Show more

There are certainly clear negative examples of this: in Cambodia in the 70s, the dictator Lon Nol was widely hated, and stayed in power due to backing. People were so desperate to get rid of Lon Nol, that a wide variety of people backed the Khmer Rouge in what seemed the only way to get rid of him. That finally worked for getting rid of Lon Nol. Sadly, the Khmer Rouge ended up being even worse, leading a massive genocide against its own people. 2/

Show thread

The idea of limiting population growth has been popular among all sorts of racists and eugenicists for a long time, and that has discredited the idea. Economics shows that shrinking populations empower workers, and socialists aim to empower all workers. I think about this example a lot as an exercise of potential coalition building. Can people with diametrically opposed beliefs agree on a goal and actually deliver it in a way that all are satisfied? Can this actually lead to effective policy? 1/

gets deserved attention for its policies over the last century. One of the least know is tightly regulating the tearing down of buildings, making it one of the oldest housing stocks in Europe. When a building is torn down to build a new one, then there is still just one building. If old ones are kept, then a new building means increased housing supply. Developers like tearing down since they can make massive profits in proven neighborhoods. wien.orf.at/stories/3203136/

Polish military is apparently going to use an internal IM built around @matrix
milmag.pl/nowy-komunikator-woj

(PL link, but auto-translation should do pretty well)

h/t to @lukasz for the tip!

#Matrix #InfoSec

The key thing to remember is that luck plays a role in not being discovered, in a way that it does not with proper security measures. In my example, the hunters could have gotten lucky if they just happened to think to open the right door nearby and look at the servers there.

Show thread

Given that physical access to computers is a lot harder to defend against than internet access, my one hour of time vs the time they spent was quite a good payoff.

Show thread

I learned this lesson by operating a hidden server on a university network in a room next to a lab funded by three letter agencies, it was actually a feeder program, the grad students mostly went to work for those agencies. They had seen that my non-university domain name was mapped to a university IP address. They emailed me while I was on vacation, saying they were hunting for it. Two weeks later, I got back, and they still hadn't found it. They never did. That setup took me an hour.

Show thread

I totally agree that Through Obscurity does not work, I think the key word that often gets lost is "through". Make systems as secure as you can, don't rely on them being hidden. Obscurity can actually add quite a bit. Compare a build server reachable on a public domain name to one only reachable on a tor onion service. Finding the tor onion service could take the determined attacker quite a lot of time. The key measure is time to attack vs time spent setting up defenses. 1/

Reading the section in the book about makes me think how so much digital media is a form of of our personal relationships, education, and even thought processes. It is driven by companies with the mentality of extracting profit from mining resources, in this case, the resources our human relationships and education.

#WireGuard becomes the first VPN app on #FDroid to be built reproducibly! This means that WireGuard on F-Droid is now guaranteed to be 100% (bit-by-bit) equal to the WireGuard the developer builds.

If you're using WireGuard from F-Droid, please export your tunnels and re-install to switch to the developer's signature and continue receiving updates.

More details in the official WireGuard announcement: lists.zx2c4.com/pipermail/wire

New to reproducible builds? Check out f-droid.org/en/2023/01/15/towa

I wonder if and its kindred projects will just kind of slowly consume themselves via a downward spiral of driving down the level of public, online content via computer generated spam and . They are trained on these public datasets, for example. For example, vice.com/en/article/jg5qy8/red

Side note: I am wondering how best to highlight this as a clear example of anti-competitive behavior on part of Google.

Our Yunohost hosts e-mail, #Nextcloud, other services that can be seen as "competing" (not in scale, but in function) with some Google services.

Google flagging @Yunohost login pages as "deceptive" makes it considerably harder to self-host.

And it doesn't matter if it is on purpose or accidental. Google has the resources to not make such "mistakes".

Show thread

So many projects get caught in this trap of adding ever more as users request more features. When starting out, new software needs to directly solve a problem better than others, then people adopt it. As more people adopt it, they demand more features. Incrementally adding more features works for the existing user base, but makes it harder and harder for newcomers to jump in. Then new software does a key thing better, and the complex old one collapses under its own weight.

's article on exploiting is a nice example to work through to understand how an advanced works
arstechnica.com/information-te

Does anyone have any examples of advanced that were not targeted? I guess the and maybe are examples. I'd love to see a story about a recent exploit like this (those two examples don't really work when HTTPS is used).

Report on devastating working conditions at dpd Austria. Up to 17-hour days and 350 deliveries per day, €6 hourly wage, no breaks, and subcontractors, of course. And while dpd tracks every move via its 'Predict' system, it claims to have no idea [German]:
derstandard.at/story/200014521

In 2020, the Austrian police raided the Amazon fulfillment center near Vienna and found that almost all of Amazon's delivery subcontractors violated employment/tax laws. But nothing happened to Amazon itself, and I'm afraid nothing has changed.

---
RT @WolfieChristl
In early 2020, the Austrian financial police raided Amazon's distribution center near Vienna.

Turns out they found 130 out of 133 subcontracting delivery companies, most…
twitter.com/WolfieChristl/stat

Show thread
Show more
image/svg+xml Librem Chat image/svg+xml