• 0 Posts
  • 50 Comments
Joined 2 years ago
Cake day: June 30th, 2023
  • sloppy_diffuser@sh.itjust.workstoComic Strips@lemmy.worldMasculinityEnglish
    14·
    3 months ago

    If half your employees aren’t acting the way they do in private, they’re putting on a mask and not being their true selves

    But you’re making this point in defense of someone aligning themselves with a group who targets trans, women, and whoever else they can bully not like them for being their true selves… Do you not see the hypocrisy of such a point given the context of the quote?

  • sloppy_diffuser@sh.itjust.workstoAndroidApps@lemmy.mlI made a new app: Habit-maker: A reward-based habit tracker for android.English
    3·
    4 months ago

    Will check this out! Played around with it for a few minutes and a couple notes.

    I do prefer Loop / uhabit UX for recording habits. Only reasoning is it is less clicks to record my habits on the main view. I see the check on the right now. Not sure if I missed it or it came with an update but I’m satisfied with the number of clicks parity with Loop.

    Custom behaviors per habit I could see being useful and the possibility of milestone encouragements. Use case: Habit is tracking calories. I may want to do this until I hit a target weight. If I could set encouragements like every 30 day streak I can reward myself with a new outfit or something. The ability to set the streaks per habit and have it repeat by starting a new iteration upon completion would satisfy that. Not sure if encouragements are random or upon completion yet, so if its random, maybe an end of iteration reward to make this work.

    I see there is already issue for auto-backups, so +1 to that.

  • sloppy_diffuser@sh.itjust.workstoPrivacy@lemmy.mlGrapheneOSEnglish
    10·
    4 months ago

    1. Not sure on this one.

    2. The auditor is to make sure you are installing an authentic version of graphene. That it is not a modified version that has been tampered with (e.g., backdoors).

    3. Automatically enables MAC randomization. This can help with being tracked on public networks. Fingerprinting techniques have gotten better though with deep packet inspection and even measuring radio characteristics. I’ve seen demos of two brand new and identical models of iPhones being distinctly picked out due to variances in the radios during manufacturing.

    Doesn’t help with advertisers tracking behavior based on IP. VPNs help with “blending-in” by putting multiple users behind the same IP. Provider matters here. Needs to be a VPN provider that won’t just sell your data or cave to law enforcement. Mullvad is my preference. Paid with crypto. RAM only logs. That said, use Tor or I2P for anything you don’t want subpoenaed.

    For additional tips:

    • Can’t remember if its on by default, but auto-reboot to put data at rest (encrypted and not in RAM). This is for a state-actor threat level, and less about advertisers.
    • I prefer pin codes to unlock my device and don’t use biometrics. Graphene has a feature to randomize the pin pad every time to protect against a recording of the pin be entered. Specifically where the numbers aren’t picked up on the video but the pattern your hand makes can be seen. Again, more of a state-actor threat level.
  • sloppy_diffuser@sh.itjust.workstoProgrammer Humor@programming.devGitHub Desktop or Git CLI?English
    1·
    1 year ago

    I use LazyGit on the CLI for a “GUI-like” experience. I find it helps me make smaller more meaningful commits. If I’m working on a feature that enhances or fixes other modules in my repo to support, its trivial when done to make multiple clean commits out of the one feature that isolates the changes in functionality to individual commits instead of one medium commit.

    On a large enough repo (e.g., monorepo), its a pain to do using git commands.

  • sloppy_diffuser@sh.itjust.workstolinuxmemes@lemmy.worldAccurate?English
    251·
    1 year ago

    EOL support. I have a 11-12 year old System76 laptop. Works perfectly on the latest Ubuntu version.

    Their shitty walled garden for both software (iOS) and hardware (soldered components that don’t need to be).

    Overpriced.

    Fake sense of privacy.

    I used Mac OS 6.x through 10.4. When I was in college and couldn’t afford to replace my aging G4, I triple booted Fedora, Mac OS X, and Windows on a hackintosh where I gravitated towards mostly Linux and Windows for a couple games. Owned a couple iPhones but decided to role Android when the nexus 6 came out to save some money when I had my first child on the way and my current phone was dying.

    I don’t miss anything I left behind. Had a short stint at work during COVID where I was given a MacBook. While not horrible, I ran into enough nuances I was able to justify to my work using a Linux laptop instead. I just don’t find anything appealing to give them my business.

  • sloppy_diffuser@sh.itjust.workstoPrivacy@lemmy.mlPost-Quantum Resistant Google Photos alternative projectEnglish
    2·
    2 years ago

    A few notes as I’ve been doing some PQ research for my own projects:

    • NIST PQ encryption algorithms are typically for encrypting small amounts of data due to poor performance (like an AES symmetric key)
    • NIST PQ encryption algorithms use public key cryptography to securely exchange keys between two parties (usually to establish a AES symmetric key… aka Key Encapsulation Mechanism, or KEM, with a Key Derivation Function, or KDF, which frequently uses Hash-based Message Authentication Code, or HMAC)
    • Hybrid-PQ, as you mentioned, should be used since there are not years of testing on the new PQ algorithms
    • AES256 is PQ with good performance, but lacks a way to securely exchange the shared key, so typically public key cryptography is used to bootstrap

    With that said, I’d want to know where and how the encryption is going to be applied.

    An ideal solution for me:

    • Data is stored using AES on device and remote
    • I have soul access to the AES key (can be derived, see last note)
    • App generates and index of meta searchable fields and thumbnails also AES encrypted, but is decrypted when opening the app to make it usable.
    • I can choose my backup (checkout rclone)
    • All over the top features like OSM are done client side (or self-hosted backend)
    • PQ would really only come into play to seal the AES key on my device. Instead of unlocking my photos with my AES key directly, its sealed behind a passphrase, pin code, hardware token, or other type of key. Pretty much what LUKs and Bitwarden do. Option for multiple keys would be great. A new device might take a passphrase and hardware key, but then might be sealed by a pincode.

    I suppose you could use a PQ TLS, but if the payload is already AES encrypted, I see little value. You could use PQ to sign each object I suppose in case your AES key is broken, but that would mostly detect tampering of the data.

  • sloppy_diffuser@sh.itjust.workstoPrivacy@lemmy.mlTired of lately getting blocked to create accounts without a phone numberEnglish
    3·
    2 years ago

    Been using jmp.chat. I didn’t have to give any personal info. It uses XMMP/Jabber to handle text/calls instead of wrapping your existing number. Their in-house client is pretty nice as it integrates with the dialer.

    They straight up tell you its not private. That’s not what I use it for. I use it to make my online activity less linkable when companies try to KYC me by requiring a TN.

    https://jmp.chat/privacy

    The phone network itself does not encrypt metadata or content.  Therefore, if your concern is a state-level actor, exploit of a service provider, or rogue employee, you should consider all the metadata and content of your phone calls and text and picture messages to be not private.

  • sloppy_diffuser@sh.itjust.workstoAsklemmy@lemmy.mlSerious, how do we stop these massacres?English
    3·
    2 years ago

    Do what you can to challenge fear, anger, and hate (a.k.a. critical thinking).

    They are the tools of the power hungry and wealth hoarders. Rage bait news articles, religious extremism, labeling the “others” (race, religion, sex, national origin, etc.) are how those tools are applied. They are applied to get voters to vote against their own self-interest or even conduct extreme acts like suicide bombings.

    Feels grim stated like that as the hate machines and their incentives are already in place and controlled by the worst of us.

    Using these tools is also an easy trap to fall into unknowingly. I’m passionate about privacy enabling technologies. I’ve slipped into fear mongering when on my soap box without realizing it until later upon reflection.