dan
@dan@upvote.au
Aussie living in the USA. https://d.sb/
- Comment on Google killed Maps Timeline, so I self-hosted a better one [OnTracks] 2 days ago:
Because of various privacy legislation, and people not wanting Google to track them as much, they stopped syncing the data to Google servers. It’s entirely local now. You can enable encrypted backups and back up the data, however you can really only have the data on one device now, and the web version is gone.
- Comment on Moth go brrrr 2 days ago:
Why are there so many moth posts these days? Isn’t that an old meme?
- Comment on Linus Torvalds and Bill Gates Meet for the First Time Ever 2 days ago:
(no taxes on charities).
What type of taxes are you talking about?
- Comment on Apple to Australians: You’re Too Stupid to Choose Your Own Apps 5 days ago:
If you pay for a device, you should be able to do whatever you want with it. Apple having so much control over it means that you don’t fully own it.
- Comment on What the fuck 5 days ago:
Pregananant
- Comment on 'We're done with Teams': German state hits uninstall on Microsoft 1 week ago:
They have their systems only they use, therefore they can easily make them on Linux or emulate.
Also, a lot of systems are web-based (and therefore automatically multi-platform) these days.
- Comment on 40,000 Security Cameras Found Compromised Online. 2 weeks ago:
It’s usually fine if you stick to a good well-known brand, but there’s some cheaper cameras that are bootleg clones of other brands, that can’t run the latest upstream firmware so they’re stuck on a hacked/modified version of older firmware.
- Comment on 40,000 Security Cameras Found Compromised Online. 2 weeks ago:
The good Chinese brands, if they do have a hard-coded password, usually make you change it on first login. I’m pretty sure newer Hikvision and Dahua models do this (plus their resellers/rebrands like Amcrest, Lorex, Annke, etc).
Of course, there’s all sorts of junk on Amazon that don’t follow any sort of standards.
- Comment on 40,000 Security Cameras Found Compromised Online. 2 weeks ago:
Hard-coded default passwords have been illegal in California since 2020, so it shouldn’t be as much of an issue with newer devices. Companies aren’t going to make California-specific versions of their devices, so they’ll follow the standards everywhere.
To be legal in California, the device either needs to have a randomly-generated password unique to that device (can be listed on a sticker on the bottom of the device, or in the manual), or it needs to prompt to set a password the first time you use it.
- Comment on 40,000 Security Cameras Found Compromised Online. 2 weeks ago:
There’s a site that lists all the insecure cameras: www.insecam.org
- Comment on 40,000 Security Cameras Found Compromised Online. 2 weeks ago:
Any camera you expose to the internet with no protection is vulnerable.
Follow best practices by keeping your cameras on a separate VLAN that’s isolated from the internet, and you’ll be fine. Use a VPN like Tailscale to view your cameras while away.
- Comment on A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account 2 weeks ago:
This doesn’t really work in real life since IPv6 rate limiting is done per /64 block, not per individual IP address. This is because /64 is the smallest subnet allowed by the IPv6 spec, especially if you want to use features like SLAAC and privacy extensions (which most home users would be using)
- Comment on A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account 2 weeks ago:
Most service providers like Vultr provide /64 ip ranges, which provide us with 18,446,744,073,709,551,616 addresses. In theory, we could use IPv6 and rotate the IP address we use for every request, bypassing this ratelimit.
This usually doesn’t work, as IPv6 rate limiting is usually done per /64 range (which is the smallest subnet allowed per the IPv6 spec), not per individual IP.
- Comment on Opinions on the internet 2 weeks ago:
California Pizza Kitchen?
- Comment on Is there anybody over here who can tell me more about smart meters ? 2 weeks ago:
Smart meters automatically send usage data to the utility company (electricity, gas, water, etc) so they don’t have to come and read it manually themselves. Are you interest in any particular detail about them?
- Comment on Reddit sues Anthropic, alleging its bots accessed Reddit more than 100,000 times since last July 2 weeks ago:
I agree, but unfortunately it’s a reality of a capitalist society.
- Comment on I'm making a guide to Pocket alternatives: getoffpocket.com 2 weeks ago:
I was going to say that I use Hoarder and like it, but it looks like it’s been renamed to Karakeep. I like the AI-powered tagging functionality.
- Comment on Is there anybody over here who can tell me more about smart meters ? 2 weeks ago:
I can’t see the link you posted. It goes to a Twitter login page.
- Comment on YSK: Condé Nast Parent Company is a Major Owner of Reddit, You Should Avoid their Publications (Wired, Ars Technica, GQ, The New Yorker, Vanity Fair, Vogue,...etc) as Much as Possible. 2 weeks ago:
Haven’t they owned Reddit for 20 years now?
- Comment on They don't get it. They think we are A holes. And they are right 2 weeks ago:
My wife totally skipped the “lol so random” phase of absurdist internet memes, so she doesn’t appreciate things like Badger Badger Badger, Charlie the unicorn, the Llama song, animutations, etc.
- Comment on Reddit sues Anthropic, alleging its bots accessed Reddit more than 100,000 times since last July 2 weeks ago:
People don’t realise that around 40% of the value of the S&P 500, and over 60% of the Nasdaq 100 (i.e. QQQM) is big tech companies.
- Comment on Reddit sues Anthropic, alleging its bots accessed Reddit more than 100,000 times since last July 2 weeks ago:
As much as I hate Facebook, they at least pay people to do moderation there, and regularly update their site
Facebook pays content creators too (creators.facebook.com/earn-money).
- Comment on In North Korea, your phone secretly takes screenshots every 5 minutes for government surveillance 3 weeks ago:
Do those code snippets on the Stackoverflow post allow you to capture the entire screen regardless of which app is open, or do they only allow you to capture the app the code is running in?
Capturing the app itself makes sense (for things like bug reports) but does Android really let any app capture whatever is on the screen?
- Comment on In North Korea, your phone secretly takes screenshots every 5 minutes for government surveillance 3 weeks ago:
The one time I do connect the TV to the internet is when there’s a firmware update that fixes an issue I’m encountering. That’s rare though. I still have it on my network so I can control it using Home Assistant (eg have a backlight come on and dim the main lights when the TV is turned on) but it’s on an isolated VLAN.
- Comment on In North Korea, your phone secretly takes screenshots every 5 minutes for government surveillance 3 weeks ago:
This is why my TV is on a separate VLAN (with no internet access) and I use an Nvidia Shield for streaming. I haven’t seen any indication that the Shield does anything like this.
- Comment on In North Korea, your phone secretly takes screenshots every 5 minutes for government surveillance 3 weeks ago:
I was going to say “that article seems to just debunk the ‘my phone is always listening to me’ conspiracy theory” but then I got to the part about over 50% of analyzed Android apps having permission to take screenshots :/
- Comment on Silicon Valley cities hit with request for residents' emails to train AI 4 weeks ago:
is free
What is their business model?
- Comment on Business Insider is tracking employees’ ChatGPT usage as part of a new AI push: An enterprise version of ChatGPT is now available to all staff, with 70% using the tool “regularly.” 4 weeks ago:
Is this why Business Insider articles are trash? They have so many clickbait headlines attached to articles that aren’t worth reading. Whenever I click one in Google News, I usually regret increasing their view count.
- Comment on Don't ask for more pixels 5 weeks ago:
I still call it Twitter because their emails are still branded as Twitter. I don’t actuslly use it any more but I do get so much spam through DMs that I’m considering deleting my account. I’m mostly holding it just so nobody squats on my name.
- Comment on Sure thing, website, my name is Gabe Newell 5 weeks ago:
Websites don’t have an actual check for a legit email.
Some do. You can connect to an SMTP server and pretend to send an email (send the
EHLO
,MAIL FROM
, andRCPT TO
commands, but dint actually send any content). A lot of servers will immediately reject as soon as you provide an invalid recipient email address