of their service. Something that is optional and can be turned on or off by the account holder but allows parents to set filters (and curfews) if they want.
- Comment on Adblockers stop publishers serving ads to (or even seeing) 1bn web users - Press Gazette 1 month ago:
Sites are lazy and greedy. They throw dozens and dozens of 3rd party javascripts into their headers, that punish and annoy people for not using an ad blocker - they slow the site down, bloat the memory, consume energy, track the user and festoon the page with garbage. As soon as people hear that an ad blocker is a thing, then of course they leap at the chance of using one.
It would be straightforward for sites to insert ads into their content - make the ad urls, images and links indistinguishable from actual content. i.e. serve them up from the same domain, from non predictable paths and use html structure where ads and content are intermingled. Even if an adblocker wanted to block the ads, there are no patterns that work and every single site would require different rules. But that requires effort. I suppose we should be glad that sites don’t do it.
- Comment on Feds in Catalonia, Spain think everyone using a Google Pixel must be a drug dealer 1 month ago:
You’re getting it the wrong way around. People aren’t arrested for the phone they have. This is a complete nonsense by a clickbait article. They are arrested based on observation or intelligence of criminal activity. After the fact, when they are arrested they are found to have one of these phones flashed to use a privacy OS. Do you think such a phone convinces the cops they got the wrong person or not? The answer quite obviously is it convinces the cops this person is a criminal and is attempting to hide what they are up to.
It would be absurd to think cops are staring at people’s phones to initiate arrests because they are not.
- Comment on Feds in Catalonia, Spain think everyone using a Google Pixel must be a drug dealer 1 month ago:
This is not hard to understand.
Having a phone installed with an OS favoured by criminals doesn’t exculpate a person arrested for criminal activity, or make the cops think they’re innocent.
- Comment on Feds in Catalonia, Spain think everyone using a Google Pixel must be a drug dealer 1 month ago:
The cops quite obviously don’t think owning a Pixel makes somebody a drug dealer. But if they arrest or detain a suspect then owning a Pixel flashed with GrapheneOS isnt exactly a sign of innocence. Even if nothing could be extracted from the phone, I’m sure a judge and jury could be convinced what they were doing if they have such a device in their possession.
Also, regardless of the security the OS claims to have, most criminals are not the brightest and I bet some can be squeezed to hand over the key or the phone can be unlocked with a face id or fingerprint. It also motivates the cops to do what they’ve done in the past where they have compromised supposedly secure operating systems or apps and installed backdoors.
- Comment on Welcome to the Labour police state 2 months ago:
Fascists? Virtually the entire house of commons voted them a terrorist organisation, not just Labour. That was because they attacked UK military aircraft on a UK military base and concocted an excuse for doing it. That got them branded terrorists.
This does not in any way stop people rallying for Palestine or the appalling inhuman injustices they’re suffering. I’m sure there are marches happening all the time, not to mention charities to donate to, social media feeds to amplify atrocities. Just don’t attack UK bases or support those who do and you’ll be fine.
As for Corbyn, he wasn’t “stabbed in the back”. He lost two general elections in a row and he resigned. If he was still there for the last election he’d be sitting in opposition in charge of an even smaller party surrounded by a clique. He was not some saviour for Labour, he was the bane of it.
- Comment on Uber Eats or something idk 2 months ago:
Make bigger batches and freeze portions. And whatever expense groceries are, you can expect food cooked by someone else and delivered by someone else to be 3x as much.
- Comment on Uber Eats or something idk 2 months ago:
Some government hand out “baby kits” for newborns - cot, blanket, nappies, bottles etc.
I think they should also hand out “self sufficiency kits” to new adults - pot & pan, utensils, cutlery, self sufficiency book w recipes, salt/pepper/herbs, coffee, tea seeds, vouchers and some other bits & pieces. Basically something to foster some independence, interest in cooking, diet and other life skills in new adults. And the school curriculum should also foster life skills.
Doesn’t stop people eating out or buying takeaways but it shouldn’t be the norm.