Computers and the internet gave you freedom. Trusted Computing would take your freedom.
Learn why: https://vimeo.com/5168045

  • 0 Posts
  • 55 Comments
Joined 2Y ago
cake
Cake day: Jun 07, 2023

help-circle
rss

well, you have a point. mandatory work group chats are still a question, but this may solve the majority of the problem


it is really not solved if it’s not about people wanting to reach OP, but OP needing to reach other people, like those at work


root seems like a tremendously bad idea

that’s a personal choice. I have chosen its benefits

and a I appreciate their auto updates

yeah auto updates are good, that’s no question, but forced auto updates are not at all. or are we really only angry when windows does it?


to be honest I don’t have a list at hand, but one of the reasons is that (I don’t remember which of the following) either they are more friendly to root users, or they are more friendly to those who don’t want unattended automatic system upgrades. I had to disable the updater app like disabling other apps for it to let me stop updates happening without my approval, which I want for 2 reasons:

  1. the occassional downgrades and breaking changes coming from upstream google engineers
  2. calyx not using the addon.d thing for some reason so Magisk does not get automatically installed to the upgraded system’s boot partition, which technically is also kind of a breaking change

maybe I have read something about built-in features as well, but I’m not sure about that. it was a few months ago when I was reading up on this.


sad to hear it. used mull as my primary browser, and wanted to switch to divestos from calyx. I guess not anymore, then :/


It’s (actually) funny being put that way, especially the last one. well they are active in the Monero community too, so there’s that. maybe they’re just hyped for it. I mean I was excited too for the first purchase I made with Monero, but yeah, this above might be another level


because cash is issued by the government, or central bank, and is therefore shit

sorry, I don’t follow your conclusion. Except if you are afraid of price manipulation, which I understand, but that should equally affect your money stored at the bank too

my reasoning is that we already have it, and it’s already widely accepted as a valuable, while it’s basically untraceable and so private, and also cannot really be selectively revoked or marked “dirty” as it is with shitcoins (yeah, I called bitcoin a shitcoin)


also, the quote in the post is not the real content, that is in the linked article


“YOU WILL ONLY BE PERMITTED TO SPEND ON THINGS THE GOVERNMENT APPROVES OF. THINGS THAT ARE DEEMED TO BE LUXURIES — MEAT, FUEL, TRAVEL — CAN BE RESTRICTED” This is already true. Things that the government deems illegal are… not legal to buy? And luxuries are already taxed higher than necessities. This already exists as written.

I don’t think so. I think they want to say that the restrictions can (and will) become “personalized”. You can’t buy this because you are like that, this costs more for you, etc.

Things that the government deems illegal are… not legal to buy?

you can still buy them. and when something is illegal, that unfortunately does not always mean that it’s harmful or otherwise bad

And luxuries are already taxed higher than necessities

equally so for everyone

There’s a threshold for income that below that it’s a waste of EVERYONE’s time to track. So things like allowances and pocket money between friends is just not affected.

it is a waste of time to track that because it’s manual work for relatively little gains. without cash it will be automated and much easier to tax that too. whether they want it is another question, but it wouldn’t be a waste of time anymore

“PARKING AND SPEEDING FINES WILL BE TAKEN AT SOURCE, WITHOUT THE POSSIBILITY OF CHALLENGE AND POSSIBLY EVEN WITHOUT YOUR KNOWLEDGE” Why would they?

which part do you mean? you might not be able to challenge it if it turns out as a system like google or facebook, where there are no human support personnel to be contact you might not be able to know it happened if you are not notified, and you’re just supposed to see it in a transaction history. maybe the writer was thinking about something else, though, because that’s already the case with bank accounts.

IF YOU PROTEST THE ACTIONS OF THE GOVERNMENT, YOUR MONEY CAN BE SWITCHED OFF. IF YOU THINK THAT’S UNLIKELY, IT’S ALREADY HAPPENED TO TENS OF THOUSANDS OF CANADIANS WHEN THEY PROTESTED AND IT ALSO HAPPENED TO A BRITISH JOURNALIST" - Is this about the Flu Trucks Clan? Well the way the Canadian gov’t handled that was pretty shit. I’ll give you that. But um. We still have cash in Canada.

How fortunate. That doesn’t look like to be the case for too long, though, and that’s why we are in this comment sectioat

And if they can turn off your ability to spend in a cash society then this is at the worst a net zero.

how would they do that? in my understanding, they can’t disable your (physical, to be clear) cash, because the notes are almost indistinguishable (almost because of the serial number, however nobody looks at that), and not programmable either

“A CASHLESS SOCIETY MEANS THE END OF HUMAN FREEDOM” What? The onus is on you to explain this one further.

  • by making you unable to use it for its intended purpose, and also - by surveiling you through electronic payments, which record when, where and how much did you pay to who and for what.

surveillance alters people’s decisions, even of good persons who should have no reason for fear

And if they want to track our movements all they need to do is ask apple and google or buy the data from 3rd parties

that only worksif you don’t do anytanything against it for yourself. honestly, this phrase sounds pretty defeatist, while that’s not warranted.

And you don’t need a warrant to buy data from a broker.

nobody needs a warrant for buying data

But these talking points aren’t actually the end of the world that OP would like you to believe.

Technically china level surveillance isn’t the end of the world either, neither were communist dictatorships in eastern Europe.

I wouldn’t want to live in such a world, however


I love Monero, I really do, but we do still need something offline for resiliency. Monero is unusable without any of electricity and a coherent internet, and a device with you all the time you would need to pay.

Cash is basically analog Monero. We should preserve it to always remain an option.


you are totally right, it was created for the baby, in the name of her


I understand you. But I think what I recommend can be implemented very simply: not uploading anything anywhere. that’s really the simplest, and friends should not feel entitled to anything, because they aren’t. if they (the friends) don’t understand it, that is a people problem of selfishness


Obviously I didn’t talk about the wife’s age, but of the newborn for whom the wife has made a google account


does the USA have such a law? Honestly I would be surprised.

I’m talking with the EU in mind. Probably GDPR, but there may be other laws affecting it



to the same note, you shouldn’t upload images of them anywhere. not facebook, not google (drive or any other service), not facebook messenger, but not even anywhere encrypted.

take the images with a regular camera, or a phone that does not give any apps storage access permissions, and have physical prints, which can be viewed every time they visit you. you will need to tell them they can’t take photos of the children nor the photo album. this has worked well forag es, they shouldn’t be so entitled to images.
if I were you, I would require all guests to leave all their phones on a shelf near the main door. It’ll not only prevent photos, but also increase quality time by them not scrolling facebook and such while there.
before you tell them this, let them know firmly that you’re not doing this for one, but for child safety and basic human rights, and that in your house it’s you who make the rules. and keep in mind, that even when you are the guest, you hold the rights to disallow making pictures of your children until they are old enough to make the decision fur themselves.

why don’t use even the private cloud services?
the reason is your relatives who you trusted, will probably download the videos, and reshare them with others through the services you wanted to avoid. also consider that most of them doesn’t have any information hygiene, they won’t even know they are doing something bad, they won’t understand and will hand-wave all your concerns away.
this is not just a technical problem, but also a people problem, which cannot be solved with tech.

if your wife does not cooperate, you won’t be able to protect your children to the level you want. of course don’t divorce over that or something, it’s not worth it, you can probably still do lots. maybe over time, going slower and you can be forming your family’s privacy habits.
but I also have to mention, I wouldn’t want to live with someone who is not intereinterested in any level about personal privacy. if you have got so far that you’re having kids, this is probably not the case for you.

as last words, don’t take this as a strong “don’t take any pictures” stance. yes, do take pictures, they’ll be very good to have later, but make sure that you can keep control over them, for your children’s safety.
and don’t get (too) mad if parents in the class will take group pictures on which they are there. that’s something else, and hopefully relatively rare. best you can do with that is teach your children about why they might not want it, the reasons you don’t want it to be uploaded to facebook and such, and that they agree on this they can request the parents to be more careful.


is it legal at all to have an email address at that age?


To me it seems more nuanced.

First, a VPN won’t solve much because this garbage will still be able to log connection periods (when you are home), signal strengths changing over time, (where are you in your home), and traffic bursts (when are you doing something on your phone or other devices). A VPN will just help a very little bit, by the devices having less visibility into what sites you visit. But this “solution” is like if people would have forced cameras into your house, and from that on you would only be going around while holding a towel in their line of sight to “disguise” you.

Second, this is not about mesh WiFi, as I understand. Install OpenWRT, and the mesh function of that won’t do any of this.
The problem is with new (but probably preexisting too) router brands who’s sole purpose is making all the unknowing customers into a product, but stealing their private life and giving it away for money (or anything else).
The problem is basically that a facebook-like company has got deep insight into your network, which you can’t avoid using, especially if your ISP forced you to use these garbage.


A VPN wouldn’t even help there. The spies are not in front of your door, but directly in your house.


Does that mean you have to allow internet for it again if you want to reconfigure it?


UAC prompts you since vista if you want to let a process elevate it’s rights to be able to do that


I don’t have experience with it, but as I know that is a GUI helper for Wine.

A steam emulator is different. It is often just a single file, a program library that holds program code.
On windows it is a DLL file, on Linux it does not have an extension but it’s the same concept. The game loads it because it actually searches for the official version of this file, but both Linux and Windows implement the search for it so that a library file (with the expected name) besides the executable is preferred instead of whatever is installed systemwide.

Lutris on the other hand is a GUI tool to manage your “wineprefixes”, which is maybe better called wine environments. If you are familiar with python, it’s more like python’s virtual environments.
And besides basic tasks, it has a lot of additional tools to make using Wine easier.
Afaik there are also other such utilities, I don’t yet have experience with any of them.


Ater purchasing and downloading a game from Steam, the Steam client is not actually needed for it to be playable. Of course it will try to start up Steam, and if isn’t installed then it will complain, but if use use a “steam emulator” that can be worked around.
This is useful if you don’t want Steam to track how much and when do you play, when is it that you are online, what achievements you got and such. This is afaik also the only way to say no to forced automatic game updates.

One such emulator is Mr Goldberg’s steam emu.
It has a bunch of configuration options, per-game settings, optionally portable settings, windows+linux support, and I think it’s even open source.

Using the Goldberg emu is not piracy, neither DRM circumvention. The Steam API is not a DRM, most Steam games just make the Steam client a hard dependency, not bothering with making it work without it.
When the game is protected by DRM (this should always be marked on its store page), the steam emu won’t be enough, but you would also need to patch it’s DRM protection. Sometimes that’s easier, sometimes harder.

Steam emus may or may not work with multiplayer games.
The Goldberg emu has a replacement Steam’s own multiplayer network communication system, which works through the local network or a selfhosted wireguard-like VPN, but with big centrally hosted multiplayer games you’ll run into licensing validation problems or such.


You are allowed to modify a car however you like

I’m pretty sure that’s not the case. Like, even if we are not taking about adding a badly welded 4 wheel attachment without the use of a trailer hook, the car will have to go through technical inspection every few years.
If the inspectirs deem that a non-functional such system is a problem, you’ll not be driving your car anywhere.


This is just the usual “nothing to hide” handwaving argument.

This data is not used by some theoretical policeman to laugh at how bad you drive, it is part of commercial datamining present in virtually all devices and services you use.

GPS and such? Great that I have a smartphone that I trust more, and have more control over, than this big blackbox with no access whatsoever.


Yeah, that’s true for most of them, they all are basically useless. It’s only worth to use private crypto, like Monero, that is designed actually with privacy in mind.


but I don’t know if it makes sense if my bank knows I’m using it anyway so they can sell that info to advertisers, gov, etc.

Yeah it’s not ideal, but it’s still much better because these services won’t give access to your data if they can avoid it, and then data that is encrypted is not useful when given out


I think you have sorted by “users”, and are looking at the “active” column.
If you sort by active, it’s fine.



How much are you into programming and tinkering?
You may be able to make an xposed module to convince the dji app that you use an “investor approved” operating system.

First you would need to reverse engineer the dgi app a little, to find out where in the code it checks for your system, like when does it use safetynet. If it prints an error message or logs something to logcat when it refuses to work, then it could be easier to find the place starting from that point and the stringcs appearance in the code and usages.

Fortunately, even it not too easy, android apps are among the easiest to reverse engineer. The 2 major tools that will help you are jadx (the decompiler) and Android Studio (the official android dev program for helping in navigating the code, most important features are finding usages of a function or string resource, and “refactoring” so mass renaming functions when you understood what does a key function do)


Maybe it’s not for safety reasons, but they just don’t trust you with attending school. This is even worse.



Yes, but preferably go over the list of enabled filterlists in it’s settings and tick a few more boxes.


It’s not bad design, it’s definitely intentional, however I agree that it’s probably not for having backdoors, but for convenience. Average people forget their passwords all the time, and with encryption that level of carelessness is fatal to your data if they have not saved it somewhere, which they probably didn’t do.

Very few devices are rooted and usually you cannot get root without fully wiping your device in process.

I’m pretty sure the system is not flawless. Probably it’s harder to find an exploit in the OS than it was years ago, but I would be surprised if it would be really rare. Also, I think a considerable amount of people use the cheapest phones of no name brands (even if not in your country), or even just tablets that haven’t received updates for years and are slow but “good for use at home”. I have one at home that I rarely use. Bootloader cannot be unlocked, but there’s a couple of exploits available for one off commands and such.


I don’t think there’s a factual answer to this question.
My take on it though is why would they delete it? They can make use of it in various ways, and in new ways every once in a while, and it’s not like as if you could prove it in court or even just find out that they didn’t delete your data.


That depends. More of the popular ones don’t encrypt the secret keys, they can just be read out with root access or even with the use of ADB (the pull command), not even speaking about reading the memory contents while booted to a recovery.
Some even uploads the keys to a cloud service for convenience, and they consider it a feature.


on the proton encryption, i did know about this but does that apply to proton-to-proton, proton-to-NonProton, or both? if you have details on this let me know.

As I know it applies to both. Formerly they were asking (among other things) about the titles of your latest emails for account recovery. (after I have put all the links here I realized that these don’t give a details on whether this also applies to inter-proton messages…)

A few sources:

https://proton.me/support/proton-mail-encryption-explained

Subject lines and recipient/sender email addresses are encrypted but not end-to-end encrypted.

https://www.reddit.com/r/ProtonMail/comments/b1ect2/a_question_about_encryption_metadata_subject/eiphhs7/?context=3

https://security.stackexchange.com/questions/196265/why-is-some-meta-data-not-encrypted-in-proton-mail

either way the fact that they dont makes me feel that proton is a similar honeypot to signal and telegram, where they make a compromise with the five eyes, to give them metadata even if actual contents are safe. metadata can be much more powerful than contents often times

Yeah, might as well be. But if it is, I’m afraid we won’t get to know for a few decades, if ever. And I think it’s still better than the alternatives… the alternative email providers, that is.
If it comforts you, in their reddit comment I linked they mention (in 2019…) that there’s a proposal they support for openpgp to be able to have an encrypted subject line.


Proton can be legally ordered to start recording the IP address of a specific user. That’s why they recommend that you always connect through their Onion site.
Other than that and if that’s possible, I think it may also be possible to legally order Proton to keep the unencrypted form of incoming emails for a specific user, but Proton did not said it in the article, and Swiss laws might protect them against that. It’s certainly possible technically, and good to be aware of it, I think.

Sorry but I can’t open the second link, as it actively resists it. I suspect though that the problem with Tutanota was not their encryption, but their legal system, which required them to keep a copy of the incoming emails.

Also, don’t mistake me, I’m all for protonmail, and I mean this. But did you know they only encrypt the email contents? Metadata like title, sender recipient and other things in the mail header don’t get encrypted.


Why, what else could have they done with laws? Protonmail and literally every other provider on the clearnet is also susceptible to this. The only thing they can do is have lawyers to find what the absolute most minimum they are required to do and only do that, but that’s all.


The plan was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them.

Excuse me, what?