Signals registrar is Markmonitor and is hosted from the US. Should everyone stop using signal?
What is the benefit to using your own key on top of protons encryption? Why not just use your own encryption with any other provider?
This privacy community and the conspiracies or flat out misunderstandings that are coming back from the Reddit grave feel like they are coming from the anonymouse joker and Rob Braxman.
I agree the balance is difficult and I agree asking later sometimes yields different results. My for instance about a sub and corresponding question asked endlessly is the privacy guides sub where people ask something like: "I'm using brave or firefox browser how do I be more private?"
Like my man you are on a discussion sub for a website literally full of instructions and recommendations with a link to that site pinned to the top of the sub. My goodness it can barely slap you in the face any harder.
It's not as bad as it was but the question is so vague that it almost demands follow up questions like what country, what threat model and what OS? It's not as bad anymore but it got super old and its the questions that are too general to be helpful and repeated hundreds of times over that really depressed me to read.
Asking questions that are asked all the time in a sub or are already answered in the wiki. Not doing even basic searching for information before asking.
It took me a couple reads but I think its supposed to say wipe your paws but the A, W and S in paws aren't really correct cursive.
Calendars, contacts and mail are not end to end encrypted on icloud even with advanced data protection.
I see so many YouTube videos of people running blatantly red lights and getting in accidents or other videos of people stopped and gunning it backwards, hitting something, then they put it in drive and launch full speed forwards and hit something else. What is going through these peoples mind? I just don't get how there is such a high quantity of these videos.
You are the first person I've ever heard of that referred to the framework as thicker and clunkier. That's good for you that you buy used and have had your desktop PC running with the same processor for 4 years but also that's upgradable. You don't need to get a new case or power supply to upgrade components. It's not just about upgradability but reparability in case something breaks or you break something. Even supporting second hand market a macbook only has so much life. The hardware can go EoL and no longer get software updates but your screen and keyboard still work fine. Would be great to just upgrade your chipset instead of the whole laptop because the processor is so old that companies don't want to support it anymore.
It looks like ente.io for photo management will probably be listed on the privacy guides website soon: https://discuss.privacyguides.net/t/ente-photo-management/11763
For email/calendar/drive Proton is the easy choice. I know photo upload is on their radar too but like everything with proton it will probably be a while before that's ready to roll out.
My next laptop will be a framework. They offer parts and manuals and it is built to be fixed and upgraded instead of thrown away like almost everything else now. https://frame.work/
And hey. That's a good reason to use njalla and everyone needs to make their own decisions. It just comes at the risk of if they get shut down you really won't have any claim to your domains. It is more private for sure but comes with elevated risk of loss compared to using a traditional registrar and giving them some contact information. My only point was to make sure people are aware of the tradeoff.
All of that is 100x harder than installing Graphene. Graphene can be installed by almost anyone who can watch this video: https://m.youtube.com/watch?v=ZAZlmYKrwfk
ICANN's RAA says nothing about your address needing to be your home address. It can be a P.O. Box or a mail forwarding service. It just needs to be a contact address.
I'll second porkbun. They are great.
If not porkbun then name cheap.
If not either of those anyone but godaddy.
Don't forget to run the DEJIGAMAFLIPPER on your domain after purchase. Very important.
Yea this too. If you are ever debating doing this search you up some aftermath pictures. People's femurs break and their feet are up by their face. Just don't do it.
If someone you know constantly makes reproductive anatomy or other borderline jokes and you think they should stop just play dumb. After the joke just say (with a straight face) that you don't get it. When they have to explain it it the joke satisfaction is gone and then more technical words need to be used to explain it making red flags pop up for them and anyone listening. They might get in trouble and you won't need to confront the behavior directly.
Works especially well in the military (even better if it's a superior).
Go to Njalla and create your dynamic DNS record. Once you do that It should show you something like this:
https://njal.la/update/?h=<yourSubdomain>&k=<yourKey>&auto
On your records page it will fill in your subdomain and key automatically. on their documentation page it does not do this. You don't need the one from the documentation page. the one next to your dynamic DNS entry is what we want anyways.
Now on the pfSense box:
Make a new Dynamic DNS client. Service Type: Custom Interface to monitor: WAN (but might be something else depending on what you are doing) Interface to send update from: WAN (but might be something else depending on what you are doing)
In the update URL box paste in the URL Njalla gave you.
In the result Match paste in this:
{"status": 200, "message": "record updated", "value": {"A": "%IP%"}}
Now your pfsense box should know if it did a successful update or not. In your pfsense Status > System logs you should see this:
/services_dyndns_edit.php: phpDynDNS (): (Success) IP Address Updated Successfully!
Then I ran into an issue where it seemed like njalla wanted an update sooner than every 25 days and pfsense would say oh it hasn't been 25 days so I'm not telling njalla my IP is the same. well ok then. I pulled some inspiration from this thread:
https://www.reddit.com/r/PFSENSE/comments/hhvxdl/force_dynamic_dns_update_every_7_days/
So thanks u/WetwareLabs
I installed the cron package on the pfsense box and then I edited the /usr/bin/nice -n20 /etc/rc.dyndns.update command to run on the 1 minute of every hour (I think you see where this is going).
I then created a new cron to run every hour on the 0 minute that just runs this command: rm /cf/conf/dyndns\_wancustom\\'\\'0.cache
So now every hour the firewall doesn't have the current WAN IP cached and he goes "Holy barnacles, I gotta tell Njalla my new IP!"
Now Njalla knows every 1 hour that something is still saying "hey I'm alive and here is my IP"
I know this solution is kind of ugly, but it works. I am sure almost nobody will read this or do anything with it but if you are living the real privacy lifestyle running local nextcloud and want to get at that sucker from the internet AND you don't want to pay for a static IP or use another dynamic DNS provider then maybe this is for you.
I’ve been tooling around with this for a few days now and I think I stumbled into a couple pretty useful things.
1.) having multiple VPN destinations with proton (because proton wont just load balance you to country specific plus servers):
If you already have a working openvpn config you can go to the custom options and add this to it at the bottom:
remote x.x.x.x 1194; remote y.y.y.y 1194; remote-random;
where x.x.x.x and y.y.y.y are different proton VPN IPs or DNS names. I picked plus servers because for some reason proton doesnt have us-plus.protonvpn.com or any country based DNS entry that just does that for you.
I was manually changing VPN IPs when each one would go down for maintenance and that got old quick.
2.) Split DNS
Maybe you want to have your firewall do DNS lookups for VPN tunnel establishment and then have your clients route their DNS through the tunnel to 10.8.8.1 to stream BUT you need your pfsense box to be the DNS option because you have a host override entry for local resolution of a public DNS entry (nextcloud would be a prime example).
System > General Setup add your external DNS servers here (1.1.1.2 and 1.0.0.2 for me). Check box for Disable DNS forwarder and uncheck DNS server Override
Then go to Services > DNS Resolver
Enable DNS resolver
For outgoing Network interfaces you will want your VPN interface
probably uncheck Use SSL/TLS for outgoing DNS Queries but this will depend on your DNS server you are putting in there
In custom options (if you are using UDP:
server: forward-zone: name: “.” forward-addr: 10.8.8.1@53
Hopefully that made sense and is useful to at least one person out there and you don’t need to struggle like I did. Or maybe everyone here is a pfsense guru and i’m just repeating the obvious.
Why YSK: An airbag typically deploys at 100-200 MPH and if your phone is sitting there it will be launched towards you and probably impale you. Don't put your phone on your steering wheel over your airbag. Don't put any alternate logos or bedazzling on your airbag. Basically don't do anything to or put anything on your airbag because anything you put on it will launch on impact.
Shameless crosspost from my reddit as I move over.
I think The Verge has been getting better over time. Its kind of a breath of fresh air they seem to mostly stay politically neutral and they occasionally use tasteful euphemisms while reporting very accurately. I miss Paul and Dieter but the newer people are doing great work too.
I see stories about how election is rigged or that there are security vulnerabilities and lots of people don't believe the outcome. Why don't they just open source everything so that anyone can look at the code and be sure the votes are tallied correctly?