sudneo

Kagi.com has a lens for the fediverse. A lens is basically a scope within which performing the search.

The other comment already covers the fact that VPN should be useful exactly when you are connected to untrusted LANs. I want to add that also the main point of your comment is anyway imprecise. You don't need a compromise DHCP, you just need another machine who spoofs being a DHCP. Not all networks have proper measures in place for these attacks, especially when we are talking wireless (for example, block client-to-client traffic completely). In other words, there is quite a middle-ground between a compromised router (which does DHCP in most cases) and just having a malicious device connected to the network.

I did not find any source about her being banned from Germany, I only saw some controversy about some tweets that some people call holocaust denial.

I think the general idea is discovery. At the moment if you want to look for a project you go to github and search. If you go to my gitea instance you find only my 10 projects. With federation I could search my own gitea instance and find/easily clone repos from all the federate instances. To me it seems a gamechanger in making codeberg/gitea and also gitlab real competitors to github.

It does require fact-checking. You might ask a human and get someone with 10 fingers on one hand, you might ask people in the background and get blobs merged on each other. The fact check in images is absolutely necessary and consists of verifying that the generate image adheres to your prompt and that the objects in it match their intended real counterparts.

I do agree that it's a different type of fact checking, but that's because an image is not inherently correct or wrong, it only is if compared to your prompt and (where applicable) to reality.

How do you imagine a recovery email to work, if the provider doesn't store it, and you lost access to your email by definition in the moment you need it? Recovery email is not needed, you can totally use your account without and proton doesn't ask for it. It's a feature where you obviously are disclosing that piece of information and link two accounts. It's either that or not using that feature.

You cited a couple of mid-2000 projects (e.g. OpenCL), that Apple opensourced and that anyway hardly apply to the current Apple, since 15+ years passed and the company is under new leadership etc. Then you listed a bunch of links, which I have looked at, and I saw that the vast majority of the OSS projects are related to Swift-ui and other tools that are useful to build app (mostly) in their ecosystem (webKit, careKit, etc.).

So to understand better, your argument fully relies on contributions that happened 15 years ago, to claim that the current company "cares" about FOSS?

Also, you disregard the second part of the argument in order to write your arrogant reply:

Apple is even worse than them considering how they want to have the complete monopoly of what can run on their hardware, which is completely antithetical to the core idea of FOSS.

Which is an answer to your statement:

So? Why should they? It’s a major competitor. Should they provide windows support too? Lol. (They don’t anymore, btw)

Which begs the question: what caring about FOSS means to you? For me caring about FOSS means caring about the freedom of the customers who already paid for their hardware to run whatever they want on it. This freedom Apple opposes in whatever way they can, in basically whatever hardware they make.

I really don't get which critical contributions they do. On their own website https://opensource.apple.com/projects/ they seem to list basically tools and frameworks for building apps, which is on their interest first and foremost that developers have. I don't know what "Community projects" mean, and how big contributions they do there.

Also I don't really like your argument "why they should provide Linux support, they are a competitor". Well, this is what happens when a single company does both the hardware and the software AND doesn't care about the "freedom" part of Foss.

To be fair though most companies can't care less, open source is just a practice that some companies do to pursue their own interest. Microsoft does huge contributions to OSS (including the Linux kernel), same for Google, and yet I would not really say that those companies care about FOSS. Apple is even worse than them considering how they want to have the complete monopoly of what can run on their hardware, which is completely antithetical to the core idea of FOSS. Despite you paid already the 2.5k for your hardware and their OS, they can't just let you run whatever you want on it.

It is not obvious, most likely not necessary and in any case completely unproven. Why are you so busy making stuff up in this thread?

I worked for an online casino in the past. What they do is a standard in the industry. The company I worked for was a small startup and onwed hundreds of domains, mostly just to protect the brand, 98% of which redirected to the main domain, with a few serving slightly different sites for different jurisdictions (e.g. Ontario regulations require that everything happens under a .ca domain). The "blocking evasion" doesn't require CF to do anything, besides forcing the customer to block traffic from certain countries (the ones where you are suspected to evade the block). At this point - if the casino is really operating in the black or gray markets - they can just set ingress to their site outside CF for those countries only if they really wanted. I worked also for a company who was doing this to allow traffic from Russia, changing every day mirrors (and they had an IT department of maybe 20, it was a joke), and Russia was the main market for them.

If what is told in the article is true - I.e. 95% of the traffic was through the main website - then it doesn't look like they were really doing this sort of evading deliberately, considering that in that 5% you have all your alternative TLDs plus the traffic from gray/black markets. Having hundreds of domains and some small percentage of traffic from black markets is something that just happens, it's different from continuously registering new domains for providing access where the previous ones got DNS blocked (this is domain block). It doesn't seem this is what they were doing based on the article, and if they were, then CF emails didn't mention it, which is insane.

Obviously we don't know the full story, so everything has to he taken with a grain of salt.

Yes, you cited examples from early 2000 and then you add current references that have the characteristics I have observed. Maybe you should develop your argument better at this point? Or are you keeping the best examples that show meaningful, present, contributions secrets just to make your argument weaker on purpose?

I pointed out flaws in your arguments which you keep not addressing by making arrogant comments, which makes me thing you don't have any more arguments to use.

Also, I don't hate Apple, I don't care for it. I even mentioned in my very first comment that what Apple does is no different from what other organizations do, even if those make currently bigger contributions to FOSS (Microsoft contributions to the Linux kernel, google project zero reports etc.).

You also continue to avoid the argument that forbidding people to run what they want on generic purpose hardware is completely against the principles of FOSS, and yet all your argument is "why would they". This fact alone would put any OSS contribution to shame, because it's a clear as day demonstration that they don't believe (let alone care) about the Freedom of users, and that opensourcing is a mere way to pursue business interests, which has no moral value on its own.

Soil consumption is one of the many environmental problems we face. Polluting and consuming more soil to condition the market is nonsense IMHO. Governments should simply regulate more so that people vacationing will go to hotels and houses will be available for residents. This also addresses the issue of locals being pushed further and further away in the cities they live, which creating more houses doesn't solve (it will just be the next round of isolated dormitory periferic areas, which have already tons of problems).

Short term rentals for houses was a very good and lucrative idea, but it's harmful to basically everyone but the landlords who rent out houses there. As such, we should simply strongly regulate it to discourage it as much as possible, if not banning it directly.

I discovered not too long ago that Bitwarden has the same integration! https://bitwarden.com/blog/add-privacy-and-security-using-email-aliases-with-bitwarden/

You need to configure it on each device though, and you need to generate an API key first.

Asking genuinely, why that would be a political statement? An author is not bound to represent his or her own opinion in books, I think, no?

The same thing which happened in the past. Antiterrorism laws used for -if I remember correctly - and environmental activist.

They banned from the instance. Apparently the fact that you get banned from hosted communities is just a new feature.

Tbh, also harass a mod. People get quite worked out when being moderated, and being a mod is enough work without people chasing you to argue with you or straight up harass you, I suppose. At least, I can see plenty of good reasons to hide the moderator name.

There are serious cyber security implications here that people are sleeping on

No, there are not.

At most, if they decide to kill the project by adding malicious code they can affect Lemmy itself. 99% of users don't run Lemmy (which is where the "quiet exploits" would run), and the frontend simply doesn't allow you to have a serious impact, unless you think they will stumble upon a browser 0-day and they decide to burn it by committing the exploit to an open source repo instead of selling it for millions (or use it elsewhere).

What's with the fearmongering? Their stance is crystal clear since ever.

possibly even fork the Lemmy repos

Right, and who maintains the fork? Who, among the large population of external contributor, I mean?

This comment is completely off the mark. The information that they disclosed is the recovery email -the same exact thing which happened previously- not any content of any email.

Also, proton does encryption with PGP, but you can't encrypt if the other side doesn't use PGP (which is the case for 99.98% of humans on the planet). If they do, proton supports this including with arbitrary clients using their bridge.

https://proton.me/legal/law-enforcement

Here the mention clearly the data mentioned in the privacy policy which in turns clearly states that you MAY provide a recovery account which will be associated with your account. I also think that anybody that should be concerned for this should understand that law enforcement can get ALL the data the company has on you.

See https://lemmy.world/comment/10467647

It seems this is just a new feature in the upcoming relase (the communities ban).

My Fairphone does, and I have already purchased a batter for 35 euros, which I keep in my drawer. The phone is now just over 3 years old, probably in a year or so I will replace it. I am aiming for at least 6-7 years lifespan.

Like, no opinion on if what was morally right or not, just what the numbers worked out.

I don't want to get in the merit of the comment, but unless you see the future, this statement is simply not true. Your argument is simply based on accepting certain assumptions as true.

Coincidentally this argument is routinely used by people supporting american atrocities, who consider nuking hundreds of thousands of people the humanitarian solution to WWII.

To be clear, I don't agree with that line of moderation, I don't agree with most of the views that seem to characterize .ml, but it's a year that people make posts like this one, you can't tell me you don't understand the ban based on the above.

Usually when hotels close past a certain time you can use a secondary entrance with your keys/card or at most call. Most hotels have a desk open 24h so this doesn't even apply.

Also, I really don't think Italians are generally rude. People are friendly, but also loud and warm, which often can be misunderstood. Assholes exist, obviously.

You forgot 3 zeros, Lucille

True, but 10 years doesn't seem to be a "queue" problem, I bet there are obstacles of different nature (like hoops to jump, additional agreements to get etc.), which all together lead to 10 years waiting. 9 months it was instead literally just the queue for a single test.

That said, someone who might have had a stroke might be dead in 9 months.

Does it work phone to phone? I was under the impression that a backup restore was needed if you wanted previous messages. It's really an unnecessary security risk to have previous message sync. Someone gets your phone in their hand for 20 seconds, links your device and they get every message you have ever sent? No bueno.

If you are cloudflare and you suspect they broke ToS you quote which ToS has been broken, you specify which country blocking the customer is trying or has tried to circumvent and you force the customer to either move away or enforce geo-blocking for those countries (or have a separate account for those with your own IPs). There is no reason to cancel the whole account if the blocking is country-specific and there is no way that 10k a month is anyway a sufficient benefit for cloudflare for their IPs to be blocked in a country (affecting potentially hundreds or thousand of customers).

Sure, but that's essentially a weaker recovery password (which also is an option in Proton).

Also that poses quite some challenges for email verification (say, you make a typo when you first write your address), let alone the fact that you won't see what emails you have configured essentially, which is also bad UX.

I think it's much simpler to have recovery email as it is and -if one doesn't want to associate proton account with any other account- offer other recovery methods, which are available (phrase and phone number).

Online casinos can become international very simply, it doesn't necessarily mean it's a big company. You usually get a license and can operate in that country + a number of gray markets. Ofc there are also huge companies, but "international" doesn't mean much for an online business.

No they don't, at least for Sweden. I remember when they regulated the market in Sweden (I was working for a gambling company at the time and I had to run the security & compliance for the Swedish license). There is no such thing as open market for gambling where the market is regulated (Sweden, Denmark, Estonia, not sure if Norway finally regulated).

As far as I know, a handful of companies got regulated at the first round, some failed and could not operate in Sweden (this might mean you actually need to deny access to users from Sweden - since you do KYC you know) for quite some time (before they eventually managed to get the license).

The problem (why the other user mentions all similar sites) is that the big companies (say Kindred group, Betsson) tend to spin up many alternative brands with different looks to attract different customers.

Also, most of the companies that operate in Scandinavia use the Maltese license, but that works only in unregulated markets (Finland, Iceland and Norway for example - unless something changed in the last 3 years). That said, getting a license once you have another is quite simple usually. The Swedish license for example is easier to get than and very similar to the Danish one, so if you operate in Denmark you can just fill in the paperwork and you should be easily able to pick that one up.

Which is bad in the short termine, but good in the long term, as that means less traffic to Reddit. Ultimately that means that in the long term Reddit will pay the consequences for the actions it has taken.

Unfortunately healthcare is expensive and delays are not unusual. Italy has decent public healthcare overall, but my mom was still required to wait 9 months for a cat scan after a suspected stroke. It is the reality of many public facilities where funds get continuously slashed. If people wait for months and months for procedures needed for life-threatening conditions, I don't see how other procedures (which are lower priority I would say) could not be delayed until much more funding is allocated to healthcare (which unfortunately is not very likely...).

They were openly discouraging people to sign up on .ml already a year ago (I remember a banner to register elsewhere). I don't think "anything" in particular is working. The devs seem not to care less for having the biggest instance, or communities there etc. They had the instance long before most of Lemmy users joined, after all.

Corporations can also act on behalf, or on the orders of nation states. So you don't solve anything, if a state wants to get involved, it will. You have the additional cons that corporations tend to cater to their financial interests anyway, while a public institution might not always have ulterior motives.

I am a security engineer by profession, so I do have at least a decent understanding of what I am talking about. Every server in this case has that potential. There is nothing preventing any admin from patching code and manipulating the network after TLS termination (I.e., changing payloads of POST requests etc.). That said, not even in a videogame you would be "locked up" by someone posting CP on your behalf like that. This is simply not a threat and if you think it is, then you should be worried about every website you visit.

I see absolutely no reason why you couldn't be a Dev and an admin, in a decentralized platform. If this was a single-server platform, maybe. But here, how does the moderation policy of lemmy.ml affects anything but posts over there?

Also, beehaw has a very politicized banning policy, would you say that is unacceptable? I see it as perfectly fine and I would be fine as well if they were to contribute to Lemmy code (unless they try to build their policies into the code and therefore enforce them everywhere - which is something we know the Lemmy devs are not doing).

What does this have to do with showing mod log? Genuinely confused

I disagree. Social media and the "contrarian" attitude they carry, especially Twitter, can help consolidating and radicalizing your opinions. You get exposed to a very toxic way to carry out conversation (especially on Twitter, where you have constant dogpiling and wannabe famous people who try to "blast" others) so that if they are the only places you discuss about certain subjects, can bring you to shift your views as well.

I am not saying this is the case for J.K. Rowling (I don't know), but I don't think we can immediately discard the idea that the dynamics of the medium also affected the result.

But the question is "why"? Email addresses are personal but not secrets, there is no reason to add complexity and worsen the UX for such a feature imo. If anybody is not comfortable with this particular piece of data being associated with their account, they can just use a recovery phrase. It is by no means a necessary feature. What would be the advantage of having a recovery email "obscured"? The advantage of the functionality as-is is that it's trivial to see what you have configured, it's trivial to change address etc.

All of this to add an ineffective amount of privacy. If someone is under investigation, having the hash of the recovery email is in many case sufficient. Asking Apple/Gmail/Microsoft if the hash matches any of their customers covers probably 98% of the population. Billions of emails are also available through breaches, so there is very very high chance that if someone used their personal email, it's either with one of the big providers, or it has been leaked before. If it's not, and you used a private provider with no data, then there is no problem even if the address is obtained, as that cannot be further used to de-anonymize you.