machiavellian

DISCLAIMER
I am not a computer security expert, merely a hobbyist having read some blogs from people who sounded smart. It is more than probable that I am mistaken in one or more parts of this post.

Linux is not more secure than Windows. By default, it’s actually considerably more vulnerable than Windows. Source

In my opinion an antivirus doesn’t really solve your problem. What you actually want is sandboxing, which means restricting user and program privileges. I recommend getting familiar with SELinux (or alternatively AppArmor, although it isn’t nearly as effective) and bubblewrap (or alernatively Firejail, which requires root privileges to run and is thus a bigger threat vector than bubblewrap).

Aside from that just disable any service you aren’t using (like ssh), use a deny-all-allow-some firewall, and verify what you download. If the link says “100% REAL 1 MILLION FREE ROBUX DOWNLOAD CLICK HERE NOW”, then maybe don’t click there.

Because even an antivirus won’t help you if you download malware, which isn’t compiled by skids who lifted the code from some darknet hacker forum. Antivirus isn’t some magical tool which makes your computer inherently more secure. Meaning you can’t offload your responsibilty to a program running with kernel level privileges. Your computer, your responsibilty.

P.S: If you want a more secure computer, I’d recommend a minimal and/or rolling release distro (openSUSE, Arch, Void, Debian) or FreeBSD/OpenBSD (BSD variants mitigate many of Linux’s inherent flaws).

5 hours? … You have much to learn, padawan.

And it has been audited by an independent auditor. And it doesn’t have user ID’s. And you can have multiple accounts with no effort. And you can selfhost your own servers. And it’s actively developed. And it’s available on all major platforms. And the list of pros goes on.

I have to contend that the founders views don’t align with my own (or with most people on lemmy). But that aside (freedom of speech), I wouldn’t dismiss them simply because “VC bad”. If you want a different perspective, read this.

While I agree with the overall premise, it’s not a great article. The author just quotes facts while drawing no relevant conclusions or wrong conclusions.

The fact that there is fraud in Estonia, like any other country, is, I imagine, due to people being stupid. In my country most fraud cases are grandmas handing off their pensions to randos to help their grandchild escape prison or to help with a super secret government mission to catch thieves. Similar to the classic Nigerian prince schemes. Not once does the author mention how digital ID’s are connected to fraud or how they enabled money laundering.

I hope that the author is just not that great of a writer and not malicious because throwing in scary statistics and names like Palantir without making any conclusion as to how digital ID’s could exarcebate the problem, really feels like fearmongering.

Nevertheless, I quite liked the website design and the extensive quotation of sources.

Holy hell! Didn’t imagine him being that far right. Always thought the accusations were half made-up.
It’s always sad to see promising FOSS projects taint their image with deplorable political views or behaviour (Hyprland, GNU, GrapheneOS, probably some others). Although I believe in freedom of opinion, I draw the line on inciting violence and hatred against minorities. Also, I can’t fathom why he would still use Xitter, when so many better alternatives exist?

creator is an alt right loon

What has he said or done?

I am at the very beginning of my journey taking those first baby steps. As I don’t yet understand all the sysadmin stuff, I’m treading rather carefully to avoid making unfuckable mistakes.

I recently switched to Void on my daily driver so it has been a bit of a trial to get used to a new OS and configure it correctly. Nevertheless, it’s been a great learning experience.

Alongside it I’ve downloaded OpenWrt on my router and begun to configure it as well (still need to deal with the Wireguard and Unbound config).

For the actual server I managed to secure an old Dell Optiplex. In the near future, I plan to flash it with Libreboot and then install Debian or FreeBSD (apparently great ZFS support) on it. Though I’ve still no idea whether I should use Proxmox and how I should format my drives (one 500GB SSD and 4TB HDD) for maximum effiency and for the possibility of later easily upgrading my storage capacity.

When I’ve finally past these steps, I plan to selfhost music services, as well as few other basic services. My goal at the moment is to replace Spotify for my whole family. But it’s still a long way to go.

Just as normal sunglasse don’t fool facial recognition systems, modern gait recognition systems can’t be defeated by “just altering how you walk”. You can read more about it on The Hitchhikers Guide to Online Anonymity. There is this research paper.

They link a specific device which can fool some systems, but a bit easier (although more inefficient) is just wearing very loose clothes that cover the movement of your muscles.

A bit weird that they labelled SimpleX’s businessmodel freemium. AFAIK every functionality is free, just like other messengers they list.

Many people say that SimpleX is not ready to replace the likes of Whatsapp, Telegram and Signal yet but noone specifies exactly what features are missing.

I get that public key cryptography is confusing for the average people but there is no UI fix that is getting around that obstacle if we want people to make informed choices on what platform/protocol to use for communications.

The same thing applies to decentralization - people just need to understand that the trade-off they’re making for communications’ resilience is the comfort of an online addressbook.

Although I admit that there are certain UI elements that could be made better (for example the nickname setting could be stylized a bit better so people can more easily change the names of their contacts to something more familiar), most criticism towards SimpleX comes from people being a bit lazy and not reading the manual before using the app.

TL;DR: I don’t understand what features are missing from SimpleX.

Inundate me with info!

As you wish!

Look through this index. Maybe something catches your eye. Also some of these links are part of webrings so I think you’ll be occupied with this information for awhile.

As a general guideline, I recommend you watch a video or two about how Monero works. Don’t know how strict your threat model is but it’s always good to know what a tool can and cannot do.

I also recommend you run your own Monero node. MentalOutlaw explains pretty nicely why it’s necessary and how to do it.

As for where to spend Monero, there used to be general indexes hosted on HackLiberty and Nowhere. But of the top of my head I can recommend XMRbazaar and ProxyStore.

In case your bored, an index of some intresting material to read.

tomb: Tomb is a minimalistic CLI based hidden file encryption tool based on Linux dm-crypt and LUKS.
In addition to its cool ass name, it also has a GUI that’s called Mausoleum.

The same argument of “lawful acces to data while ensuring the rights to privacy and security” keeps popping up. I just can’t fit into my head how one can ensure my right to privacy while actively enabeling the undermining of said right. Have none of the “experts” taken Cybersecurity 101 or read just [one article detailing why it is impossible to “just let the good guys decrypt the bad guys’ encrypted data”] (https://mullvad.net/en/chatcontrol/stop-chatcontrol). Maybe I’m just missing something.