ReversalHatchery

@[email protected]

Computers and the internet gave you freedom. Trusted Computing would take your freedom.
Learn why: vimeo.com/5168045

This profile is from a federated server and may be incomplete. Browse more on the original instance.

ReversalHatchery,

Just because these people can’t vote yet doesn’t mean they shouldn’t have rights or be treated with dignity and respect like the rest of society.

The problem is mostly not the people, but the social media services, that take advantage of them for as much profits as inhumanly possible, and in the process affect their personality in a wrong way.
Sometimes I too feel that they shouldn’t have a smartphone, but in reality it’s a problem with these corps and their motives, who affect everyone else too but has deeper effects for young people.

But the solution also involves parents raising their kids, instead of youtube, facebook, tiktok and whatever else. To some extent it also means having some oversight on what their kids see online.

ReversalHatchery,

Not lying that they are improving the privacy of users would be a good start

ReversalHatchery,

No, I don’t have any suggestion for how should Apple circumvent laws. But if they can’t improve on it, they shouldn’t lie that they did so.

Does Google still hold contact data after deleting from Google Contacts? (libranet.de)

I am in the process of moving out some contacts from Google Contacts, specifically those that I do not have a Gmail address. It's a way for me to give these people a tiny bit more privacy, as I'm doing a cleanup of my contact list. My concern is that Google will still keep their data even after I delete it from my end. Is it so?...

ReversalHatchery,

I don’t think there’s a factual answer to this question.
My take on it though is why would they delete it? They can make use of it in various ways, and in new ways every once in a while, and it’s not like as if you could prove it in court or even just find out that they didn’t delete your data.

ReversalHatchery,

That depends. More of the popular ones don’t encrypt the secret keys, they can just be read out with root access or even with the use of ADB (the pull command), not even speaking about reading the memory contents while booted to a recovery.
Some even uploads the keys to a cloud service for convenience, and they consider it a feature.

ReversalHatchery,

It’s not bad design, it’s definitely intentional, however I agree that it’s probably not for having backdoors, but for convenience. Average people forget their passwords all the time, and with encryption that level of carelessness is fatal to your data if they have not saved it somewhere, which they probably didn’t do.

Very few devices are rooted and usually you cannot get root without fully wiping your device in process.

I’m pretty sure the system is not flawless. Probably it’s harder to find an exploit in the OS than it was years ago, but I would be surprised if it would be really rare. Also, I think a considerable amount of people use the cheapest phones of no name brands (even if not in your country), or even just tablets that haven’t received updates for years and are slow but “good for use at home”. I have one at home that I rarely use. Bootloader cannot be unlocked, but there’s a couple of exploits available for one off commands and such.

ReversalHatchery, (edited )

What is an ULEZ camera?
Without details, it seems a bit weird that people are called extremists who don’t like their country being converted to china by covering every inch with a camera, maybe even if they used explosives against these in a way that didn’t hurt anyone.

ReversalHatchery,

Immich is a selfhosted photo management server with a user interface that’s similar to google photos. Also has mobile apps.
Their motto is “privacy should not be a luxury”.

I was planning for long to try it out because it looks very promising, but I was waiting for… I don’t know what? Fuck it I’m installing it today.

ReversalHatchery,

ext4 certainly has its place, it’s a fine default file system, there’s really no problems with it.

But others, like ZFS and BTRFS, have features that you may want to use, but ext4 doesn’t do: fs snapshots, data compression, built in encryption (to a degree, usually only happening for data and some of the metadata, so LUKS is often better IMHO), checking for bitrot and restoring it when possible (whether it is depends on your config), quotas per user group or project, spanning multiple disks like with RAID but safer (to a degree), and others.

ReversalHatchery,

In case of ZFS and bcachefs, you also have native encryption, making LUKS obsolete.

I don’t think that it makes LUKS obsolete. LUKS encrypts the entire partition, but ZFS (and BTRFS too as I know) only encrypt the data and some of the metadata, the rest is kept as it is.

openzfs.github.io/…/zfs-load-key.8.html#Encryptio…

Data that is not encrypted can be modified from the outside (the checksums have to be updated of course), which can mean from a virus on a dual booted OS to an intruder/thief/whatever.
If you have read recently about the logofail attack, the same could happen with modifying the technical data of a filesystem, but it may be bad enough if they just swap the names of 2 of your snapshots if they just want to cause trouble.

But otherwise this is a good summary.

ReversalHatchery,

are there applications where zfs/btrfs is more or less appropriate than ext4 or even FAT?

Neither of them likes to deal with very low amounts of free space, so don’t use it on places where that is often a scarcity. ZFS gets really slow when free space is almost none, and nowadays I don’t know about BTRFS but a few years ago filling the partition caused data corruption there.

ReversalHatchery,

It’s not about someone, it’s about something. A lot of us aren’t (only) using Linux as a server OS, but for desktop too, and desktop usage involves running much more different kinds of software that you simply just can’t afford to audit, and at times there are programs that you can’t choose to not use, because it’s not on you but on someone on whom you depend.

Then it’s not even only that. It’s not only random shit or a game you got that can edit your bashrc and such, but if let’s say there’s a critical vulnerability in a complex software you use, like a web browser, an attacker could make use of that to take over your account with the use of a bashrc alias.

ReversalHatchery,

If it’s that Beeper then it’s not just about imessage, but facebook messenger, whatsapp, instagram, telegram, viber and a few others too. Beeper supports all that, by using Matrix bridges.

ReversalHatchery,

I’m not entirely sure if iMessage still works right now for phones that ran out of support, but such a change would kill it for those phones too.

ReversalHatchery,

I think it should also be possible to use named profiles

ReversalHatchery,

I would also recommend switching ASAP. You can make a backup of their internal data with App Manager (available from f-droid) which you can then restore to the f-droid version

ReversalHatchery,

And you think the solution is to sell to a company that will instantly add data mining and ads? Often to those users, for whom we have installed these apps, but from google play for the automatic updates?

ReversalHatchery,

In the linked github issue it has turned out that the company is expected to turn up data mining and ads as much as they can

ReversalHatchery,

At first I thought this is about letting random users transcribe 2 voice messages a week.

That would have been very weird and uncomfortable, but this limitation makes me think that the messages are uploaded to a transcription service.
If it would be run by Telegram, that’s not really a problem as they already have access to the message contents, but if it’s through a 3rd party… how can I disable this for anyone for my messages?

Also, I expect this limitation to later be eased for premium users.

ReversalHatchery,

I would be interested in a proper solution, but recently I have found a way to make custom icons for specific Konsole instances. Maybe you could use a similar approach.

I have made a copy of the program’s desktop file and placed it in /usr/local/share/applications/ with a slightly different name, and given it a new icon. Then I have made a new window rule, that sets this desktop file for windows that start with a title having a specific pattern, and made Konsole to start with that title using an undocumented command argument I have found on their bug tracker.
This is very hacky and I don’t like it, can’t wait until it breaks, but it’s all I have found.

An alternative way may be to make a symlink to Konsole and start it through this symlink, and somehow identify the window by the executable path… but window rules don’t support that. Maybe through some other way? KWin has a scripting API… hmmm…

But a problem you’ll probably have to deal with when setting the title is that the program can set it’s title any time, and at least some of them (including Konsole) routinely do that, in that case based on the selected tab’s title. There’s a setting to turn that off… but as I have experienced, it doesn’t do what I expect, if anything. Maybe by listening to title changes you can force your will, if that is possible.

ReversalHatchery,

When you use privacy as an example, it may not be suitable to continue that with illegal things, but yeah.
For anyone else: the point is on legal things becoming illegal from one day to the other (and not because they would be dangerous, even if they try to paint that picture), and also on total monitoring of what you buy, how you spend, and what could these mean in your life (how often you do things)

ReversalHatchery,

That’s an interesting quote, on one hand because I don’t believe their beliefe to be true, on the other hand fuck them! This basically proves they are filthy thieves.

ReversalHatchery,

piped.video is working fine now, including subscriptions listing (it even shows some privated videos!) and playing a video

Signal leaked random contacts to me! (feddit.de)

When I press on some message to forward it, it shows me Random usernames of contacts I don’t know. And it even shows some Mobile Numbers I don’t know. For example, one number starts with +964 that’s Iraq. I’m from Europe tho. These contacts and numbers are from all over the place....

ReversalHatchery,

So Signal does not protect against those that fill their contacts with every existing number?

But also, this does not explain why is it only happening in the desktop app for OP

ReversalHatchery,

I was experimenting with the Cadence tools from KXStudio. These are mostly made for JACK, but PipeWire has a JACK interface so it should work. It’s similar to helvum, but with more options.
Not sure right now which one (maybe Carla), but one of these programs also support adding sound effect nodes that have their own GUI! You probably want to use it in multi-client or patchbay mode

ReversalHatchery,

Oh, that’s sad news. These are really great tools :(

ReversalHatchery,

If that is the biggest problem, I wouldn’t keep myself from buying from them. I think Valve is generally a “good behaving” company, probably mostly because they are not on the stock market, and I would expect mostly any other company to do much more shitty and monopolistic things when (or before) it has grown to the size of Valve.

Wanted to share the libredirect Firefox plugin, for abandoning Youtube. (libredirect.github.io)

This is a plugin I found recently and really enjoy. It gives you the opportunity to redirect several webpages to alternatives. For example Youtube to FreeTube or Piped. If I search for youtube in Firefox, FreeTube automatically opens and shows me my feed. I like it, I use it, I can recommend it.

ReversalHatchery,

It can redirect a dozen other services too

ReversalHatchery,

Maybe the devs don’t know that. Could you open an issue on this?
Asking you because you may know more about these permissions than me.

I’ve been using the addon for some time, and while it’s good now, there were some silly mistakes in the past. What I’m trying to say is that maybe they’re just relatively a beginner, and it haven’t yet occurred to them to revisit the permissions.

ReversalHatchery,

Addon files (.xpi files) are zip packages of the addons. They should contain the script files without obfuscation (I think this is an AMO policy), besides any resources and the addon manifest file.
The only thing that would be harder to inspect I think is webassembly files.

ReversalHatchery,

“This connection is untrusted” “SSL_ERROR_BAD_CERT_DOMAIN”

The irony.

ReversalHatchery,

I remember reading there, when it wasn’t on github pages but it’s own website, the recommendation to keep your critical dotfiles permissioned to a different user account of yours. I don’t think that’s bad advice. Yes it is probably not needed if you use the system as a pro sysadmin for server purposes, but for desktop use it’s just natural that you’ll run a lot more programs in a much less controlled manner.

Of course there were ones that I thought they went overboard, but it has at least a few good pieces, if not more, I don’t really remember.

ReversalHatchery,

I’m not sure if at this point the browser verifies whether the cert is even legit for github.com

ReversalHatchery,

Highly doubt that. For a lot of things other than consumption, it is very inconvenient to use. It’s somewhat better with a laptop or a larger tablet, but when portability is not that important, a desktop computer is always easier to use.

ReversalHatchery,

For people in third world country tech can be too expensive.

That may be the case, but I wasn’t thinking about third world countries.
Yes if it’s impossible for you to buy one that’s a different thing, you are doomed to inconvenience and that’s sad, but if you can find the money for it, even if only after saving for 1-2 years for used hardware that you put into a half-decent case, it’s still much better. I would definitely do that as I have the thought of only having a phone that is only smart enough to mine the shit data our of me, but otherwise very inconvenient and almost useless for daily things.

I have recently bought a decent laptop with touchscreen and pen, it was cheaper than a lot of phones.
Yes this is not a desktop, but can be made into one as it runs regular Linux, has normal USB ports and support for external display.

Another reason I don’t agree (or like it in case it will become true) that desktops will die out is that there are certain tasks really don’t work and will never work on phones: programming and other more involved and serious things. The phone is very small to fit all the the tool buttons you’ll use (especially with today’s bulky space wasting design where margins are everything), and the keyboard will hide half or more of the screen when opened. How do you see through what you have done so far? You don’t.
Another thing: I truly believe that for free communication that is not continuously analyzed by god-complex billionaires and their companies, more people needs to run peer to peer based software on some kind of device they own. It shouldn’t be rare anymore for that to happen. That won’t work with phones and portables: continous wireless traffic and such eats the battery. These P2P apps will need something that can be always online instead of them, so that they can work with acceptable resource usage.
Desktops are a good choice for both of these purposes, even more if set up to conserve power by turning off the graphics processor and such when they are not needed.

ReversalHatchery,

My 200 dollar android smartphone breaks all my laptops

The commenter was speaking about mini pc’s, which are wildly different. They dont have heavy constraints on cooling and battery, as they are not meant to be portable.

My 200 dollar android smartphone breaks all my laptops in all the benchmarks I ran on it that cost so much more than it

You are paying for the 12 different cams, the whatever fancy touch screen, and other components, besides a lot of engineering afforts that the capacity fits into a very small device.

Also, I don’t think it does any good to compare benchmark scores of a phone and a laptop, because as far as I know, the scoring is totally different. They aren’t meant to compare your phone with your laptop and your desktop PC, but your phone with an other one, with certain common simplified workloads. Firstly because these operate with very different constraints: even worse cooling and battery capacity than that of a laptop, a CPU architecture that may be more efficient but still is considerably slower than x86 CPUs, and secondly because they were made for a wildly different use, and the benchmark measures how the phone performs for that usage. Most are just watching videos and social media, or playing games that need performance nowhere near that pc games need. If I would guess, and it would be possible to try it at all, I would doubt that phone could run the same Factorio factory with the same or better performance than your laptop (though that might be an ancient one, you didn’t say anything about it), and Factorio is a computationally heavy game, especially (and sooner) when it is modded.

Then you started brining examples about games, and how they performed. Again, totally different hardware, and totally different software environment, games for the phones are not just cross-compiled version of the desktop games. Often they are simplified and have different kinds of optimization done. Your examples only tell me that you have a weak laptop. Yes, I also have a 15+ years old laptop to which compared my 7 years old $200 phone performs grands better, but that is not a real comparison, as technology have evolved a lot in that time. Neither one of them is even near to my 5 years old then-mid-range desktop, or the laptop I got a year ago for $200.

I still highly doubt that besides usability, phones are not worse also in performance than a decent desktop.

ReversalHatchery,

I doubt they have “messed it up”. Just as intended.

ReversalHatchery,

How conveniently the author had failed to mention all the downsides of uBlock Origin Lite. At least they have given a link to the page that explains the differences, but they still write like “it’s nothing major” because “I haven’t seen any difference”. Yes, because 1. you’re blind! 2. you care only about blocking ads, not trackers and data mining, which activities are not visible on the website itself!

ReversalHatchery,

I did say the element zapper was missing.

I didn’t mention the zapper. Though I agree that is a great tool, along with the picker which is then probably also gone.

uBO Lite is using the same default filterlists as uBO

Uses the same defaults, which are only updated after a new release gets through google’s addon review process, in an environment where often quick changes are needed for the addon to work effectively. Its much easier to get thorugh a firewall that is only updated once every few or even more days, than one that automatically obtains the updates every half a day.

What about the lists that are not enabled by default, and custom lists added by the user? As I understand, they are not a thing anymore.

Did I understand it right that that according to this and this FAQ entry, neither of the lists have site specific rules, as it is not possible to have them anymore?

ReversalHatchery,

Can you send examples of a few?

At a quick look, this one seems to be legit.
If you use the subdomain of the page to load it’s github organization (github.com/firefoxcss-store), the single repo of it has quite some activity, if I look at the issues and PRs.

ReversalHatchery,

This is trickpyr’s fork of the same repo.

If you click the “installation guide” at the bottom of the page, it will bring you to a document on the original site’s repo.
Also, if you go to this site’s repo (github.com/trickypr/FirefoxCSS-Store.github.io , look at how I changed the domain and moved the username from the subdomain), it will say at the top that this is a fork. The user has a pending merge request, that’s the reason they forked it.

If you go to the forks menu of the original repo, you’ll find all the repos which you may have seen as duplicates.
Most of them won’t be up to date, and they’re probably doing it for saving the project, either as a reminder, or in case the repo gets deleted in the future.

ReversalHatchery,

Transcoding happens server side. The operator can turn that off or limit the options

ReversalHatchery,

Do we hate them, all of them? Personally, I don’t.

ReversalHatchery, (edited )

Well, yeah, about the speed… it’s not fast. And probably never will be fast as plain internet. Just imagine what is happening: each service you connect to is usually 6 hops away, which in the worst case (where each pair of peers is the furthest possible from each other) would require traffic to take 3 rounds between e.g. west asia and the usa. Here’s an other explanation with a diagram: geti2p.net/en/faq#slow
But that’s just the latency, and it can be tuned. If you want to play online games with a group of people over I2P, you could use for instance a 1-hop tunnel, and ask the others too to use a 1-hop tunnel, and now it’s totally different. Of course this hurts your and the other players anonymity, but it could be acceptable, especially if you make it select a router relatively close to you.

Bandwidth is again a different topic, I think that could improve even without sacrificing on the tunnel length, with more (relatively) high bandwidth routers joining the network, but of course your tunnel’s bandwidth will always be limited by the slowest router in the chain. Fortunately there are ways to have a tunnel through more performant routers.

On how does it work: when you start up your router (a software package, through which other programs can use the network), it asks a bunch of preconfigured servers about known I2P peers, through a process called reseeding. Afaik there are currently 12 preconfigured reseed servers, but you can bring your own, or if you know someone with an I2P router who you trust, they can make a reseed file for you which you can import.
After that, your router will talk to the other routers it now knows about, and ask them too about the routers they know.
This means that it’s better (while not necessary) to have a dedicated machine on which a router is always running and online, instead of having it run for the 30 minutes every time you power on your desktop. It doesn’t have to be powerful, it can be a low power consumption SBC (like a raspberri pi or similar), and I think it’s also possible to set up an unused android phone for this purpose with an app, but you probably don’t want it to use your mobile data plan.

On why is it better for torrenting: I don’t remember the details on that.
What I remember is that it’s often said that the protocol was “built for that”.
But there’s also another thing: vandwitdh is naturally less of a scarcity here, compared to Tor. Connecting to the network requires the use of a “router”, which besides giving access to it for you, also automatically contributes to the network with your internet connection’s bandwidth capacity (except if limited by the tech of your ISP, like with CGNAT; it can still contribute some but usually it’s less), and in turn most users will provide a “relay” to the network. On the Tor network, most users are just users, their clients are not participating in routing the traffic of other users, and so they are only consuming the capacity provided by others.
Also, afaik torrenting on Tor always needs to make use of an exit node to access the tracker and all the peers, while on I2P it all happens inside the network, without placing a huge load on outproxies (exit nodes in I2P terms)

Also, here’s a comparison between I2P and Tor: geti2p.net/en/comparison/tor

It may seem that I2P has a bunch of downsides, and it may discourage you from using it, but let me tell you how I think about it.
I don’t use it for everything, just as I don’t use the Tor network on a daily basis, but when I need it it’s there, it makes me easier to search on a few private matters, and it runs in the background so I’m basically effortlessly helping the other users, when not counting the initial setup and the electricity costs of course (the former was not much, and the latter does not depend on this in my case)

ReversalHatchery, (edited )

Here is the list of the currently available directory servers: metrics.torproject.org/rs.html#search/flag:author…
This article claims that their list is hardcoded, but honestly I’m not sure right now whether it means you can change it.

I2P has a mechsnism for banning routers, permanently or temporarily.
It looks it knows what to block from a local blocklist file and from a “blocklist feed”, but I don’t know what’s the latter right now. I hope you can excuse me on that, I’m also quite new on the topic.

ReversalHatchery,

I’m using something developed by Russians, said I’m not disliking Russians, and now I’m a russophobe. Ok. You do you.

ReversalHatchery,

If course it’s not on the OP, it’s on Phoronix. This is a shitty title from any party, but from them last least I would have expected more, instead of just attributing the performance to a specific distribution, the most corporate-y one no less.

ReversalHatchery,

Where did they say that they were comfortable doing that? I don’t see a word or an acronym of it.

Sometimes you must do things that you are not comfortable doing, but you just can’t avoid it. Doing that for the ISP (who need to set up the cable into your home and the gateway) is not the same as doing that for e.g. netflix or facebook.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • KamenRider
  • TheResearchGuardian
  • KbinCafe
  • Socialism
  • oklahoma
  • SuperSentai
  • feritale
  • All magazines
    •