[-] ranok@sopuli.xyz 19 points 2 months ago

I find these types of PRs pretty much pure hype when they are expecting to start delivering end of 2026. I get sick and tired of these pre orders for things that will likely never show up as if this company has done some amazing engineering and brought it to market.

6
submitted 9 months ago by ranok@sopuli.xyz to c/security@lemmy.ml
123
submitted 11 months ago by ranok@sopuli.xyz to c/running@lemmy.world

Fifth time is the charm for me, but finally got a buckle at Devil Dog this weekend. Feeling pretty sore and limping around today, but overall very pleased that I managed to avoid another DNF!

2
submitted 11 months ago by ranok@sopuli.xyz to c/security@lemmy.ml
[-] ranok@sopuli.xyz 24 points 1 year ago

Pretty niche, but a citrus squeezer. I cook a lot of Asian food and it's much better to put half a lime in the squeezer at a time than try and hand squeeze the juice out.

[-] ranok@sopuli.xyz 9 points 1 year ago

Supernote is the alternative I went with. They have a pretty responsive dev team and the cloud integration is optional, you can push stuff over the local WiFi network.

[-] ranok@sopuli.xyz 8 points 1 year ago

I work mostly from home, so no commute. I do pay for 2 days/wk at the co-working space either 7 or 30mi away (so 15-35min). I have an electric scooter that goes 65mph and an incredible view on my commute (see attached from Tuesday's drive), so I enjoy it and the chance to be social with the people at the cowork space.

82
submitted 1 year ago by ranok@sopuli.xyz to c/196
1
submitted 1 year ago by ranok@sopuli.xyz to c/research@infosec.pub
[-] ranok@sopuli.xyz 4 points 1 year ago

I'm surprised not to see https://cryptpad.fr/ here, a FOSS, self-hostable E2EE web based office suite. Not as feature rich as GDocs but offers the basics in a more secure manner.

[-] ranok@sopuli.xyz 6 points 1 year ago

He has been stepping back from Signal over time.

[-] ranok@sopuli.xyz 3 points 1 year ago

I installed INCH on all my browsers, it's obviously not 100% accurate, but it is nice to get a visual cue that the article you're reading may very well be AI generated.

[-] ranok@sopuli.xyz 10 points 1 year ago

While Chromium itself is a very solid platform, and correspondingly Chrome is a hard exploitation target, it's quite easy to screw up a fork of it. Comodo Secure Browser was a chromium fork that was fixed to an old version of the renderer with known security issues and was built to disable the sandbox. It also added libraries that were compiled without ASLR that worsened security for every application that loaded them.

Chrome has an enormous security team behind it in addition to P0, so bounties on Chrome exploits are around $500k. FF bounties are a fifth of that, which is probably a portion of less security, and a portion of lower target market. Brave could be doing terrible things that without an audit would be unknown. Web3 code is pretty terrible on the whole, so adding that to a secure base may not be great...

[-] ranok@sopuli.xyz 4 points 1 year ago

I pay for Kagi.com for search, I use NextDNS over my personal Tailscale network that blocks all the commercial social networking sites and their CDNs, as well as a ton of ad networks. I use uBlock Origin in firefox to further remove content that may be served 1st party. Opted out of as many analytics services as I can and frozen my credit with all four US credit agencies. I alternate between using a VPS as a Tailscale exit node, or ProtonVPN for country-specific location egress.

[-] ranok@sopuli.xyz 3 points 1 year ago

I think it comes down to the threat model that you implicitly or explicitly operate under. Most people don't think about it, and so they equate "more" with better, and VPNs are easily marketed as more, turn it on and rather what whatismyip.com showing a map near your house, now you're magically somewhere else!

If you are paranoid about everything, then again there is the "defense in depth" mindset, which in theory couldn't hurt. That said, having a clear mental model for what you are aiming to be protected from is the best way to find a suitable suite of protections. To agree with a number of others in this thread, ad-blockers (I recommend NextDNS personally) are a great step to stop organizations with a financial incentive to learn all they can about you to sell you stuff, or sell your data. There have been large US ISPs that have experimented with injecting ads or other content either into default DNS responses (e.g., if you mistype something in the search bar it will bring you the ISP's terribad search portal), or even HTTP responses. If you are stuck with one of those ISPs (I'm sorry, and the US monopolies on ISPs are terrible), then a VPN will help you against your threat (the ISP).

If you are an EU resident, and protected by GDPR (or some of the US states that are enacting similar protections), then moving to a more centralized service can be a good thing, since you have a single place to request data deletion, etc., whereas for a non-EU resident, "smearing" your data over multiple non-coordinating entities is a good move to limit the view of you from any single organization.

If you are worried about government surveillance, you have bigger issues. Most people who want to think they are uber valuable to the government are not, and act in counter-productive ways, but co-mingling their data with that of actual baddies, so it all gets revealed in a warrant search. The Lavabit hosting service was used by extreme privacy wonks, and some actual criminals, and when the government went after Snowden, they got all of Lavabit's data, so being on that platform may have been counter-productive for people hiding from the G-men. The OPSEC needed for countering government-level is beyond what you'll learn on a public post, and must be incredibly well-curated and maintained; it will cost you, but if someone will outspend you to get you, then it's table stakes.

[-] ranok@sopuli.xyz 3 points 1 year ago

I have a ReoLink camera that streams to my Synology NAS that's joined to my Tailscale network that I can access from anywhere!

1
Welcome! (sopuli.xyz)

Created this community for fellow hams or those interested. Don't have to be licensed to join, but please keep the discussion and posts related to radio and radio-related activities (SOTA, POTA, etc.).

73 de KB1OTE

[-] ranok@sopuli.xyz 3 points 1 year ago

ZipPy is much less robust to defeat attempts than larger model-based detectors. Earlier I asked ChatGPT to write in the voice of a highschool student and it fooled the detectors. The web-UI let's you add LLM-generated text in the style that you're looking at to improve the accuracy of those types of content.

I don't think we'll ever be able to detect it reliably enough to fail students, if they co-write with a LLM.

20
submitted 1 year ago by ranok@sopuli.xyz to c/technology@beehaw.org

I made this and thought you all might enjoy it, happy hacking!

view more: next ›

ranok

joined 1 year ago
MODERATOR OF