• 0 Posts
  • 103 Comments
Joined 1 year ago
cake
Cake day: July 30th, 2023

help-circle


  • I assume the problem is hardware. Matt’s hardware didn’t work well with LM, therefore Matt thinks LM sucks… I do wish there was better hardware support but it’s the reason apple went with 1 product = 1 OS = 1 general set of hardware. Sure not every iPhone has the same hardware, but that’s why they have the model numbers, and it’s so much easier to test 200 model mixes than 2,000,000 (Android). Windows gets all the debug info sent directly to them like the others but they also have a huge stack of hardware they can use or they can buy it to test.


  • Just something to keep in mind for those not in the security space. When a security company does an audit, its generally a checklist of commercial and custom security software along with a couple people poking around looking for more manual harder to find stuff. But there’s a reason companies like Mullvad have a bug bounty program… Just because cure53 didn’t find it, it doesn’t mean some bored hacker won’t…

    Absolutely better than nothing though.




  • Do a lot of reading. Get a cyber informations systems basics overview on your own self-teaching before you try to understand it all.

    Stay away from session and matrix. Signal, Nostr, SimpleX (nvm if you use Apple products) and the like are okay, but they are all hobbyist influencable products besides Signal which gets fat government grants and just happens to use the same encryption standards as all other huge name E2EE tools.

    Stuff is fun to learn on, but get a good VPN (debates about… mullvad, ivpn, cryptostorm seem okay). here’s something fun for you and free: https://www.thc.org/segfault/


  • Then maybe you’re okay.

    A number of people can see your IP, people will chime in and add to ane remove from this list:

    Can’t see it:

    • Random people you personal message with
    • Random people you chat with in rooms

    CAN see it:

    • Server admins
    • People you share (send/rcv files with) // this may have been fixed
    • People who send you links and you click them, but this isn’t specific to Matrix, it’s a tale as old as time.
    • You voice call with someone (may have been fixed)

    Some info may be wrong. But having someone’s IP in the days of routers and all filtered ports means little, unless you piss off someone who knows some low level customer support person @ your ISP to pay to get your account info. Or you’re dealing drugs in which case use TAILS and stop fucking with technologies you don’t know the specifics of.

    If they knock you offline and you can’t access anything at all, unplug your router AND MODEM (most importantly your modem) for an hour. Go touch grass for an hour. Widdle a wee branch. Plus your boxes back in and you’ll be bright as new.

    @possiblylinux127@lemmy.zip this isn’t meant to be a dig at you, although last time you didn’t care to correct or learn if I recall,but often times you leave out the “if so,” “possibly, what and XYZ?'” and it ends up spreading misinformation because you didn’t know enough or care enough to type enough.

    I love Matrix but we need to be open about what the fish is before skinning it…

    https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0

    https://blog.erethon.com/blog/2022/07/13/what-a-malicious-matrix-homeserver-admin-can-do/

    https://www.reddit.com/r/PrivacyGuides/comments/q7qsty/is_matrix_still_a_metadata_disaster/


  • Synnr@sopuli.xyztoPrivacy@lemmy.mlDrones trespassing in my property
    link
    fedilink
    arrow-up
    6
    arrow-down
    11
    ·
    edit-2
    5 months ago

    Just to confirm the obvious. Downvotes are expected but OP you should read this.

    They are close enough to see that they are quad copters, and they make a buzzing noise, correct?

    There have been a lot of UAP flaps where the objects (not quad copter looking) will fly low over the countryside, just above the tree-lines to much higher. They usually make no noise aside from reports of static or screeching or electronic interference.

    Unlikely to be the case but if so, report to your countries MUFON type department and get as much evidence (video with sound, drawings, time and date, etc) as you can.

    There is something else out there, whether it’s military black projects mapping areas or what have you, and it needs to be documented.

    If it is for sure quad copter drones, you can get a device to blast the 2.4Ghz spectrum for a short time and make them ‘phone home’ and the operators will stop flying them over your property once they realize something wrong keeps happening when they do. Legality varies.

    Many tutorials available to DIY. You can also buy them pre-built, just more expensive.



  • That does go a long way towards explaining why there are so many Bluetooth vulnerabilities, thanks for the info. Looking at the list of Bluetooth protocols wiki page gives me a headache. Surely there is a better standard, and I see things like HaLow, ZigBee, Z-Wave and other custom protocols, but it seems like there should be a very cleanly well-documented alternative to do the basics that everyone expects BT to do. This, coming from a total noob, speaking completely out of my anus. I just know that as a BT user, it’s a crapshoot whether there will be major audio delay, and pause/play actually worked, that’s if pairing works in the first place. But if something did come along I wonder if there would even be adoption among consumer devices.







  • Synnr@sopuli.xyztoLinux@lemmy.ml*Permanently Deleted*
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    6 months ago

    And have eyes good enough to look very closely and detect any small . or `s that are out of place, and be current on all methods of sanitization, catching any and all confusing variable names doing funny things, and never getting mentally overloaded doing it.

    I wouldn’t be surprised at all if teams at NSA & co had game months where the teams that find the highest number of vulns or develop the most damaging 0day exploits get a prize and challenge coin. Then you have the teams that develop the malware made to stay stealthy and intercept data for decades undetected, and the teams that play mail agent and intercept packages containing core internet backbone routers to put hardware ‘implants’ inside them.

    These are the things Snowden showed us a small sliver of in 2013, over a decade ago, some of which was well aged by that point.

    The days of doing illegal things for funsies on the internet, like learning how to hack hands-on, are over if you don’t want to really risk prison time. Download vulnerable virtual machines and hack on those.

    But if you’re worried about a random maintainer or packager inserting something like a password stealer or backdoor and letting it hit a major distro with a disastrous backdoor that doesn’t require a PhD in quantum fuckography to understand, chances are likely big brother would alert someone to blow the whistle before it hit production, as they likely did with xzutils.


  • Can any late teen-early 20s armchair philosophers once-over this for me?

    I have a theory. Never before on the internet (going on 30 years of it) have I seen so many curses used but not fully spelled out (‘f*ck’ for example).

    I believe the change has to do with social media and specifically short-form video apps (Tiktok, IG Reels, Youtube Shorts) - not all of which I am familiar with, but I know at least YT and I believe TT does as well. When curse words or words like rape and murder are used in text (or ‘subtitle’ text on screen) the video reach can be penalized in some way. I assume it’s similar in comments.

    So you have a ton of the younger generation consuming hours each day of censored curse words, and in their mind it becomes just what you’re supposed to do, socially. They end up doing it with each other over text, and consequently in comments. I have a younger co-worker who will gladly say “F*ck that dude hes a b*tch” in group chat, and when I asked him why he doesn’t just say the words he’s using, he said “I just don’t like to curse.” Which makes no sense to me, as it’s the same word and intent.

    I know some Lemmy instances will remove words, but generally only ‘bitch’ and derogatory slur words.

    So I hypothesise it’s simply unexamined social conditioning, where they see their peers doing it so they do it too, never questioning why.