Show newer
tallship boosted
tallship boosted

I mean, even the term, "Cohorts"... don't you think that sounds kinda ominous?

A friend sent me this **All in One** cheat sheet link, and I encourage everyone to incorporate it and avail themselves of it:

Already, #Vivaldi said recently this is a no-go for their browser - keep an eye on your preferred #browser to see how respecting of your privacy they are.

#tallship #Vger #security #privacy #advertising #spyware #tracking #evil

tallship boosted
Okay I got my notification yesterday from #Debian and #Slackware, and I bit my tongue for a day on this one, because it is potentially so catastrophic. I migrated all of my Exim servers to Postfix and good ole Sendmail quite a few years back.

Now that the news itself is in the wild I'll link to an article:

#tallship #Vger #security #vul #MTA #exim @OpenSource

Please patch your boxes yesterday, if not sooner, and make sure you subscribe to ALL security lists for the software you run, m'kay?

tallship boosted
@dheadshot @eric @OpenSource

Yes, and let's not forget Microsoft who, last time I checked (going out on a limb here) got about $6 for every single Android sold - due to their Patent trolling.

A humorous aside, "/e/", aside from being a pain in the ass to search on as a term, if you ask a Ham Radio operator, will tell you that it can be correctly pronounced:

"Marky Mark" :P
tallship boosted
tallship boosted
tallship boosted
"Let's Crack the Cops!" - is that really what #Moxie_Marlinspike is advocating, or at the very least, implying that devs should consider when it comes to these *Apple pwn3rs?*

I sense there was a need for plausible deniability there in delivering that passive message, due to the #Cellebrite having "Fallen off" a proverbial truck lolz....

Oh you can haz #Cheezburgerz! 🍔

Fell off the truck, Oh that's rich!

#tallship #Vger #iPhone #vul #counterinsurgency

tallship boosted
For consideration by the privacy conscious folks out there, tired off being raped wholesale by the Google silos...

Before I begin this little phone rant, haber you read the great news about #Vivaldi categorically rejecting Google's latest insidious advertising scheme? I wonder if #Firefox will need able to resist? They get a lot of their dev money from Google y'know 🤘😎🤘

Okay then... What are some kewl choices that help protect your privacy where phones are concerned?

There's it's got physical switches to turn off the cellular radio and can even be completely removed and replaced (for a different IMSI - not to be confused with #IMEI which is tied to the SIM).

The battery is removable as well - w00t !! So not even the NSA can turn your phone on remotely lolz, and it will accept a whopper 2TB Micro-SD.

Do you ever lie awake in bed at night wondering why you can't get a phone with a removable battery?

I don't either anymore!

There are other physical kill switches that can turn off GPS, Wifi radio, and the mic/camera.

Imagine that though... Changing out your #IMSI in less than a minute without changing your OS or three configs for your installed applications! That's the one thing you can NEVER change on any other phone - meaning, there's no such thing as a #burner_phone (meaning, swapping out SIM cards is pointless) and anyone who thinks so.... OkayI'll be nice (I'm practicing being family friendly.... at least part of the time). But now there is a true burner phone, you quite literally can swap that puppy out Easy Peasy!

There's also the Pine Phone:

The #Pine_Phone is privacy respecting in the sense that it isn't actually an Android by any measure at all, but rather, a handheld Linux computer (pick your distro, I prefer #Slackware or #Debian). It can also function as a phone secondarily. I use a small #Bluetooth keyboard that can switch between three devices, and that would be a really handy setup for this er... phone, right? ;) Or you can use a full sized wireless combo keyboard/mouse and monitor for a #Linux box that fits in your pocket when you walk away from your desk.

Do you need it to do something really special? Tell me, what can't you do with a real Linux machine? Okay, you can't chop 🪓 🪵 wood or do laundry.

Really though, how kewl is that???

Neither are the best of any world though, but they are best in breed IMNSHO.

Let's look at pure #Android solutions now, k?

For #ROMs I prefer #CalixOS:

A de-googled #Pixel 3 XL with 128GBytes of storage is a pretty good and inexpensive platform for this which your can pick up all over #eBay for really cheap

It uses the #Aurora repo/store for closed source proprietary software (so you're de-googled) and of course you use F-Droid to install #FOSS or get the #APKs directly from the devs at their #Git repos (best way for some software, like #Fair_Email, for example).

There's also #GrapheneOS (, and it has a lot of supporters, but I don't find it as performant as CalixOS. Both are, however, fantastic.

Here's a tidbit about the so-called #MiFi pucks that you're entitled to when you're a member of the #Calix Institute... You're listed as Calyx Institute to the broadband provider - only you and the #Calyx_Institute know your identity because it's on their bill lolz, and that's kept secret and has never been compromised, because they maintain an active warrant canary. 🐦 So if you use one of those and a #Librem_5 with the cellular radio turned off or removed, and using your own #Asterisk server for #VoIP, you're truly just an IP addy surfing the internet while you're talking on the phone.

Of course... You'll need to do all this without your Candy 🍬 Crush. But... There's always APKPure in conjunction with #NetGuard from F-Droid 😉

I hope that helps! Please feel free to share this around with a #boost to raise awareness that, well... All is not lost, and #damn_the_torpedos!

And remember, you can haz #Cheezburgerz! 🍔

#tallship #Vger #OpenSource @OpenSource @eric

tallship boosted

Aside from not being aware of what "vfv" refers to, I concur wholeheartedly.

I basically believe that anyone worth interfacing with will reside in a place where it's safe (not a great choice of a word, but for lack of a better term it will suffice) for me to interact online.

I also believe that abandonment of non-privacy respecting monolithic silos as a practice, while at the same time participating and publishing in an environment that is primarily #FOSS based, and privacy respecting. For social systems a distributed model that federates with other independently operated instances, I see it as a critical mass building event - When others see that they're missing out and want to belong somewhere (the reason they stay at #FacePlant, #Twatter, and #InstaSPAM in the first place), they will come.

In the meantime, I've got plenty of friends, associates and colleagues to keep me occupied so I know I'm not missing out on anything - **ESPECIALLY** because I existed online back when the only connection methods were through the use of 300 BAUD acoustic couplers. So anything more advanced than that and a Z80 or 8080 on an S-100 Bus is a total win for me lolz :)

Not to imply that we need to trick people, but getting back to that whole Zoom bullshit, If I'm going to have a video meeting conference, what I do is tell people and either send the invite from my NexCloud calendar or via direct email. I tell them, "Hey at such and such time we're doing a video conference and here's the link :)"

"Oh! We're doing a Zoom call? Cool!"

I say nothing. Let them think whatev...

They don't know the difference from one URL to another anyway, and then when they land, they invariably say, "Wow this is really neat, where did you come across this?" As if it's something novel lolz.

BBB and Jitsi have a zero learning curve onboarding, the average, naïve user simply needs to click the link and then following the event they now have that in their vocabulary.

#tallship #Vger

tallship boosted
@0 @gdroid

You're very welcome!

And K9 mail is great stuff too.

One thing I would urge you to pay attention to, without going into a whole dissertation, is that with Fair Email, there are basically three versions.

1.) Google Play store - some features may not be present due to Google's rules, plus the whole signing issue I've ranted on over the last couple of days where they can alter your code and redistribute it (ATM, only *new* apps, but later, everyone's)

2.) F-Droid - The dev considers the F-Droid version current if it is the current version at his GitHub repo. There's a couple of particulars to this.

a.) They sign the compiles with their key so some parts are excluded (Google parts for autoconfig, etc., coz Google only allows one key, that of the dev's, to be used in a version that includes their stuff)

b.) Many devs create an F-Droid compatible repo so you can enable that repo and use the dev's compiled version via your F-Droid client for updates, etc. to use those versions, you must first uninstall whichever version you have installed and then install the Dev's F-Droid compatible repo, and pull down from the top of the screen for refreshes, etc., like with any other app.

3.) Most FOSS projects have a Git repo where you can get the APKs directly and install them from their official releases signed with their keys. But Fair Email is different, in that most projects you have to manually install newer versions (Why most devs use an F-Droid repo of their own) - Fair Email's apk checks the dev's GitHub repo for updates and the app can actually update regularly whenever there is a new release directly from the GitHub repo - that's pretty kewl.

Also, remember that the Google features which are crippled/absent/disabled in many of the official F-Droid apps? This version is signed with the dev's creds so all of the Google features are enabled (Like autoconfig of gmail aliases, etc.).... But there's more.

Aspects of the client that aren't permitted to be included in the Google Play Store version can also be included in the GitHub version because not only is it signed with his creds, but also, it's not being distributed from the Google Play Store so like, with other apps where say, OAUTH stuff is taken out, or whatev, such is not the case with this one - i.e., it has everyting, is the most current, automatically checks for updates and installs them if you wish, etc., etc., etc.

So I recommend, at least with this application, installing directly from:

The latest version, "FairEmail-v1.1554-github-release.apk" a/o the time I'm posting this, was released just 10 hours ago - that coffee's still fresh and hot lolz.

The dev states that the only thing enabled in his version that isn't included in the Play Store version is Android Auto integration....

I dunno about reading email while driving though, that doesn't sound to safe lol.

And I was also under the understanding that the OAuth support for gmail was missing because it wasn't signed with the dev's keys, but perhaps I'm mistaken there?

There is a couple of major things to note, however:

First, uid/pwd access is going away in gmail soon (for GSuite/Google Apps for Business/whatev you wanna call it) - so one must use OAuth to authenticate with their gmail accounts (Like I said, I could swear the F-Droid version *couldn't* have this because they sign with their keys, not the dev's himself)

Second, I strongly recommend that people, in almost all use cases, DO NOT enable Google's "Advanced Protection Program":

If you do, not only can you not run third party email apps (this is not just a gmail thing, mind you), there are many applications you won't be able to install and run - it is far reaching with sweeping ramifications.

Anyway, I run the GitHub version and yes, it's an absolute dream!

The home page on the web with lots of kewl screenies and links to many of the resources is here:

So my post turned out to be a virtual dissertation anyway. Oh well ;)

@OpenSource #FairEmail #FOSS #OpenSource #tallship #Vger

tallship boosted
Well shit howdie!

Reports are starting to trickle in now about how this has actually been in the wild for a while and now folks are experiencing active exploits and being #pwn3d.... Not good, even for a shitty software platform that NO ONE should be using in the first place - What are you thinking?

Le's see... um.... #NextCloud_Talk, #Matrix, #XMPP, #Big_Blue_Button, #Jitsi - there's no shortage of #self_hosted #secure #FOSS solutions so, bottom line:

If you EVER use Zoom, you're a fucking idiot!

#Zoom no can haz #Cheezburgerz 🍔

#tallship #Vger #zoom #rce #vul #exploit

tallship boosted
Yeah, it's like that. Please boost :)

Get ready motherfuckers, if you thought it was a travesty when Meg Whitman, CEO of eBay, was #blackmailed by china into actively participating and assisting that insidious #dystopian regime in sending well over a million Falun Gong to industrial #rape_farms, torture centers, #concentration_camps eventually resulting in the #organ_harvesting of over 65000 living, and otherwise healthy victims of that #genocidal crusade....

Then just wait till you get a load of what Google is doing right now lolz.

What was #Meg_Whitman blackmailed with? Not much, merely the income she enjoyed and faced losing if the Chinese government expelled eBay from #China.

How was Meg Whitman complicit in the #rape, #torture, organ harvesting from healthy individuals and #murder of these million plus innocent people? Simple...

Turn over access to all supposedly secure Skype communications in China.

Easy Peasy! Sell out the Privacy of your customers. They'll be systematically raped, tortured, #sexually_defiled, murdered, and even #dissected while they're still alive!

But eBay gets to remain in China, a multi billion dollar market. Hooray 👏

It sounds simple enough to me. Right? Fuck those people! Let's make fricken' money money money Muahahaha! 👹

Meg Whitman also ran for Governor of California, but lost in that election to the Governator... Thank goodness.

So what does any of that have to do with the link below? Same fucking thing. Read it bitch. Figure it out, it ain't rocket science.

Oh, "How can you post such a thing?", You ask. Simple. This is the Fediverse, this is my ActivityPub server, and by virtue of that I cannot be deplatformed by Antifa Nazi's, BLM Bolsheviks, The #CCP, Neo-Soviets, Neo-conservatives, televangelists, #Twatter, #Faceplant, #Amazon, #InstaSPAM, or any myriad other special interest groups who find what I say to bed unpopular. It's my infrastructure, it's offshore, and aside from mirrored and multiplied, it's in countries not part of Echelon or subject to 14 Eyes jurisdiction.

My question to you, in response, is: why are you still using #Whatsfap and Faceplant and Twatter or any other Privacy disrespecting #monolithic_silos?

If you're out there drinking the bolshevik kool-aid, or were otherwise unaware of the crimes against humanity that I just edjumacated you on, then just ask and I'll post a shitload of information for you to follow up on that hasn't been completely buried or removed by the powers that be.

Because it's not #fake_news, it was already scrubbed from most of the monolithic silos and platforms mentioned above, but I'll source you out a bunch of original coverage of those previous crimes including AP newswire, BBC, etc., If I get enough requests to motivate me...

I expect however, that most of you are simply authentically apathetic and focusing primarily where others have decided you should be, in order to keep you distracted from the real and imminent threats you continue to ignore.

Please do read the letter at the link below anyway though, and at the risk of sounding too cliche' by quoting a sci-fi movie: "Be afraid. Be very afraid".

You no can haz #Cheezburgerz! 🍔
#tallship #Vger #falon_gong #uygurs #genocide #gooogle #be_evil

tallship boosted
tallship boosted
@Mastodon @Sujitech_official this is actually a conspiracy by the mastodonts to corner the accessibility market and block any non-officialized instance, including anything running pleroma
tallship boosted
**Please Boost** :)

#FOSDEM 2021 presentation by #Stephane_Bortzmeyer, the author and maintainer of the #LUPA statistical analysis engine, on #Project_Gemini, it's explosive growth, and in depth demonstration of the origin, utility, and usage of #Gemini_space.

#tallship #Vger #Gemini You can haz #Cheezburgerz! 🍔

tallship boosted
tallship boosted
tallship boosted
tallship boosted
If you only read one post today, pay attention to this one... YOU HAVE BEEN WARNED

(Please Boost)

I've been cautioning people about this aspect of using biometrics for credentials for a few years now.

Sure, it may lend itself to secure authentication, yet it also lends itself to search and seizure w/o the constitutional requirements of a warrant signed by a judge. i.e., a court order is required to compel one to divulge a password, or at the very least unlock a device such as a laptop or mobile device using that person's password.

If you're arrested, law enforcement personnel do not have the authority to demand you divulge such information, or require you to use your passwords to grant them access to your assets. Only a judge can do that.

They can however, force you to roll out your fingers to be printed and entered into a fingerprint database, and for if arrested for an alleged felony, collect DNA from a suspect.

What this means, is that in the United States, if you lock your phone with a biometric key, such as a fingerprint, cops can hold you down and physically force your hand (yes, pundit) to unlock your phone, making all of the contents of that device available to them.

Here's the relevantt verbiage in this ARS Technica article that glosses over this fact that most folks aren't even aware of...

To wit: if you lock your phone with a fingerprint, it isn't locked at all if you're ever arrested for something even as common as a DUI.

"While courts aren’t unanimous, they frequently grant more latitude to defendants who refuse to divulge passwords, since doing so amounts to testifying against oneself. Biometric information, by contrast, is often regarded as evidence that investigators can confiscate."

The way they put it in this article, it doesn't sound as vile and all encompassing in scope as it actually is in reality - go read up more on this, US Circuit courts have already long since ruled on this, so it is in fact De jure.

I'll say this one more time: "If you are arrested for ANYTHING, and you lock your phone with a biometric key of any kind, Law enforcement is entitled to freely access ALL of your data without any additional cause.

Unless you want to be their bitch, Don't do it.

#search_and_seizure #iris_scan #1984 #retinal_scan #fingerprint #biometric #privacy #security #personal_information #vulnerability #big_brother #we_are_the_dead #chant_of_the_ever_circling_skeletal_family #run_forrest_run #be_afraid_be_very_afraid #shorn_sheep
tallship boosted

"IBM wanted CP/M prompts. It made me throw up."

- Tim Paterson

Show older

All the news that's fit to toot.