yeah, that’s why i am happy to avoid the us when travelling, mainly because of reports that electeonics are bricked regulary by them, but this discussion is more about theft. like “never allow hand luggage to be checked, better miss the flight instead”:
it’s not always about travellers that could lay hands on your stuff, maybe staff “needs” a living wage too ;-)
i once had to look at a firefall appliance cluster, (discovered, it could not do any failover in its current state but somehow the decider was ok with that) but when looking at its logs, i discovered an rsh and rcp access from an ip address that belonged to a military organisation from a different continent. i had to make it a security incident. later the vendor said that this was only the cluster internal routing (over the dedicated crosslink), used for synchronisation (the thing that did not work) and was only used by a separate routing table only for clustersync and that could never be used for real traffic. but why not simply use an ip that you “own” by yourself and PTR it with a hint about what this ip is used for? instead of customers scratching their head why military still uses rcp and rsh. i guess because no company reads firewall logs anyway XD
someone elses ip? yes! becuase they’ll never find out !!1!
i really appreciate that ipv6 has things like a dedicated documentation address range and that fc00:/7 is nicely short.
ipv6 in companies… ipv6 is not hard, but for internal networking no company (really) “needs” more than rfc1918 address space. thus any decision in that direction is always “less” needed than any bonus for (da)magement personnel is crucial for the whole companies survival…
for companies services to be reachable from outside/ipv6 mostly “only” the loadbalancers/revproxies etc need to be ipv6 ready but … this i.e. also produces logs that possibly break decades old regexes that no one understands any more (as the good engineers left due to too many boni payed to damagement personnel) while other access/deny rules that could break or worse let through where they should block (remember that 192.168. could the local part of ipv6 IF sone genious used a matching mech that treats the dot “.” as a wildcard as overpayed damagement personnel made them rush too fast), could be hidden “somewhere”. altogether technical debt is a huge blocker for everything, especially company growth, and if no customer “demands” ipv6, then it stays on the damagement personnels list as “fulfilling the whishes of engineers to keep them happy” instead of on the always deleted “cleaning up technical debt caused by damagement personnel” list.
setting up firewalls for ipv6 is quite easy and if you go the finegrained “whitelisted or drop/block” approach from the beginning it might take a bit for ipv6 specials to be known to you, but the much bigger thing is IMHO the then current state of firewall rules. and who knows every existing rule? what rules should be removed already and must not be ported to ipv6? usually firewalls and their rules are a big mess due to … again too many boni payed to damagement personnel, hindering the company from the needed steps forward…
ipv6 adoption is slow for reasons that are driving huge cars that in turn speed up other problems ;-|
maybe start with an adjustable setup:
(if you want, ask for config snippets)
btw i prefer to wait for ipv8😁 before “demanding” ipv6 from services i use 🤣
a public room is public. anyone could and should be able to enter it at any moment start recording and uploading everything to $terrorist@/or$three-letter-agency or such. The idea that someone else could also get the same already public data later is not threatening, as that data is already considered public as in “everyone in the world could have it a second after the data came into existance”. and also as removing from the public is not considered possible, uploading that already intentionally published data again does not pose a greater threat than its first publication, but uses just a bit of bandwidth, not more. if you are very sensitive about visibility of who you talk with, maybe don’t enter “public” rooms in the first place.
if you join a private room, you already want to share with the other participants that you are f***ing talking to them, including when and who you exactly encrypted the data for, when, and to which servers they have to be forwarded. i expect the server of all participants to forward messages to the recipients. for this the server needs to know this type of information. Of course awareness, which data is used to make i.e. routing decisions is a good thing, but a “nightmare” would be teams zoom icq, whatsapp and similar. i am sure that messengers exist that could be less traceable for participants, but full anonymity to who you are communicating with so that even the servers know nothing about what happens in a room is imho not even a goal of matrix for the future.
Not a “nightmare”, but what a nightmare it must be to find out that a system that looked so promising did not fulfill “every” dreamexpectation one had with options that are even the opposite of ones dreamexpectation like “public rooms”. that are meant to be public! how horrible!!!(lol)
by the way -as it seems possibly noteworthy here - if you exchange emails with someones @gmail address, then google has all of your mail histories metadata, as well as the server of your provider has. just to mention, do not send emails to @gmail.com if you dislike google knowing about it. and if you share a document with edit history, then the edit history is likely also shared ;-) As “rooms” in matrix are meant to have a state that changes from the beginning sometimes possibly with every message and one can answer to a message which would reveal the existance of that message later when answered on, including at least a hint of what it was about, such information is imho meant to to be rather complete than hidden. maybe 1:1 chat solves this issue for you, as every chat with a new other person would start empty.
i might be wrong, but matrix already is one of the most robust systems when it comes to “compromised servers”. so very far away from a nightmare. that is unless you are either a true criminal bastard or a true world saving hero, then every leaked byte might be the deadly one, that is true.
So in case you are a true world saving hero: Maybe use a self build raspberry pi mesh proxy chain mounted on rooftops delivered by drones at night to proxy the signal of an in-memory-only-tasks-raspi to a free wifi, where the raspi that has its orders is using battery (like the rooftop proxy chain) but is hidden in a public transport to reach the proxy mesh by the transportations timetable. just to give a paranoic one some ideas and some work to do ;-) If you’ve build everything, then upload the code to github and designs to thingiverse so that “anyone” could have placed the proxy mesh to a free wifi on the rooftops, so you be more secure from beeing suspected ;-) lol btw a mesh system to accomplish this already exists, i think they named it b.a.t.m.a.n. (no joke) protocol, so the main struggle should be handling of solar power vs wifi signal strength, distances, humidity and windproof mount design beeing able to be deployed by manually controlled quadrocopters. good luck!
its amazing how good services can be if some just skip the corporation-obligatory adding of enshittification. i remember an article about a downloadable (but not very legal) DVD with an installer for a (worthless but very popular) OS that included heaps of expensive industry software and the installer was point-klick what you want and then all is done in background and fully usable once done. reading that article it seemed to be a better installer than ever produced by any company for any product.
however as that payed streaming service seemingly leaves huge amount of bank records and ran for such a long time, i guess it would have been easy to stop their customers from paying them. it rather might seem that the real intentions of content corporations might not truely be what they officially claim. maybe we learn in 25 years that the content corporations really were behind such services, maybe like “better get money from ALL markets!” or such.
the “news” i “know” about india is little, some historical “facts” written mostly by uncivilized brutish invaders compacted to youtube videos by part or fulltime streamers. Some other “facts” which sound often bad i sometims mostly have from official media known to promote any “nice” propaganda - that is, depicting other countries worse than the own one so that people do not hunt their own gov with garden forks just to stop the crimes. Well i really “know” nothing about India.
But beeing proud of culture usually is a good thing, but that is only if it is culture and as such does not(!) base on abuse or similar.
Maybe what you experience could be a crowd effect that protects the people from seeing what they (group, society) do wrong while at the same time it protects the worst wrongdoers from punishment or at least from getting stopped. Such as it could be a self-sustaining downwards spiral taking more and more and everything down with it slowly increaaing pace. At least what you wrote sounded a slight bit chilling like that.
It could be hormones and how culture tells you to act or not act on them, or a lack of culture about such, maybe a combination of culture to “support your group” while that support does not always protect integrity of the overall concept of what that culture was meant for. A group of people cheering to each other how good they are might not want to stop cheering for “minor reasons” because it just feels good. While doing wrong things they could “help” each other (which is supposedly a good thing but can do lot of harm too) with arguments that this wrongdoing would be ok or even "good’ in this specific moment because of <insert_bullshit_here>. alltogether spiralling downwards doing so more often every day. So all of them can go on wrongdoing while feeling well supported or even falsely feel superior in general.
however a figure (real/not real?) well known in india once said something like “it is better to calm down and just do your thing than to overreact”. (this is the shortes version i’ve ever tried to compact it to but maybe you get the idea anyway).
I know for a fact that this is not true,
i don’t know the underlying things that make it a fact, plz share.
great, thanks. i’ll try it out as i have some spare resources on my server.
🤔 maybe there is a lack of distributed fediversed search engine instances where:
then: “for software development i use linuz personal ‘devel’ collection, this way i don’t have to manually click through big G’s gigabytes of SpaMalAds they always only frustrate you with and i am not distracted with dyo stuff when searching for server administration things like ‘puppet stages howto’. for my home projects i use my friends ‘home of DYO’ collection, i get more results than i need but get new ideas as well without seeing work stuff when looking up how to build a puppet stage for my little one. 👨👧 for kids its awesome, our school provides a collection including specialized search instances that fit learning, while that collection is also peer reviewed by a company that spezialized to ensure it does to not contain search engine instances that also index any unfitting content pages.”
oh btw: no i do not have any info about duckduckgo status unfortunately, i stepped over it by myself today 🤷♀️
that a moderately clever human can talk them into doing pretty much anything.
besides that LLMs are good enough to let moderately clever humans believe that they actually got an answer that was more than guessing and probabilities based on millions of trolls messages, advertising lies, fantasy books, scammer webpages, fake news, astroturfing, propaganda of the past centuries including the current made up narratives and a quite long prompt invisible to that human.
cheerio!
if your wife wasn’t vi-impressed, maybe she already is vi-improved ;-)
I see only one reason, why i would want to be early at the seat. its bcs if i am not, my backpack might be placed above but multiple seats away by the crew, where it is then uneasy for me to have an eye on it whilst easy for theives to take and open them, especially on long flights there would be plenty of opportunity like when everyone is sleeping.
but for this case i use locks on the backpack anyway, so that anyone who wants to open it, either opens it where nothing of value is in it thus no lock, or at least has a much harder time than when trying the very same with other bags…
also on longer flights i usually did not have that problem, but that could also have been just luck
that could come in veery handy once microsoft wants to pull some plugs. i guess we can be grateful for the backup that is 1. not 100% in m$ hands any more then and 2nd cannot be as easy destroyed as some backups at archive.org. i actually hoped for someone with enough money to create this type of security after m$ assimilated github and thought like “does nobody see the rising danger there?” but even if china’s great fork might be more reliable than m$ over time, maybe it’s better to have your own backups of all the things you actually may need in future.
btw did microsoft manage to get rid of the hackers that settled into their network for … how long??
i guess they’ll tell