Redjard
@Redjard@lemmy.dbzer0.com
- Comment on EU age verification app to ban any Android system not licensed by Google 1 week ago:
That applies to play integrity, and a lot of getting that working is juggling various signatures and keys.
The suggestion above which I replied to was instead about software-managed keys, something handed to the app which it then stores, where the google drm is polled to get that sacred piece of data. Since this is present in the software, it can be plainly read by the user on rooted devices, which hardware-based keys cannot.Play integrity is hardware based, but the eu app is software based, merely polling googles hardware based stuff somewhere in the process.
- Comment on Microsoft admits it would have to let Trump spy on EU data if demanded 1 week ago:
Damn, they really go the extra mile for a full equivalent to googles offering.
- Comment on EU age verification app to ban any Android system not licensed by Google 1 week ago:
In the eu, phone numbers by law are tied to state identities.
And the phone provider can naturally resolve their sim IDs down to the phone number they are assigned to.
Anything related to celltower interactions is PII. - Comment on EU age verification app to ban any Android system not licensed by Google 1 week ago:
If it is about hiding some data handled by the app, that will be instantly extracted.
There are plenty of people with full integrity on rooted phones. It’s really annoying to set up and keep going, and requiring that would fuck over most rooted phone/custom os users, but someone to fully inspect and leak everything about the app will always be popping up. - Comment on Women Dating Safety App 'Tea' Breached, Users' IDs Posted to 4chan 2 weeks ago:
The og 4chan post brought up the vibe coding. Using it as an insult to quality is wider spread than just lemmy.
- Comment on We wouldn’t need the Epstein files to prove DJT’s guilt if society just trusted women in the first place. 2 weeks ago:
You can absolutely convict people with enough testimony. Word againat word doesn’t suffice but word against words can under certain conditions.
- Comment on Brave browser blocks Windows feature that takes screenshots of everything you do on your PC 2 weeks ago:
It’s an image every few seconds. Not that piracy is currently even interested in tech that reencodes the content.
And for training, copyrighted stuff is already everywhere; AI tools seem to be limited on the output side rather than raw training data. - Comment on YSK: If you set up a Lemmy instance, and follow the Docker setup instructions to the letter, it will send lemmy.ml your admin password during the setup process 4 weeks ago:
This issue here is very different to the xz backdoor.
The xz backdoor was well obfuscated, planned out, and inserted by another actor.This here is easy to notice, can reasonably be explained as a mistake, and can only benefit the og main devs of lemmy.
A “huh this is odd, also change yalls admin passwords” is appropriate here. Even if we got further indication it was malicious, it would still be far less crazy than the xz backdoor.
- Comment on devinetly organic... 1 month ago:
Yes, that’s an organ, but you’re thinking of a portable binder of preprinted tables designed for personal management.
- Comment on devinetly organic... 1 month ago:
Na, that’s olfactory, oregon is a large pipe instrument commonly constructed in christian temples.
- Comment on The Los Angeles Police Department shot an Australian reporter with a rubber bullet while she was live on TV. Zero provocation. 1 month ago:
Thx for better video. Just in case this goes on catbox too:
catbox supremacy loading … - Comment on The Los Angeles Police Department shot an Australian reporter with a rubber bullet while she was live on TV. Zero provocation. 1 month ago:
- Comment on We Should Immediately Nationalize SpaceX and Starlink 1 month ago:
Yeah.
The maintenance of these conatellations is pricy, so perhaps if such an international program does prove itself trustworthy you’d see other national alternatives get retired.I mean it’s not like the US would do it anyway as things stand, more likely for such a program to get started independently and to end up outcompeting starlink down the line.
- Comment on We Should Immediately Nationalize SpaceX and Starlink 1 month ago:
You want a truly multinational organization responsible for it, nothing that can be controlled by a single nation, even one as (ex)influential as the us.
Something based on the UN perhaps.Combine that with making internet access a human right, to stop denying connectivity outright.
Ideally then you could’t enforce meaningful censorship, but more realistically you would route regions to their respective governments servers so they could censor as before on their territory.
That would not guarantee free access to the internet to everyone, but should be an acceptable compromise to basically all nations.After that, other doubting nations could still pull their own constellation, nothing is stopping that.
I would love if the internet program was uncensored, but that probably needs personal circumvention same as now, if such a program wants any degree of success.
- Comment on We Should Immediately Nationalize SpaceX and Starlink 1 month ago:
Starlink should not just be nationalized but internationalized.
It is internet for everyone on earth, not everyone in the USA.Every larger nation deploying their own constellation would be a pointless waste of resources, and every smaller nation having to find reliable partner-nations to tap into for that internet access would inevitably lead to people ending up without access due to political games.
Low orbit satellite constellations are the perfect candidate for sharing, they would literally sit unused over most of their orbits otherwise.
- Comment on Plex now will SELL your personal data 2 months ago:
Was about to say this.
I saw a small-time project using hashed phone numbers and emails a while ago, where assume stupidity instead of malice was a viable explanation.
In this case however, Plex is large enough and has to care about securiry enough that they either
did this on purpose to make it sound better, as a marketing move,
did not show this to their security experts,
or chose to ignore concerns by those experts and likely others (turning it into the first option basically)There is no option where someone did not either knowingly do or provoke this.
- Comment on Nextcloud cries foul over Google Play Store app rejection 2 months ago:
works
- Comment on Apex Legends writer gets laid off 24 hours after the character she wrote is revealed, because that's what the games industry in 2025 looks like 3 months ago:
Ah your next novel is done? Make sure noone reads it, it would diminish the value of the tax-writeoff when we delete it.
- Comment on World's fastest Flash memory developed: writes in just 400 picoseconds 3 months ago:
You can always parallelize, this would be more beneficial for latency.
- Comment on 90s band alignment chart 4 months ago:
Only ones I’ve ever heard are Radiohead and Rage against the Machine, sincerely, genZ.
Anyway are yall telling me there are no bands that are both horny and angry? - Comment on Always applies 75% of the time 5 months ago:
Seems centered on books not papers
- Comment on Google Chrome disables uBlock Origin for some in Manifest v3 rollout 5 months ago:
That’s not a webview, it’s a separate api with fewer abilities. Custom tabs I believe.
You can see for example that it always opens as a fullscreen overlay in your app and that it always has that bottom or in your case top bar. - Comment on New social experiment 7 months ago:
utilman.exe -> cmd.exe
- Comment on New social experiment 7 months ago:
stage3-amd64-systemd-20220904T170535Z.tar.xz
- Comment on Let's Encrypt is 10 years old today ! 8 months ago:
Yes, seems you are right. Not sure where I got the impression.
Unrelated, when I researched this I saw that acme.sh, zerossl, and a bunch of other acme clients are owned by the same entity, “Stack Holdings”/“apilayer.com”. According to this, zerossl also has some limitations over letsencrypt in account requirements and limits on free certificates.
By using ZeroSSL’s ACME feature, you will be able to generate an unlimited amount of 90-day SSL certificates at no charge, also supporting multi-domain certificates and wildcards. Each certificate you create will be stored in your ZeroSSL account.
It is suspicious that they impose so many restrictions then wave most on the acme api, where they presumably could not compete otherwise. On their gui they allow only 3 certificates and don’t allow multi-domain at all. Then even in the acme client they somehow push an account into the process.
[…] for using our ACME service you have to create and use EAB (External Account Binding) credentials within your ZeroSSL dashboard.
EAB credentials are limited to a maximum per user/per day. [This might be for creating them, not uses per credential, unsure how to interpret this.]
This all does make me slightly worry this block around apilayer.com will fall before letsencrypt does.
Other than letsencrypt and zerossl, this page also lists no other full equivalents for what letsencrypt does.
- Comment on Let's Encrypt is 10 years old today ! 8 months ago:
They don’t offer wildcard certs, but otherwise I think they are.
I wanna say acme.sh defaults to them. - Comment on Spanish Notations 8 months ago:
Why not both?
n! / k! ¡n-k! - Comment on Get that impact factor!! 8 months ago:
Damn, how’d you get your reviewers to write your entire paper for you?
- Comment on Steam games will now need to fully disclose kernel-level anti-cheat on store pages 9 months ago:
There is a sub for sanity checking mod actions, aita-style.
If you keep in mind it is for active unconfirmed situations, and that votes there are not meant to mark the cases of mod abuse, I think it can fill that niche.!yepowertrippinbastards@lemmy.dbzer0.com
- Comment on D'awww who wants some scratches? 10 months ago:
Both, it’s a sign of trust nlt an invitation. They trust you with their vulnerable side and you betray that trust by play attacking it.
What follows after is justified.But these words can’t stop me because I can’t read