New to Lemmy. A privacy advocate. Interested in number theory.

  • 0 Posts
  • 22 Comments
Joined 1 year ago
cake
Cake day: July 17th, 2023

help-circle



  • Thunderbird doesn’t passphrase-protect your PGP key. Though you can set a general password… For something less important, its OpenPGP may be convenient, given that if you send/receive email normally, there is metadata problem anyway. But if you need to play it safe, you may want to use gpg offline and paste ascii.

    Increasingly more and more “phoning home” is not exactly comfortable, either: thunderbird-settings.thunderbird(.)net location.services.mozilla(.)com addons.thunderbird(.)net versioncheck.addons.thunderbird(.)net services.addons.thunderbird(.)net, etc. Perhaps people today, both users and developers, feel something like this is normal, because things were already more or less like this when they were born.

    Re: Micro$oft - It might be that after raped by Google, the society has been desensitized and stopped feeling anything about “minor details.” Why worrying now? You use a Windows 10 passport account (what is it called?) just to log on to “your own” computer and also a Gmail account anyway, right? So bad news is, your privacy is almost zero already.




  • Originally Bitcoin had nothing to do with “get rich quick”. It felt vaguely like Freenet. It was experimental, philosophical, mathematical, cypherpunk… Almost no one had imagined that investors were going to be interested in it and something like that fad would happen.

    Unfortunately it’s not easy to get Monero. In several countries, CEXes don’t support it (delisted). Besides, getting Monero from CEX is not ideal privacy-wise. So, a typical Monero user gets it no-KYC, without using CEX. Which is legal, but rather complicated. That’s why I wouldn’t recommend Monero to regular people.

    As you said, Monero is such a great way for payment in a practical sense. Very low fees (~1 cent, no matter how much you send), private (only you can authorize transaction, no need to get a permission from someone else). The community is relatively small (monero.town on Lemmy), but generally nice and cozy. We seldom, if ever, talk about investment… It’s so different from what people think when they hear “crypto”. It’s understandable that some people assume it’s just one of those alt sh*tcoins.


  • That should be easy if you do some script-fu, etc. Perhaps not so easy on Windows, though.

    I understand that you may feel depressed, or even annoyed, for example when told, “Solving the problem foo is trivial if you use bar” when bar is not trivial nor realistic for you (or so you believe). For example, 2149−1 is easy to factor if you use elliptic curves, but studying elliptic curves may feel daunting (though it’s not so hard as you might think).

    I do understand how you may feel in such a situation. I may be sometimes in a similar situation too.

    Obviously, though, not trying to read about the solution bar wouldn’t solve the original problem foo. Not learning ECM doesn’t enable you to factor 2149−1 for example. Not trying to listen to about the L-word wouldn’t fix the annoyance of Windows. Annoyance itself may be harmless but everyone knows Windows is privacy-invasive and vulnerable to malware, viruses, keyloggers, etc. So staying too long there, refusing to learn some solution, something really bad might happen to you eventually. Honestly, something like that did happen to ourselves recently. Our community lost a lot of money, apparently stolen by attacker(s)—exactly what happened is still unknown, but the victimized wallet was on Ubuntu connected to Windows 10 via SSH.

    You don’t need to ditch Windows. I respect your freedom to use non-free software. In fact, many L-word systems do include non-free blobs too!

    That being said, may I suggest that you try different OS(es) just for 10 minutes, booted from a USB stick, when you have time, to see what it’s like. You might be surprised because it just works, actually more intuitive, you can use it easily, not to mention you’re not forced to see ads. Or no invasive telemetry. Feel free to ignore this suggestion if you really love Windows, thinking it’s the best OS ever. I respect freedom of thought!



  • If what you’re talking about is something OS-level, chances are that you can trivially do the same thing. But if it’s application-level (a tool for Windows): while there’s a way to run a Windows application, apparently it’s not always perfect. If you really need to use a program that only runs on Windows, that’s a valid reason for you to keep using Windows. I hope you can find a libre alternative. You’re free to code your own tool (which behaves exactly the way you like), but admittedly that option is not always realistic.

    Nevertheless, at least when doing something generic like browsing web pages or writing email, you don’t need to do that on a privacy-invasive OS. If more and more users start noticing that, Micro$soft might realize that annoying paying customers is a bad idea in the long run.

    It’s preposterous to pay (buy an expensive license) to be abused!


  • Excuse me, do you have a moment to talk about GNU/Linux? 🙃

    When I got my senior mom a computer she had never used Windows. Instead of having her learn that I installed Debian with Xfce and Firefox. Now that’s all she knows, I laugh at people who tell me Linux is too hard when my mom without any tech knowledge uses it as her daily computer. If I had to switch her to Windows or a Chrome browser she’ll make a fuss about it.

    How about a live OS as a free trial? Not only free as in free beer, but free as in freedom, and always will be free. You own your OS, not vice versa.

    Become a Linux user today, while keeping your precious Windows 11 or whatever. I raise you Tails if you do this at all.

    • Get an unused USB stick, download Tails and make a bootable USB. Typically this will take less than an hour.
    • Restart and boot your computer into Tails.
    • Congratulations! You’re a Debian user now, even on Tor. Meaning your real IP is hidden. Privacy strikes back!
    • Start Tor Browser and enjoy Lemmy. Libre world is usually Tor-friendly (though lemmy.world may be behind CF).

    I’m not saying you should ditch Windows today, but you might want to do some experiments? There are other OSes too, if you think yours is (becoming more and more) annoying!

    [PS: lemmy.world is indeed behind Cloudflare (CF). You may not be able to use it directly via Tor. I’m okay because writing/reading this from a different, privacy-friendly instance. Though CF is MitM, some people believe it’s necessary. Be careful, though: everything you send, including your password, may be visible to this MitM as plaintext.]


  • The linked article is inaccurate and misleading. Your wild guess is based on that.

    Currently the best blockchain analytics publicly available about the incident is this by Moonstone, and even though it seems that the victim shared the secret key with them, nothing much is known due to the nature of the privacy coin. No way other analytics providers could tell more.

    Check the original source and some of the comments there before making an irresponsible accusation like the attackers must be North Korean (or Russian, Muslim, Romany, …). A knee-jerk suggestion like that does not only promote unfair racism/stereotypes, but it helps cover up the real mastermind. Although, it’s not your fault that the article is misleading, and we can’t rule out any possibility including what you suggested. The real problem here is this confusing, poorly-written article…




  • Exactly, except not “the entire”, but “almost entire”?

    Monero has been largely detached from CEXes, no companies, no middle men… Many users still have that idealism, a cypherpunk philosophy, that which Bitcoin tried to achieve originally. It’s community-based and crowd-funded… Some of that fund was stolen, so we’ve got to admit that the Monero community was not so smart after all… Yeah, a bit embarrassing tbh. To err is human, I guess.

    For example, we do have a zero-fee donation site kuno.anne.media and recently help some girl buy a laptop or doing things like that. Some of Monero users are idealists by nature, maybe silly dreamers or naive philosophers, but definitely not greedy HODLERs. Weird people, either way, haha 😅


  • I think I know what you’re trying to say, and that’s actually a difficult point. Privacy is double-edged.

    By that logic, you’d have to support chat control, e2e backdoor, eIDAS 45, etc. and ban Tor, Tails, VPN, BitTorrent, or encrypted communication in general because sometimes criminals can (and do) abuse such technology too. While such logic is understandable, I’m a privacy advocate and can’t agree with that. Most libre people, EFF, FSF, etc. have been fighting against that very logic for more than 20 years. I’m one of them.


  • The linked article (and so AutoTL;DR) is not very accurate. If you’re interested in this incident, read the original post, which is short and compact. General media articles are only quoting or re-quoting this thread, typically with some misunderstanding.

    Specifically (about this post): Among other things, multisig is only suggested; nothing has been decided yet.

    Generally (in many similar articles): Probably a specific local machine was hacked, though no one really knows yet what happened. It’s unlikely that the Monero network itself was hacked.

    Since I’m a Monero supporter, obviously I tend to say good things about it, but frankly, the ironical fact here is, Monero is so privacy-focused that when something like this happens, it’s difficult to identify the attacker—i.e. by design Monero also protects the identity of the attacker. Some Monero users are having this weird, paradoxical feeling: it would be nice if we could catch this evil attacker, but being able to catch the attacker would be in a way very bad news for Monero (if you know what I mean) 😕