Show newer
tallship boosted
tallship boosted
"Let's Crack the Cops!" - is that really what #Moxie_Marlinspike is advocating, or at the very least, implying that devs should consider when it comes to these *Apple pwn3rs?*

I sense there was a need for plausible deniability there in delivering that passive message, due to the #Cellebrite having "Fallen off" a proverbial truck lolz....

Oh you can haz #Cheezburgerz! 🍔

Fell off the truck, Oh that's rich!

https://www.vice.com/en/article/k78q5y/signal-ceo-hacks-cellebrite-iphone-hacking-device-used-by-cops

#tallship #Vger #iPhone #vul #counterinsurgency



.
tallship boosted
For consideration by the privacy conscious folks out there, tired off being raped wholesale by the Google silos...

Before I begin this little phone rant, haber you read the great news about #Vivaldi categorically rejecting Google's latest insidious advertising scheme? I wonder if #Firefox will need able to resist? They get a lot of their dev money from Google y'know 🤘😎🤘

Okay then... What are some kewl choices that help protect your privacy where phones are concerned?

There's https://puri.sm/products/librem-5/ it's got physical switches to turn off the cellular radio and can even be completely removed and replaced (for a different IMSI - not to be confused with #IMEI which is tied to the SIM).

The battery is removable as well - w00t !! So not even the NSA can turn your phone on remotely lolz, and it will accept a whopper 2TB Micro-SD.

Do you ever lie awake in bed at night wondering why you can't get a phone with a removable battery?

I don't either anymore!

There are other physical kill switches that can turn off GPS, Wifi radio, and the mic/camera.

Imagine that though... Changing out your #IMSI in less than a minute without changing your OS or three configs for your installed applications! That's the one thing you can NEVER change on any other phone - meaning, there's no such thing as a #burner_phone (meaning, swapping out SIM cards is pointless) and anyone who thinks so.... OkayI'll be nice (I'm practicing being family friendly.... at least part of the time). But now there is a true burner phone, you quite literally can swap that puppy out Easy Peasy!

There's also the Pine Phone:
https://www.pine64.org/pinephone/

The #Pine_Phone is privacy respecting in the sense that it isn't actually an Android by any measure at all, but rather, a handheld Linux computer (pick your distro, I prefer #Slackware or #Debian). It can also function as a phone secondarily. I use a small #Bluetooth keyboard that can switch between three devices, and that would be a really handy setup for this er... phone, right? ;) Or you can use a full sized wireless combo keyboard/mouse and monitor for a #Linux box that fits in your pocket when you walk away from your desk.

Do you need it to do something really special? Tell me, what can't you do with a real Linux machine? Okay, you can't chop 🪓 🪵 wood or do laundry.

Really though, how kewl is that???

Neither are the best of any world though, but they are best in breed IMNSHO.

Let's look at pure #Android solutions now, k?

For #ROMs I prefer #CalixOS:
https://calyxos.org/
https://invidious.fdn.fr/watch?v=jdazCQemwqQ&local=true

A de-googled #Pixel 3 XL with 128GBytes of storage is a pretty good and inexpensive platform for this which your can pick up all over #eBay for really cheap

It uses the #Aurora repo/store for closed source proprietary software (so you're de-googled) and of course you use F-Droid to install #FOSS or get the #APKs directly from the devs at their #Git repos (best way for some software, like #Fair_Email, for example).

There's also #GrapheneOS (https://grapheneos.org/), and it has a lot of supporters, but I don't find it as performant as CalixOS. Both are, however, fantastic.

Here's a tidbit about the so-called #MiFi pucks that you're entitled to when you're a member of the #Calix Institute... You're listed as Calyx Institute to the broadband provider - only you and the #Calyx_Institute know your identity because it's on their bill lolz, and that's kept secret and has never been compromised, because they maintain an active warrant canary. 🐦 So if you use one of those and a #Librem_5 with the cellular radio turned off or removed, and using your own #Asterisk server for #VoIP, you're truly just an IP addy surfing the internet while you're talking on the phone.

Of course... You'll need to do all this without your Candy 🍬 Crush. But... There's always APKPure in conjunction with #NetGuard from F-Droid 😉

I hope that helps! Please feel free to share this around with a #boost to raise awareness that, well... All is not lost, and #damn_the_torpedos!

And remember, you can haz #Cheezburgerz! 🍔

#tallship #Vger #OpenSource @OpenSource @eric



.
tallship boosted
@Aeron

Aside from not being aware of what "vfv" refers to, I concur wholeheartedly.

I basically believe that anyone worth interfacing with will reside in a place where it's safe (not a great choice of a word, but for lack of a better term it will suffice) for me to interact online.

I also believe that abandonment of non-privacy respecting monolithic silos as a practice, while at the same time participating and publishing in an environment that is primarily #FOSS based, and privacy respecting. For social systems a distributed model that federates with other independently operated instances, I see it as a critical mass building event - When others see that they're missing out and want to belong somewhere (the reason they stay at #FacePlant, #Twatter, and #InstaSPAM in the first place), they will come.

In the meantime, I've got plenty of friends, associates and colleagues to keep me occupied so I know I'm not missing out on anything - **ESPECIALLY** because I existed online back when the only connection methods were through the use of 300 BAUD acoustic couplers. So anything more advanced than that and a Z80 or 8080 on an S-100 Bus is a total win for me lolz :)

Not to imply that we need to trick people, but getting back to that whole Zoom bullshit, If I'm going to have a video meeting conference, what I do is tell people and either send the invite from my NexCloud calendar or via direct email. I tell them, "Hey at such and such time we're doing a video conference and here's the link :)"

"Oh! We're doing a Zoom call? Cool!"

I say nothing. Let them think whatev...

They don't know the difference from one URL to another anyway, and then when they land, they invariably say, "Wow this is really neat, where did you come across this?" As if it's something novel lolz.

BBB and Jitsi have a zero learning curve onboarding, the average, naïve user simply needs to click the link and then following the event they now have that in their vocabulary.

#tallship #Vger



.
bbb.png
tallship boosted
@0 @gdroid

You're very welcome!

And K9 mail is great stuff too.

One thing I would urge you to pay attention to, without going into a whole dissertation, is that with Fair Email, there are basically three versions.

1.) Google Play store - some features may not be present due to Google's rules, plus the whole signing issue I've ranted on over the last couple of days where they can alter your code and redistribute it (ATM, only *new* apps, but later, everyone's)

2.) F-Droid - The dev considers the F-Droid version current if it is the current version at his GitHub repo. There's a couple of particulars to this.

a.) They sign the compiles with their key so some parts are excluded (Google parts for autoconfig, etc., coz Google only allows one key, that of the dev's, to be used in a version that includes their stuff)

b.) Many devs create an F-Droid compatible repo so you can enable that repo and use the dev's compiled version via your F-Droid client for updates, etc. to use those versions, you must first uninstall whichever version you have installed and then install the Dev's F-Droid compatible repo, and pull down from the top of the screen for refreshes, etc., like with any other app.

3.) Most FOSS projects have a Git repo where you can get the APKs directly and install them from their official releases signed with their keys. But Fair Email is different, in that most projects you have to manually install newer versions (Why most devs use an F-Droid repo of their own) - Fair Email's apk checks the dev's GitHub repo for updates and the app can actually update regularly whenever there is a new release directly from the GitHub repo - that's pretty kewl.

Also, remember that the Google features which are crippled/absent/disabled in many of the official F-Droid apps? This version is signed with the dev's creds so all of the Google features are enabled (Like autoconfig of gmail aliases, etc.).... But there's more.

Aspects of the client that aren't permitted to be included in the Google Play Store version can also be included in the GitHub version because not only is it signed with his creds, but also, it's not being distributed from the Google Play Store so like, with other apps where say, OAUTH stuff is taken out, or whatev, such is not the case with this one - i.e., it has everyting, is the most current, automatically checks for updates and installs them if you wish, etc., etc., etc.

So I recommend, at least with this application, installing directly from:

https://github.com/M66B/FairEmail/releases

The latest version, "FairEmail-v1.1554-github-release.apk" a/o the time I'm posting this, was released just 10 hours ago - that coffee's still fresh and hot lolz.

The dev states that the only thing enabled in his version that isn't included in the Play Store version is Android Auto integration....

I dunno about reading email while driving though, that doesn't sound to safe lol.

And I was also under the understanding that the OAuth support for gmail was missing because it wasn't signed with the dev's keys, but perhaps I'm mistaken there?

There is a couple of major things to note, however:

First, uid/pwd access is going away in gmail soon (for GSuite/Google Apps for Business/whatev you wanna call it) - so one must use OAuth to authenticate with their gmail accounts (Like I said, I could swear the F-Droid version *couldn't* have this because they sign with their keys, not the dev's himself)

Second, I strongly recommend that people, in almost all use cases, DO NOT enable Google's "Advanced Protection Program":

https://landing.google.com/advancedprotection/

If you do, not only can you not run third party email apps (this is not just a gmail thing, mind you), there are many applications you won't be able to install and run - it is far reaching with sweeping ramifications.

Anyway, I run the GitHub version and yes, it's an absolute dream!

The home page on the web with lots of kewl screenies and links to many of the resources is here:

https://email.faircode.eu

So my post turned out to be a virtual dissertation anyway. Oh well ;)

@OpenSource #FairEmail #FOSS #OpenSource #tallship #Vger



.
tallship boosted
Well shit howdie!

Reports are starting to trickle in now about how this has actually been in the wild for a while and now folks are experiencing active exploits and being #pwn3d.... Not good, even for a shitty software platform that NO ONE should be using in the first place - What are you thinking?

Le's see... um.... #NextCloud_Talk, #Matrix, #XMPP, #Big_Blue_Button, #Jitsi - there's no shortage of #self_hosted #secure #FOSS solutions so, bottom line:

If you EVER use Zoom, you're a fucking idiot!

#Zoom no can haz #Cheezburgerz 🍔

#tallship #Vger #zoom #rce #vul #exploit



.
zoom_no_can_haz_cheezburgerz.jp…
tallship boosted
Yeah, it's like that. Please boost :)

Get ready motherfuckers, if you thought it was a travesty when Meg Whitman, CEO of eBay, was #blackmailed by china into actively participating and assisting that insidious #dystopian regime in sending well over a million Falun Gong to industrial #rape_farms, torture centers, #concentration_camps eventually resulting in the #organ_harvesting of over 65000 living, and otherwise healthy victims of that #genocidal crusade....

Then just wait till you get a load of what Google is doing right now lolz.

What was #Meg_Whitman blackmailed with? Not much, merely the income she enjoyed and faced losing if the Chinese government expelled eBay from #China.

How was Meg Whitman complicit in the #rape, #torture, organ harvesting from healthy individuals and #murder of these million plus innocent people? Simple...

Turn over access to all supposedly secure Skype communications in China.

Easy Peasy! Sell out the Privacy of your customers. They'll be systematically raped, tortured, #sexually_defiled, murdered, and even #dissected while they're still alive!

But eBay gets to remain in China, a multi billion dollar market. Hooray 👏

It sounds simple enough to me. Right? Fuck those people! Let's make fricken' money money money Muahahaha! 👹


Meg Whitman also ran for Governor of California, but lost in that election to the Governator... Thank goodness.

So what does any of that have to do with the link below? Same fucking thing. Read it bitch. Figure it out, it ain't rocket science.

Oh, "How can you post such a thing?", You ask. Simple. This is the Fediverse, this is my ActivityPub server, and by virtue of that I cannot be deplatformed by Antifa Nazi's, BLM Bolsheviks, The #CCP, Neo-Soviets, Neo-conservatives, televangelists, #Twatter, #Faceplant, #Amazon, #InstaSPAM, or any myriad other special interest groups who find what I say to bed unpopular. It's my infrastructure, it's offshore, and aside from mirrored and multiplied, it's in countries not part of Echelon or subject to 14 Eyes jurisdiction.

My question to you, in response, is: why are you still using #Whatsfap and Faceplant and Twatter or any other Privacy disrespecting #monolithic_silos?

If you're out there drinking the bolshevik kool-aid, or were otherwise unaware of the crimes against humanity that I just edjumacated you on, then just ask and I'll post a shitload of information for you to follow up on that hasn't been completely buried or removed by the powers that be.

Because it's not #fake_news, it was already scrubbed from most of the monolithic silos and platforms mentioned above, but I'll source you out a bunch of original coverage of those previous crimes including AP newswire, BBC, etc., If I get enough requests to motivate me...

I expect however, that most of you are simply authentically apathetic and focusing primarily where others have decided you should be, in order to keep you distracted from the real and imminent threats you continue to ignore.

Please do read the letter at the link below anyway though, and at the risk of sounding too cliche' by quoting a sci-fi movie: "Be afraid. Be very afraid".

You no can haz #Cheezburgerz! 🍔
#tallship #Vger #falon_gong #uygurs #genocide #gooogle #be_evil



.

https://commonsware.com/blog/2020/09/23/uncomfortable-questions-app-signing.html
tallship boosted
tallship boosted
@Mastodon @Sujitech_official this is actually a conspiracy by the mastodonts to corner the accessibility market and block any non-officialized instance, including anything running pleroma
tallship boosted
**Please Boost** :)

#FOSDEM 2021 presentation by #Stephane_Bortzmeyer, the author and maintainer of the #LUPA statistical analysis engine, on #Project_Gemini, it's explosive growth, and in depth demonstration of the origin, utility, and usage of #Gemini_space.

https://gorf.tube/videos/watch/cf88a4cc-1c06-468c-a7db-74b0c3442b64

#tallship #Vger #Gemini You can haz #Cheezburgerz! 🍔



.
tallship boosted
tallship boosted
tallship boosted
tallship boosted
If you only read one post today, pay attention to this one... YOU HAVE BEEN WARNED

(Please Boost)

I've been cautioning people about this aspect of using biometrics for credentials for a few years now.

Sure, it may lend itself to secure authentication, yet it also lends itself to search and seizure w/o the constitutional requirements of a warrant signed by a judge. i.e., a court order is required to compel one to divulge a password, or at the very least unlock a device such as a laptop or mobile device using that person's password.

If you're arrested, law enforcement personnel do not have the authority to demand you divulge such information, or require you to use your passwords to grant them access to your assets. Only a judge can do that.

They can however, force you to roll out your fingers to be printed and entered into a fingerprint database, and for if arrested for an alleged felony, collect DNA from a suspect.

What this means, is that in the United States, if you lock your phone with a biometric key, such as a fingerprint, cops can hold you down and physically force your hand (yes, pundit) to unlock your phone, making all of the contents of that device available to them.

Here's the relevantt verbiage in this ARS Technica article that glosses over this fact that most folks aren't even aware of...

To wit: if you lock your phone with a fingerprint, it isn't locked at all if you're ever arrested for something even as common as a DUI.

"While courts aren’t unanimous, they frequently grant more latitude to defendants who refuse to divulge passwords, since doing so amounts to testifying against oneself. Biometric information, by contrast, is often regarded as evidence that investigators can confiscate."

The way they put it in this article, it doesn't sound as vile and all encompassing in scope as it actually is in reality - go read up more on this, US Circuit courts have already long since ruled on this, so it is in fact De jure.

I'll say this one more time: "If you are arrested for ANYTHING, and you lock your phone with a biometric key of any kind, Law enforcement is entitled to freely access ALL of your data without any additional cause.

Unless you want to be their bitch, Don't do it.

#search_and_seizure #iris_scan #1984 #retinal_scan #fingerprint #biometric #privacy #security #personal_information #vulnerability #big_brother #we_are_the_dead #chant_of_the_ever_circling_skeletal_family #run_forrest_run #be_afraid_be_very_afraid #shorn_sheep

https://bit.ly/2Kvv2hW
privacy_annulled-biometrics-002…
tallship boosted

"IBM wanted CP/M prompts. It made me throw up."

- Tim Paterson

tallship boosted
tallship boosted
#Big_FOSS:

A great way to help ensure the protection of your personal #privacy though the #advocacy of #FOSS and the #Fediverse is to avoid providing links to monolithic silos like #YouTube and #InstaSPAM from within the Fediverse.

Using tools like #Bibliogram and #Yotter, or #Nitter and others, posting links to videos and other content through these FOSS tools instead.

For example, here's a YouTube video on how to use #Invidious, and I've posted the link through Invideous itself to demonstrate how you too can help in making a difference:

https://invidious.snopyta.org/watch?v=JvJVvP5JIgs

Of course, uploading videos, photos, songs, and podcasts directly to instances in the Fediverse itself using servers running #PeerTube, #Pixelfed, and #Funkwhale are ideal solutions, but when such content isn't available in the Fediverse directly the tools above do a nice job at protecting the privacy of others and yourself - without being tracked and quantified as a commodity to be harvested like a crop.

#tallship #Vger #Cheezburgerz! 🍔



.
tallship boosted
Never forget, we put two men on the moon with 8k of memory 🤘😎🤘

Also (and I have a couple of these, not counting the spare motherboards I have as well), the original #IBM_5150_PC had a 64k motherboard, and a #DIN_connector for a cassette deck that you could load programs from and save to, running the #ROM_BASIC operating environment if you didn't happen to purchase either #Gary_Kildall's CP/M or #Tim_Paterson's IBM PC DOS v1.01

Here's a couple of my all time fav quotes:

"IBM wanted CP/M prompts. It made me throw up." - Tim Paterson, creator of MS-DOS.

And...

 "Ask Bill why the string in [MS-DOS] function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that." - Dr. Gary Kildall.



.

#tallship #Vger #NASA #Apollo #DOS #SCP #Digital_Research #Rod_Brock #Bill_Gates #Seattle_Computer_Products #rockstars
randomTemp14499266269906359746.…
Masthead

All the news that's fit to toot.