calamityjanitor @ calamityjanitor @lemmy.world

Posts

2

Comments

73

Joined

2 yr. ago

They've been seen using TM SGNL made by Israeli company TeleMessage to archive messages. Which is good except that it does so unencrypted, giving Mossad a window into the administration...

That is fricking sick dude!

I say this with love and kindness, please stop watching schizo youtube videos.

I think you're connecting digital IDs with people's online activity for some reason. In most countries, authorities can already connect online activity with an individual, since you register and pay for internet. Doing things that the powers that be don't like will get you in legal trouble. Remember the 2000s when the music industry sued individuals for millions? In China they take down your post if it challenges social cohesion, in the USA they take all of your money and assets for challenging corporate revenue.

Most digital IDs are options for people that already have their bank/credit card on their phone and don't want to carry a wallet just for ID. Some places like Estonia go further with actual asymmetric keys that let you sign documents with your ID's private key that proves you signed it.

If it was me, I'd snoop the DNS requests and/or SNI headers. Flag on torrent index sites and trackers known to be used for pirate stuff. They don't need to know exactly which paw patrol movie you're downloading, just that you are getting something from thepiratebay.

Does it exist anymore? iTunes went DRM free in 2009. Bandcamp is DRM free. Even streaming services can be readily downloaded from with alternative clients. Who's still selling DRM'd music?

Ah yes the age old problem

If you're looking for a privacy respecting paid service that's not just a file locker for pirates I have two recommendations: At a previous workplace, we used LiquidFiles. More catered for commercial uses.

Personally I've been using Bitwarden Send. Requires a paid account ($10/year) and limited to 500MB files.

lol you probably would have gotten away with it if you just used China's history as another example of empire. But singling out 'Han culture' as the problem makes you look like a bigot. Especially when your example is from the Qing Dynasty, that was ruled by Manchus people, not Han.

It's called secure boot and it's been around for over 10 years now.

Software passkeys can't provide attestation and don't. A service requiring it would reject every apple and google device too. Its a feature for hardware like yubikeys and smart cards used by governments to ensure it's not a knockoff with backdoors.

No thats actually not an issue at all if your device is secure and uses full disk encryption.

Oh I see your computer is secure well then nothing to worry about 🤣

If i want to write down my private key on a piece of paper and type it in by hand then thats my issue to deal with and not theirs.

With a hardware FIDO2 key, the private key never leaves the device, instead it signs challenges. Malware on the PC can't access the private key and make it's own copy.

Using software keys, they are at least encrypted in the vault until you open it, then there'll be a window of time with a plain copy in memory that malware can potentially grab.

Your plaintext private key file can be stolen by malware easily and immediately. You would actually be better off with it written on a post it note.

Course in real life malware is gonna be stealing your browser cookies to gain access to your accounts and avoid the whole keypass thing. In the world that FIDO was born, authentication is happening all the time and any possibility of key theft is considered a compromise.

I wanted to be sympathetic to the author. Passkeys are complicated, especially since they now try to cover so many situations, and it certainly originates from the corporate world. But this guy is spreading FUD. Tim Cappalli pointing out security shortcomings in keepassxc's implementation a couple of times is not proof that FIDO Alliance is anti open source.

Is had my eye on this one for a while. Any good?

Ah kay, definitely not a RAM size problem then.

iostat -x 5 Will print out per drive stats every 5 seconds. The first output is an average since boot. Check all of the drives have similar values while performing a write. Might be one drive is having problems and slows everything down, hopefully unlikely if they are brand new drives.

zpool iostat -w Will print out a latency histogram. Check if any have a lot above 1s and if it's in the disk or sync queues. Here's mine with 4 HDDs in z1 working fairly happily for comparison:

The init_on_alloc=0 kernel flag I mentioned below might still be worth trying.

After some googling:

Some Linux distributions (at least Debian, Ubuntu) enable init_on_alloc option as security precaution by default. This option can help to prevent possible information leaks and make control-flow bugs that depend on uninitialized values more deterministic.

Unfortunately, it can lower ARC throughput considerably (see bug).

If you’re ready to cope with these security risks 6, you may disable it by setting init_on_alloc=0 in the GRUB kernel boot parameters.

I think it's set to 1 on Raspberry Pi OS, you set it in /boot/cmdline.txtI think.

Exhaustive ZFS performance tuning guide

sync=disabled will make ZFS write to disk every 5 seconds instead of when software demands it, which maybe explains your LED behavior.

Jeff Geerling found that writes with Z1 was 74 MB/sec using the Radxa Penta SATA HAT with SSDs. Any HDD should be that fast, the SATA hat is likely the bottleneck.

Are you performing writes locally, or over smb?

Can try iostat or zpool iostat to monitor drive writes and latencies, might give a clue.

How much RAM does the Pi 5 have?

Personally I think it's fallen out of fashion. For my blog I'd either use a meme or other dump picture for each post. When generated images first came out I used a few for blog posts, it was new and interesting and said "I'm interested in technology and like playing around with new things".

Nowadays I'm back on the meme pics. I feel now it's so much easier to generate images, it more says "I want to look professional but also spend no money and have no standards".

Nah bugger that. Famous actors are known by a vast majority of people. It is not normal for open source programmers to receive abuse to the level of death threats. That only happens when you get the attention of kiwi farms types.

I always assumed that Poettering is an arse to people because of the hate he got for systemd. I imagine it's hard to see the best in people when there's a crowd of haters everywhere you go. Though I have no idea what he was like beforehand.

You can read IAEA's press releases for each attack. They go through the precise function and nature of each building and access the potential danger. Though they haven't updated for the US's latest bombing.