Queer✨Anarchist Anti-fascist
I think it would be funny to normalize wearing bloc in order to retain privacy. It’s why some people might wear accessories they normally don’t wear, such as beanies and sunglasses at protests, even if they aren’t in full bloc, covering hair and eyes (in addition to a surgical mask) can make it really hard to doxx someone.
That’s a fun mistake to make. I had a similar thing happen with Kubuntu uninstalling my GPU drivers. I could never figure out what caused it.
Absolutely.
I don’t have a CS degree, I have a Cybersecurity and Forensics one. But, I love programming, and between the overlap of the two degrees and and my advanced designation I ended up taking about 3/4ths of the classes needed to get a CS degree.
Diversifying helped so much with me becoming a well rounded developer. My assembly programming class, while optional for CS, was mandatory for me, made me a significantly better dev. That assembly knowledge got me to become a skilled debugger, which made my C++ classes 10x easier, and it helped me understand memory at a lower level, making the memory problems easier to diagnose and fix.
I convinced a CS friend to take one of my cyber classes, Reverse Engineering, and he found te components of the class where we analyzed a vulnerable program to find and exploit the vuln, or the bit where we tried and determined the bug based on malware that exploited it is insightful to learning to program securely.
Learning about the infrastructure used in enterprise during a Windows admin or Linux admin class will make it easier to write code for those systems.
From the cybersecurity perspective, many of my CS classes carry me hard. Knowing how programs are written, how APIs are developed, and how to design complex software lets me make more educated recommendations based on what little information I’m given by the limited logs I am given to investigate. Writing code that interfaces with linux primitives makes it easier to conceptualize what’s going on when I am debugging a broken linux system.
I have tons of experience with enterprise linux, so I tend to use Rocky linux. It’s similar to my Fedora daily driver, which is nice, and very close to the RHEL and Centos systems I used to own.
You are slightly mistaken with your assumption that debian is insecure because of the old packages. Old packages are fine, and not inherently insecure because of its age. I only become concerned about the security implications of a package if it is dual use/LOLBin, known to be vulnerable, or has been out of support for some time. The older packages Debian uses, at least things related to infrastructure and hosting, are the patched LTS release of a project.
My big concerns for picking a distro for hosting services would be reliability, level of support, and familiarity.
A more reliable distro is less likely to crash or break itself. Enterprise linux and Debian come to mind with this regard.
A distro that is well supported will mean quick access to security patches, updates, and more stable updates. It will have good, accurate documentation, and hopefully some good guides. Enterprise linux, Debian and Ubuntu have excellent support. Enterprise linux distros have incredible documentation, and often are similar enough that documentation for a different branch will work fine. Heck, I usually use rhel docs when troubleshooting my fedora install since it is close enough to get me to a point where the application docs will guide me through.
Familiarity is self explanatory. But it is important because you are more likely to accidentally compromise security in an unfamiliar environment, and it’s the driving force behind me sticking with enterprise linux over Nixos or a hardened OpenBSD.
As a fair word of warning, enterprise linux will be pretty different compared to any desktop distro, even fedora. It takes quite a bit of learning, to get comfortable (especially with SELinux), but once you do, things will go smoothly. you can also use a pirated rhel certification guide to learn enterprise linux
If anything, you can simply mess around in a local VM and try installing the tools and services needed before taking it to the cloud.
This is why I did a “walkthrough test” when I had to write documentation on this sort of thing. I’m a terrible technical writer, so this shit is necessary for me.
I grabbed my friend who knows enough about computers to attempt this, but not enough about infrastructure to automatically know what I meant when I was too vague.
Took two revisions, but the final document was way easier to follow at the end
I run two APs, and a Unifi server running on a thin client linux server.
I have the U7, and the U6 extender that goes in a wall outlet
I have a few of their small poe powered ethernet switches, they’re great since I have a poe switch as a backbone I can put it near a group of devices in a room, like consoles, raspberry PIs, etc, and just not have to worry about much setup or powering yet another tiny device.
Highly recommend unifi devices
If whataboutism is reframing the question in a different light that includes what we were talking about and not simply deflecting with a what-about, then I guess I did a textbook whataboutism. I guess I did the classic whataboutism bit where I said tiktok wasn’t censoring, even though I swear I said they were, and instead I said what why do we give social media the power to censor shit like that I was saying tiktok wasn’t censoring and whatabout other social media. 🙄
Whataboutism is when you don’t defend your point or argue against the original point and just change topic. Ex: “Oh you are saying that tiktok is censoring anti-ccp thought? What about facebook and twitter doing shit like banning XYZ political commentators???”
What I said is a bit more complicated than that, so I’ll boil down my points into something a bit more simple manner
Look man, you can’t claim someone is doing a fallacious argument tactic when they aren’t doing it. If someone argued something, fucking respond to it or don’t, it genuinely doesn’t matter. But if you are gonna just be a cunty smuglord instead, you’re a dick and I wish you the worst.
Now, i’m gonna disregard your shit-slinging and go back to taking your comments in good faith. I have a serious question for you. You seem to have a problem with my points, but what about it do you disagree with? I’m literally agreeing with you in a few places and just calling the framing flawed. If you’re gonna respond to that, don’t take me out of context.
If I could do an analysis like this, I would. But I don’t have the technical know-how to do so. Being like “Why don’t you do [complex activity] rather than comment on an existing study” is a shitty mindset that attempts to shut down conversation and doesn’t build upon it in any meaningful way.
Further, I think you completely missed the point of what I said. You presented an article that showed tiktok is biased towards CCP positions, and that isn’t really surprising. I said that I don’t think Instagram is any more trustworthy simply because it is American owned, and I think the framing of that view is flawed. I don’t think it invalidates the data, I just think it places a huge amount of trust in a social media company that has been in constant controversy for its entire existence. The point is why is the problem the fact that a social media company is using their power to promote CCP viewpoints, rather than the fact that social media companies have such power with such little oversight.
You seem to be claiming there’s a fire without even seeing any smoke while simultaneously ignoring the flames in front of your face.
I think you can only say that when you are intentionally misinterpreting what I said to the point I think you are trying to stuff me in some little box I don’t belong in. I acknowledge that TikTok is a problem. If the problem is algorithmic bias with social media, why are we stopping with the foreign company that has opposing interests? Why aren’t we angry that a single company can hold so much power and have such little accountability?
the only issue with Meta is how they refused to take down offensive stuff from high-profile conservatives due to political backlash
I wish I lived in a world that this was the only issue meta had.
I bet I’m missing a ton, but these things quickly came to mind.
I feel that.
Three years ago I moved to fedora and RHEL based distros like Rocky for my devices and servers because I’ve gotten suck of Canonical’s shit. Don’t regret it.
I skimmed the article and I see your concern, but my skepticism remains because of the inherent assumption that instagram is trustworthy and not already tinkering with their own algorithms. Just because the company is American owned doesn’t make it any more or less trustworthy in my opinion. I think the framing is flawed, but that doesn’t discount the concerns with things that are pro-taiwan having such a small presence
I do think a big reason why tiktok is now being held to the flame is the fact there is so much dissent on it. Younger Americans are becoming increasingly anti-israel and more critical of the US’s stance on foreign policy.
Instead of reacting hastily and banning tiktok I think a better action would be placing the same criticisms on domestic companies. Instead, I think we should make companies much more transparent in how they use their algorithms and filter content. Instead of getting upset that one company is censoring, and making them sell to a US company, we should instead prevent censorship more broadly.
edit: made point a bit more clear
Its worse in the best way IMO.
The main reason I buy vinyl is for the other reasons you mentioned, but the imperfections of vinyl gives it a less robotic and sterile feel. It’s like listening to digital drums vs acoustic drums.
There’s also the ritual of playing vinyl that’s real satisfying
I’m genuinely hyped for this DLC
Linux passwords can be set to expire. A non-expiring password is sometimes just set to expire so far in the future that it will not be reached by the user (such as 100 or 200 years). A really broken clock could surpass that and cause expiry.
Wait, people trust corporate benchmarks?
apparently you don’t read TechDirt
I don’t read TechDirt
the NSA has … been leaking stuff to the FBI
Oh, I know about this, I thought you were talking about local law enforcement offices, which is not something I’ve seen.
As far as the unconstitutionality of the NSA’s actions, I fully agree with you. From the perspective of of an anarchist, I don’t exactly see any alphabet agencies or the branches of government in a good light. I fully expect the NSA to be involved in shenanigans, just as I expect the FBI or CIA to do so.
the FISC has always been a rubber stamp court so it shouldn’t be necessary for law enforcement to circumvent warrants for NSA information, but it turns out it’s just easier using the NSA backdoor access
If you are talking about the FBI when you saw law enforcement, the FBI has it’s own malware it uses, such as Magic Lantern historically, and certainly others that are not public. There is also some info about them possibly using the NSO group’s Pegasus spyware, which is obscenely hard to detect, and has, at times, been 0-click, meaning you don’t need to take any actions, and it has cleaned up evidence of tampering. Since the FBI has to make sure their evidence is admissible in court, they do need to make sure their evidence is gathered in such a way that it does not violate laws.
However, I have listened to interviews with people who argued their case was built on unconstitutional evidence, and claimed that the feds told them “if you try and attack the case like this, we will tack on more charges,” so I’m not saying they always deal with admissibility in court when starting investigations.
The only gripe I still have is the your statement about the NSA’s lax security, since the breaches I’ve read about have all been done by nation state actors, which tend to be the most capable groups in the world.
My experience with the NSA, as someone who works in security, does not indicate they have lax security. From their leaked tools (I <3 ghidra), to their security guidelines, to their malware like stuxnet, to their public tools like SELinux (and eventually ghidra), their security capabilities seem solid.
I don’t want this to come out as me liking the NSA, since I hate a lot of what they do. But as someone who is a huge security nerd and malware enthusiast, I find their tools fascinating, and do have some respect for them from that perspective, in the same way someone might like Kanye’s music and respect his talent, but hate his guts for being a nazi.
If there are any good techdirt articles, please send them my way, I’d love to read them
I do that to my dead drives, but I’ve only had one fail that wasn’t an SSD. Moreso because the washers that separate the platters have a very satisfying ring to them that makes me keep them as a fidget toy.
I use the magnets to hold screws, it works great for that.
Unfortunately, SSDs have less interesting parts, so I just take them apart to destroy the chips after failure
the NSA’s information security is lax and outdated
As someone who has read the unclassified reccomendations on infosec written by the NSA and CISA, no, it isn’t. The NSA has some sophisticated security infrastructure, and if stuxnet or eternal blue has shown us, their infosec capabilities are incredible.
we’re pretty sure Russia and China are unofficially privy to any data they want.
I have literally never heard anyone say this before and this goes everything I know about cybersecurity, intelligence, and geopolitics.
The NSA ECC bullshit was to support surveillance, not to weaken their own security. The theoretical vulnerability lies in the usage of the suggested parameters of their curve, not ECC itself. Making surveillance easier is something that the NSA has historically supported.
at this point NSA leaks stuff to other law enforcement
I genuinely have never seen anything to support this that is substantial.
Holy shit I cant believe you’ve made an anarchist defend the NSA but this is so damn wrong.
Learning about norway made me a prison reformist, learning about the US prison system made me an abolitionist. I’m skeptical that the leviathan of the prison-industrial complex can be reformed.
Our system is so fucked up its insane. Inside, it’s terrible. Outside? Good luck getting a job with a criminal record. It’ll force you to steal to live, then you’ll be thrown back in.
Eric King is an ex political prisoner who has just recently been released, and he has been on a ton of leftist and anarchist podcasts in the past two or three weeks. His interview with The Final Straw Radio gives good insights on how halfway houses suck, and his interview with IGD is a good eye inside prison.
Fuck prisons, fuck cops, this shit sucks.
The main way criminals are caught is when they transfer their crypto to an exchange so they can convert it to cash. Law enforcement will subpoena the exange and ask “Hey, who exchanged 0.7886 bitcoin for cash on this date?” and they will get their identity. Using the public ledger, they will be able to trace the transactions done and show that this person sent money to an address advertised as belonging to a trafficking site, an illegal market, or recieved money from the bad wallet address.
The address owner is anonymous until there is a source of data that ties information the wallet, and often transactions can be used to do that, just as any way to advertise a wallet belongs to you can, or any way to exchange crypto to cash can.
In most cases there isn’t much you can do to fool the government without a lot of prep time such as scouting routes to find cameras, destroying them, or being really good at changing into bloc in the middle of a crowd and not getting caught.
But the important thing is threat modeling. The past dozen or so protests I’ve been at haven’t had the government as a big threat, it has had fascists as the primary threat. While a fascist cop would be a problem, it is much less likely than fascists combing through protest footage to try and doxx people, or a fascist at said action trying to get good photographs. That’s why I masked up.
The last real dicey action that I went to I still masked up, even knowing that the government could still try to track me if needed because I knew it would be time consuming to do so, and that they would only go through the process of doing that if I make it worth their while. Bloc is still effective, but quite hard under this heavily surveillanced police state.