Post APJReO1SXVPLVAgWoq by xianc78@gameliberty.club
(DIR) More posts by xianc78@gameliberty.club
(DIR) Post #API4neQrUb6lC6EjwG by thanius@social.linux.pizza
2022-11-05T10:15:53Z
2 likes, 2 repeats
Hello, my name is Tobias.I'm a Twitterholic, it's been 1 day since my last tweet.Today I deleted the app, since I felt that my timeline there made me feel sick after spending a day here.I'm not quite there yet to abandon my account totally, but soon enough though
(DIR) Post #APIBKACVVrisiKPPXc by charliebrownau@pieville.net
2022-11-05T11:36:58Z
3 likes, 2 repeats
@thanius GdayI recommend checking out* Twatter >> Mastodon* Censortube >> Odysee + Peertube* Google maps >> Openstreetmap* Google Email >> Protonmail* Google Search >> SearX* Google App Store >> F Droid store* MS Office >> LibreOffice* Dropbox >> DIY Owncloud/Nextcloud* KeePass >> KeepPassXCDont be afraid of the Truth , Learning or discovering Government , Mainstream or 'news' lied to you/everyone for a long long time
(DIR) Post #APIBxqtoh83UR1aja4 by Zerglingman@freespeechextremist.com
2022-11-05T11:44:10.862314Z
0 likes, 0 repeats
@charliebrownau @thanius I would also recommend getting into the old stuff. rsync, git and ftp in particular rather than owncloud/nextcloud. Simple is best.Also xmpp for chat (replace, idk, sms because some people seem to still think that's a good idea).Openstreetmap in particular I recommend organic maps for android because the downloading for offline use just werks. Also streetcomplete for a simple gaming layer on top of contributing back to it. It's actually really good, despite some quirks. Can at least take care of the bulk of it to help the eyes in the sky focus on the harder tasks. (And can basically create notes wherever/whenever to direct their attention in particular.)Strongly recommend looking at running your own email. https://digdeeper.club/articles/email.xhtml has a lot to say about existing providers, but little to say about what to do once you do decide to run your own. I've put up a https://mailinabox.email/ and it's good enough, but not my style, so I've also put up an opensmtpd + dovecot server myself which was a lot more effort (and I still have more to do on it, like registration scripts). Since then I have also encountered https://mailu.io/ and https://maddy.email which I have no opinion of yet.Searx is not really a solution, it just defers the problem. yacy is a true solution. yacy needs a lot more work put into it to be good.Password managers are a strictly inferior clone of public keys. Recommend looking into webauthn.
(DIR) Post #APIz2w77d6hloFrvv6 by charliebrownau@pieville.net
2022-11-05T20:54:07Z
1 likes, 0 repeats
@Zerglingman @thanius Whats your thoughts on 2FA I personally hate itI would rather the ability to exclude IP range from certain nations/areasinstead of stuffing around with extra codes or apps
(DIR) Post #APJDoBINJa59ZCNDQO by Zerglingman@freespeechextremist.com
2022-11-05T23:39:33.247498Z
0 likes, 0 repeats
@charliebrownau @thanius The basic premise isn't bad, until you realise that anything other than pubkey auth actually just sucks donkey dong.But 1) it's almost always SMS-based, which is nhe worst of the worst, and 2) it's usually an attack vector in that it can reset the other.
(DIR) Post #APJPXaug0wkxXu96w4 by ryo@social.076.ne.jp
2022-11-06T01:50:57.607546Z
1 likes, 2 repeats
@charliebrownau @thanius ・Shitter → GNU Social, Pleroma, or twtxt, preferably your own personal website・JewTube → PeerTube or self hosting WEBM/OGG files・Goolag Maps → OpenStreetMap, although it's still an inferior project for the time being・GayMail → hosting your own mail server with Postfix (or SMTPd if you're on OpenBSD) and Dovecot・Goolag Search → SearX or SearXNG・Goolag Crapp Store → just dump your phone, PC is where it's at・Microshaft Office → (Neo)vim and sc-im, use LibreOffice as a normie-friendly alternative・Dropbox → make your backups offline, for fuck sake! And for file sharing, simply hosting by yourself using the "scp", "sftp", or "rsync" commands are fine too.・Any proprietary password manager → GNU Pass or KeePassXC・WinDOS or macOS → Linux or BSD・Android or iOS → again, dump your satanphone, you literally don't need it・WordPress → static site generator, or write HTML by hand・Outlook → (Neo)mutt or Claws Mail・Cuckflare or Fastly → choose properly written software and common sense security configuration
(DIR) Post #APJReO1SXVPLVAgWoq by xianc78@gameliberty.club
2022-11-06T02:14:37Z
1 likes, 0 repeats
@ryo @charliebrownau @thanius >twtxtI didn't know what this was until I looked it up. I literally thought of the same idea a while back. Just have an RSS feed for microposts, but I thought nobody would use such a thing. I was wrong.I also basically had the same idea of the Gemini project and dismissed it for the same exact thing.
(DIR) Post #APJUjZqgIUE3USoIlc by ryo@social.076.ne.jp
2022-11-06T02:49:09.364824Z
0 likes, 0 repeats
@xianc78 @charliebrownau @thanius twtxt is basically an alternative to ActivityPub, but more minimalist.Although the main problems with that are that the official websoyte is Cuckflared so it's inaccessible, and it depends on Python 3.
(DIR) Post #APJVRRxSzlpVlAu7yS by xianc78@gameliberty.club
2022-11-06T02:57:06Z
1 likes, 0 repeats
@ryo @charliebrownau @thanius It looks dead easy to write an implementation though. Probably something I can do when I have the time.
(DIR) Post #APJVg8aFJNYW0y2wl6 by ryo@social.076.ne.jp
2022-11-06T02:59:45.732755Z
1 likes, 0 repeats
@charliebrownau @Zerglingman @thanius 2FA is basically a spying tool disguised as "MUH SEKYURITEY MESSYUUR!!".I'm kind of fine with GNU Pass OTP, still annoying, but at least it's OTP on a PC rather than a phone, but every other OTP method needs to die a painful death.
(DIR) Post #APJVluwcvyAxS3GsLY by ryo@social.076.ne.jp
2022-11-06T03:00:48.232728Z
1 likes, 0 repeats
@charliebrownau @Zerglingman @thanius Also, blocking IP ranges have worked in the past, but now that VPNs are so mainstream that even normie NPCs know they exist, excluding IP ranges of certain nations or areas is pretty pointless.
(DIR) Post #APJVqIqg0928kMZxpo by ryo@social.076.ne.jp
2022-11-06T03:01:35.875498Z
0 likes, 0 repeats
@xianc78 @charliebrownau @thanius It's basically just WebFinger in the end, so yea, no problem at all.
(DIR) Post #APJWFUWpiFH2D9JAlU by charliebrownau@pieville.net
2022-11-06T03:06:10Z
1 likes, 0 repeats
@ryo Hey RyoIm doing a video stream with a few ppl soon talking about censorship and alt tech solutionsWanna be a part of it , if so email me at - charliebrownau@Protonmail.com
(DIR) Post #APJWP9l3n9ZMgjZUbQ by ryo@social.076.ne.jp
2022-11-06T03:07:52.577131Z
0 likes, 0 repeats
@charliebrownau Is it OK if I use a text 2 speech software for that?While I can read and write English fine, but speaking ability is pretty retarded.
(DIR) Post #APJWXbWeR7OZ7mrNtQ by charliebrownau@pieville.net
2022-11-06T03:09:26Z
1 likes, 0 repeats
@ryo Sure we will be using MumbleMumble has text2speech read out thinghttps://www.mumble.info/
(DIR) Post #APKF8LCySkr3DNz4S0 by Zerglingman@freespeechextremist.com
2022-11-06T11:29:06.860560Z
1 likes, 0 repeats
@ryo @thanius @charliebrownau Keep in mind that 2FA literally just means "you use two different things to prove your identity". This is meant to be "if you cannot do both, you are not approved", but in practice tends to mean "whatever is considered the 'secondary' can be used to reset the 'primary' in an insecure way, also it is fundamentally insecure" - but this is not an inherent aspect!
(DIR) Post #APKFH2EMOHEAxlmHwW by Zerglingman@freespeechextremist.com
2022-11-06T11:30:41.134659Z
1 likes, 0 repeats
@ryo @thanius @charliebrownau VPNs are not a solution for anything except running services in the VPN. It is only a matter of time before all commercial VPN services are forced to fork over user data or get their ass blackholed, and all private (ie. p2p-style) is held fully responsible for anyone exiting at their house.
(DIR) Post #APKFcBQ3QGYTXgKdgO by ryo@social.076.ne.jp
2022-11-06T11:34:27.462616Z
0 likes, 0 repeats
@Zerglingman @charliebrownau @thanius I'm not saying that VPNs are there to keep you safe, they're not.You can however use a VPN hosted in a different country, so for example if you want to block all traffic from IsraHell, they can simply pick a VPN hosted in Egypt, and by that bypass your blocking.And if you block Egypt too, they can just pick a VPN in Germany.
(DIR) Post #APKG6NNzUlDLLNlQMi by ryo@social.076.ne.jp
2022-11-06T11:39:55.004578Z
2 likes, 0 repeats
@corfiot @Zerglingman @charliebrownau @thanius I use the ANALogy of a lock on your frontdoor a lot.The lock on your frontdoor isn't there to keep the criminals out, it's there to keep law abiding citizens out.Criminals will just find ways around that door, like an open window for example.Or the armored frontdoor thing reminded me to a conversation about Minecraft and building an unbreakable door.How about the concrete wall surrounding that door though?NOOOO!! MOTHERFUCKER!!
(DIR) Post #APKHU8LLAvMXasPsv2 by thanius@social.linux.pizza
2022-11-06T11:55:23Z
1 likes, 0 repeats
@Corfiot @Zerglingman @charliebrownau @ryo@social.076.ne.jp Not quite, since 2FA requires a secondary device with the pairing. Unless perps managed to get the hold of said device as well as access to the mail, you're good.
(DIR) Post #APKIIwnbr5eMYjrwJM by thanius@social.linux.pizza
2022-11-06T12:04:36Z
2 likes, 0 repeats
@Corfiot @Zerglingman @charliebrownau But still, you wouldn't be able to access the service connected to 2FA even if you reset the password? You would be able to enter the new, stolen password but then be greeted with a factor pairing
(DIR) Post #APKKRHLzW9pEX73Eu0 by thanius@social.linux.pizza
2022-11-06T12:28:31Z
2 likes, 0 repeats
@Corfiot @Zerglingman @charliebrownau I can't speak for banks decisions but I guess they want to move from OTP devices because of they usually have their key embedded on them. Meaning, get hold of a device, hack it, grab the keys and you have access to all tokens. Not a very likely but could happen.Although moving from OTP to SMS would be an ever dumber idea because SMS isn't E2E encrypted, unless you send using RCS.I'm guessing for convenience they went SMS route, no need for smart device.
(DIR) Post #APKKrxE2SiF3vQ3F8i by Zerglingman@freespeechextremist.com
2022-11-06T12:33:22.975205Z
0 likes, 0 repeats
@corfiot @charliebrownau @thanius To be honest, my current understanding of webauthn is "sqrl is still better", but not to the point where I'd war against w3c over it. We've already got to make them back down on javashit tolerance.
(DIR) Post #APKMcFdMS5q4IDXGkK by thanius@social.linux.pizza
2022-11-06T12:52:23Z
2 likes, 0 repeats
@Corfiot @Zerglingman @charliebrownau You'd be surprised how often companies embed keys onto their devices, even in plain text. The whole reason PS3 got hacked was because Sony stored the same keys on PSP.I'm no infosec, but I do know there's no real shortcut to security and that physical devices that require human interaction upon validation is the best route to go.And that USB dongles are only secure when they go directly from issuer to user, not via postal services. ;)
(DIR) Post #APKMlVEjoJCfI4Qi3c by Zerglingman@freespeechextremist.com
2022-11-06T12:54:37.622556Z
3 likes, 0 repeats
@thanius @charliebrownau @corfiot >there's no real shortcut to securityThere is, it's public keys, unless you're nigger-brained and do things like putting the private key on the client.
(DIR) Post #APKNceB7IR8cN14qNE by Zerglingman@freespeechextremist.com
2022-11-06T13:04:13.895873Z
1 likes, 1 repeats
@corfiot @thanius @charliebrownau Yeah as I said, don't do niggerbrain things. Like gov is obviously doing dumb thing by issuing you a private key. They should be signing your public key, that's what that function is for. Obviously do appropriate proofing before signing, which is non-trivial, but once you have that trust every other problem just doesn't exist, because whatever it is you just go "lol throw a public key or two at it, and if that's not enough, slap DH on top".
(DIR) Post #APKNqzvdE5Zdsig2ng by Zerglingman@freespeechextremist.com
2022-11-06T13:06:49.509878Z
1 likes, 0 repeats
@thanius @charliebrownau @corfiot *Right, yeah, to clarify, I'm not accusing anyone here of doing niggerbrain things with private keys.
(DIR) Post #APKOC6VJyPJSMBR11c by Zerglingman@freespeechextremist.com
2022-11-06T13:10:38.372548Z
2 likes, 0 repeats
@corfiot @thanius @charliebrownau Man collapsing your country sounds like it's one post job ad away. Do your duty in ushering in the anarchy age.
(DIR) Post #APKOXprYWgSj7DCIC0 by Zerglingman@freespeechextremist.com
2022-11-06T13:14:34.023357Z
1 likes, 0 repeats
@corfiot @thanius @charliebrownau Nevermind, continue.
(DIR) Post #APKPcLzH872trOWgmO by thanius@social.linux.pizza
2022-11-06T13:26:32Z
2 likes, 0 repeats
@Corfiot @Zerglingman @charliebrownau Holy shit.
(DIR) Post #APKYECxxuxqQWFTVWy by xianc78@gameliberty.club
2022-11-06T15:03:02Z
1 likes, 0 repeats
@ryo @charliebrownau @thanius Someone already beat me to the punch at writing both a Golang and a C implementation. There is even a web-based client already.
(DIR) Post #APKyaOIP4ZAapvGyUS by charliebrownau@pieville.net
2022-11-06T19:58:23Z
1 likes, 0 repeats
@Zerglingman @Corfiot @thanius Without kikes and taxationWhites can reclaim our homeland
(DIR) Post #APLo7eqrdPqzOz0nD6 by charliebrownau@pieville.net
2022-11-07T05:35:52Z
1 likes, 0 repeats
@Corfiot @Zerglingman @thanius If Greece hasFeminismEqualityDiversityMulti racialismNo Fault DivorcePussy PassIslamChristianityCentral banksSustainablyWEFUNTrade pactsIts corrupt like the rest