Cyber Activism

cross-posted from: https://sopuli.xyz/post/12515826

I’m looking for an email service that issues email addresses with an onion variant. E.g. so users can send a message with headers like this:

From: replyIfYouCan@hi3ftg6fgasaquw6c3itzif4lc2upj5fanccoctd5p7xrgrsq7wjnoqd.onion  
To: someoneElse@clearnet_addy.com

I wonder if any servers in the onionmail.info pool of providers can do this. Many of them have VMAT, which converts onion email addresses to clearnet addresses (not what I want). The docs are vague. They say how to enable VMAT (which is enabled by default anyway), and neglect to mention how to disable VMAT. Is it even possible to disable VMAT? Or is there a server which does not implement VMAT, which would send msgs to clearnet users that have onion FROM addresses?

89,004 local governments existed in the United States in 2012. By extension, there are a shit-ton of public sector websites including schools and libraries. So why can’t there be a public-funded search engine just for indexing all the public service websites?

Citizens who need to access a public service should not have to visit some shitty Google-like search engine by a surveillance advertiser to find a public resource. Google and Microsoft should not be gateways to public access. They can offer their shitty service for private sector searches but governments should have sovereignty from that. If I have to ask tech giants what is the URL for my secretary of state, it’s a fucked up dependency.

It also shouldn’t just be a search engine. There should also be a hierarchical structured directory. A public service directory plus search engine would be inherently ad-free and tracker free, federally funded.

Progress needed.

The state of medical privacy has become quite appalling lately. I started using a young doctor in a new office and they are gung ho on modern tech. That’s fine to some extent but they want to send me invoices and all correspondence via e-mail. No PGP of course. I did an MX lookup on their vanity email address & it resolves to an MS Outlook server.

I asked them for my test results. They offered to email them.

My response: I do not want sensitive medical info coming by e-mail via Microsoft’s servers. I did not give you a copy of my email address for that reason. It needs to be snail-mailed to me.

Perhaps of greater concern is that the receptionist acted like I am making a unusual request, and that they do not mail things. Apparently I am the only patient who has a problem with sensitive medical info going to Microsoft. So the receptionist is investigating whether she can get approval to mail me my results by post.

I wonder if someone in that clinic will have to run out and buy stamps because I have a problem with Microsoft.

cross-posted from: https://links.hackliberty.org/post/984895

Microsoft finances #AnyVision to produce facial recognition technology that the Israeli military uses against the Palestinian people.

So if you oppose Israel’s brutality then #Microsoft should be on your boycott list.

If you are undecided, these stories might help with your decision:

• snipers target a red-cross medic for execution (2018) → https://edition.cnn.com/2018/06/03/middleeast/razan-al-najjar-gaza-nurse-killed/index.html
• Hind Rajab (6 year old; 2024) → https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/world/2024/feb/10/im-so-scared-please-come-hind-rajab-six-found-dead-in-gaza-12-days-after-cry-for-help

For Hind Rajab, my boycott is on until I die.

cross-posted from: https://sopuli.xyz/post/5730013

Before sharing a link I would like to determine whether the website excludes people from access, and who is excluded. I can test for myself whether the Tor community is excluded, but what about:

• VPNs
• i2p
• public libraries
• #cgNAT issued IP addresses
• various regions
• particular browsers (e.g. lynx, w3m)

for example? I cannot check all those means of access. If a website is implementing some form of digital exclusion, I would like to ensure that I am not helping the exclusive website gain visitors.

#askFedi #netneutrality

1. Free-world compatible bug tracker:

   (problem) You intend to report a bug, but the project officially uses an exceptionally controversial bug tracker (e.g. Gitlab.com or MS Github).

   (solution) Users report the bug wherever they want (forum, mailing list, Mastodon, usenet), then a reference to the ad-hoc bug report is indexed somewhere so users can browse all existing reports for a particular project. A similar idea is proposed here: https://pleroma.libretux.com/objects/c2e53ffd-212b-42c7-92cf-2ab7422e0372

2. Censorship Whistleblower:

   Maintains local copy of posts to Reddit & Lemmy. Periodically checks public (cookieless) view of those articles. Logs & alerts on shadowban/censorship/moderator actions.

   Perhaps collaborate on metrics to expose patterns of censorship. Perhaps automatically post copies of censored material in a out-of-band place that has different people in power.

3. Citation Scrubber/Optimizer for essays:

   1. Accepts text-based file or a link to an already published doc, parses out all URLs and checks for:

      • Tor hostility (403, CloudFlare, Impurva, tar-pitting)
      • assets of tech giants (CloudFlare, Amazon AWS, Google Cloud, MS Azure, etc)
      • JavaScript that fails LibreJS
      • dead links

   2. Creates report showing:

      • any offending discoveries from the above checks
      • most recent mirror link found in wayback machine (regardless of article quality/ethics, in case the article later disappears)
      • alternate links to nefarious/harmful links

   3. Produces new markdown version (if the input was in markdown), which automatically applies the suggested changes. Perhaps give an option to retain the bad links but annotate warnings.

4. Surfraw Expansion:

   CLI search tool with results imported to a local db for filtering and analysis before using. E.g. CloudFlare results could be given a reduced ranking.

5. Mastodon pro-netneutrality client:

   • When posting: checks your link to see if the document has access restrictions (e.g. paywall, blocks tor, CloudFlare). If yes, it edits your toot with an archive.org version of the link and keeps you in the editor.

   • When reading: posts containing bad links are hidden or replacement links are attached. Stats are kept so chronic offenders can be unfollowed, muted, or targeted for etiquette pursuasion/gentle lecturing.

6. Mastodon pro-netneutrality server:

   Similar to the client. Posts with Tor-hostile and/or CloudFlare links are refused.

7. Email address free-society compatibility tester:

   Does an MX lookup & checks whether an email address is hosted in a walled-garden like Gmail or MS Outlook, and reports known situations that the server refuses RFC-compliant messages. E.g. some servers will reject a message if the domain of the FROM address doesn't match the reverse lookup of the connecting IP; some reject connections from dynamic IPs, thus forcing senders to share the message with another third party.

   Perhaps state the retention policy of the server, if known, and/or the legal retention limits in that jurisdiction.

   Checks whether the email address has a PGP key on public keyrings.

8. Wire-Bitlbee plugin

   Wire is a better alternative to Signal, but the bloated client app is Electron based. A bitlbee plugin would make it possible to use any IRC client the user wants.

Vote here:

• on ideas 1-4
• on ideas 5-8