If you're interested in using something other than Microsoft Windows, getgnulinux.org is a good place to read about your options and how to switch.
For some reason that article doesn't link to it, but it is a real tweet he made in February (and didn't even delete after being called out for the highlighted search terms in his screenshot).
Regarding your browser-based thing: what are the specific capabilities of the "threat agents" (in your threat model's terminology) which your e2ee is intended to protect against?
It seems like the e2ee is not needed against an attacker who (a) cannot circumvent HTTPS and (b) cannot compromise the server; HTTPS and an honest server will prevent them from seeing plaintext. But, if an attacker can do one of those things, does your e2ee actually stop them?
The purpose of e2ee is to protect against a malicious server, but, re-fetching JavaScript from the server each time they use the thing means that users must actually rely on the server's honesty (and HTTPS) completely. There is no way (in a normal web browser) for users to verify that the JavaScript they're executing is the correct JavaScript.
If you run a browser-based e2ee service like this and it becomes popular, you should be prepared that somebody might eventually try to compel you to serve malicious JavaScript to specific users. Search "lavabit" or "hushmail" for some well-documented cases where this has happened.
It’s amazing how so many people here are completely oblivious to sarcasm.
from this commercial, apparently it's a joke but also a real product from Daily Wire 😬
What a confused image.
- TiVo complied with the GPLv2 and distributed source code for their modifications to Linux. What they did not do was distribute the cryptographic keys which would allow TiVo customers to run modified versions it on their TiVo devices. This is what motivated the so-called anti-tivoization clause in GPLv3 (the "Installation Information" part of Section 6. Conveying Non-Source Forms.).
- Linux remains GPLv2, so, everyone today still has the right to do the same thing TiVo did (shipping it in a product with a locked bootloader).
- Distributing Linux (or any GPLv2 software) with a threat of violence against recipients who exercise some of the rights granted by the license, as is depicted in this post, would be a violation section 6 of GPLv2 ("You may not impose any further restrictions on the recipients' exercise of the rights granted herein.").
If you use systemd's DHCP client, since version 235 you can set Anonymize=true in your network config to stop sending unique identifiers as per RFC 7844 Anonymity Profiles for DHCP Clients. (Don't forget to also set MACAddressPolicy=random.)
They only do that if you are a threat.
Lmao. Even CBP does not claim that. On the contrary, they say (and courts have so far agreed) that they can perform these types of border searches without any probable cause, and even without reasonable suspicion (a weaker legal standard than probable cause).
In practice they routinely do it to people who are friends with someone (or recently interacted with someone on social media) who they think could be a threat, as well as to people who have a name similar to someone else they're interested in for whatever reason, or if the CBP officer just feels like it - often because of what the person looks like.
It's nice for you that you feel confident that you won't be subjected to this kind of thing, but you shouldn't assume OP and other people don't need to be prepared for it.
If they ask for a device's password and you decline to give it to them, they will "detain" the device. See this comment for some links on the subject.
I’m pretty sure that immigration in the US can just confiscate your devices if you are not a citizen .
CBP can and does "detain" travelers' devices at (or near) the border, without a warrant or any stated cause, even if they are US citizens.
Here is part of the notice they give people when they do:
Or just removing my biometrics?
Ultimately you shouldn't cross the US border carrying devices or encrypted data which you aren't prepared to unlock for DHS/CBP, unless you're willing to lose the hardware and/or be denied entry if/when you refuse to comply.
If they decide to, you'll be handed this: "You are receiving this document because CBP intends to conduct a border search of your electronic device(s). This may include copying and retaining data contained in the device(s). [...] Failure to assist CBP in accessing the electronic device and its contents for examination may result in the detention of the device in order to complete the inspection."
Device searches were happening a few hundred times each month circa 2009 (the most recent data i could find in a quick search) but, given other CBP trends, presumably they've become more frequent since then.
In 2016 they began asking some visa applicants for social media usernames, and then expanded it to most applicants in 2019, and the new administration has continued that policy. I haven't found any numbers about how often they actually deny people entry for failing to disclose a social media account.
In 2017 they proposed adding the authority to also demand social media passwords but at least that doesn't appear to have been implemented.
image description
Side-by-side pictures of actors Judge Reinhold and Alan Tudyk, labeled with blue text in a Star Trek-reminiscent font "Judge Reinhold as Tom Paris" and "Alan Tudyk as Paul Stamets"
cross-posted from https://lemmy.ml/post/15044893
https://www.radiomuseum.org/forum/first_silicon_transistors.html
image description
Image of a magazine advertisement with the title text "silicon transistors now in production!"
Text at the bottom left identifies it as the June 1954 issue of ELECTRONICS.
The advertisement consists of a row of eight three-pin solid state components "growing" in a field. There is a building in the distance behind them. The components are alternately labeled with Texas Instruments' Map-of-Texas logo and the number "900". From left to right, each component is closer to the viewer, and the fifth-to-closest one is labeled "actual size".
This text is overlaid on the image:
silicon transistors — long awaited by the electronics industry — are finally out of the laboratory and on the market ... brought to you first by Texas Instruments, a leading transistor manufacturer. A new and unrivaled degree of design freedom is created by the TI n-p-n grown junction silicon transistor, now available in production units with glass-to-metal hermetic sealing, silicon transistors radically improve temperature stability and power handling while retaining the best amplification and frequency characteristics of previous semiconductor devices.
write today for detailed information on the silicon transistor!
TEXAS INSTRUMENTS
INCORPORATED
6000 LEMMON AVE. DALLAS, TEXAS
image description
Standard "they don't know" meme format, featuring line art of "That Feel Guy" wearing a party hat standing in a corner while other people are dancing. An image of an icosahedron formed by three mutually perpendicular golden ratio rectangles sits in front of That Feel Guy. The caption text says "They don't know that three mutually perpendicular golden ratio rectangles, with edges connecting their corners, form a regular icosahedron."
https://en.wikipedia.org/w/index.php?title=Regular_icosahedron&oldid=1219666251#Construction
image description
An infographic titled “How To Write Alt Text” featuring a photo of a capybara. Parts of alt text are divided by color, including "identify who", "expression", "description", "colour", and "interesting features". The finished description reads “A capybara looking relaxed in a hot spa. Yellow yuzu fruits are floating in the water, and one is balanced on the top of the capybara’s head.”
via https://www.perkins.org/resource/how-write-alt-text-and-image-descriptions-visually-impaired/
cross-posted from: https://lemmy.ml/post/14372600
cross-posted from: https://lemmy.ml/post/450185
cross-posted from: https://lemmy.ml/post/14334283
transcript
Screenshot of github showing part of the commit message of this commit with this text:Remove the backdoor found in 5.6.0 and 5.6.1 (CVE-2024-3094). While the backdoor was inactive (and thus harmless) without inserting a small trigger code into the build system when the source package was created, it's good to remove this anyway: - The executable payloads were embedded as binary blobs in the test files. This was a blatant violation of the Debian Free Software Guidelines. - On machines that see lots bots poking at the SSH port, the backdoor noticeably increased CPU load, resulting in degraded user experience and thus overwhelmingly negative user feedback. - The maintainer who added the backdoor has disappeared. - Backdoors are bad for security. This reverts the following without making any other changes:The sentence "This was a blatant violation of the Debian Free Software Guidelines" is highlighted.
Below the github screenshot is a frame of the 1998 film The Big Lebowski with the meme caption "What, are you a fucking park ranger now?" from the scene where that line was spoken.
(for achievers who aren't following one of the most exciting computer security events in recent history, here is the context)
cross-posted from: https://lemmy.ml/post/14334283
transcript
Screenshot of github showing part of the commit message of this commit with this text:Remove the backdoor found in 5.6.0 and 5.6.1 (CVE-2024-3094). While the backdoor was inactive (and thus harmless) without inserting a small trigger code into the build system when the source package was created, it's good to remove this anyway: - The executable payloads were embedded as binary blobs in the test files. This was a blatant violation of the Debian Free Software Guidelines. - On machines that see lots bots poking at the SSH port, the backdoor noticeably increased CPU load, resulting in degraded user experience and thus overwhelmingly negative user feedback. - The maintainer who added the backdoor has disappeared. - Backdoors are bad for security. This reverts the following without making any other changes:The sentence "This was a blatant violation of the Debian Free Software Guidelines" is highlighted.
Below the github screenshot is a frame of the 1998 film The Big Lebowski with the meme caption "What, are you a fucking park ranger now?" from the scene where that line was spoken.
transcript
Screenshot of github showing part of the commit message of this commit with this text:
Remove the backdoor found in 5.6.0 and 5.6.1 (CVE-2024-3094).
While the backdoor was inactive (and thus harmless) without inserting
a small trigger code into the build system when the source package was
created, it's good to remove this anyway:
- The executable payloads were embedded as binary blobs in
the test files. This was a blatant violation of the
Debian Free Software Guidelines.
- On machines that see lots bots poking at the SSH port, the backdoor
noticeably increased CPU load, resulting in degraded user experience
and thus overwhelmingly negative user feedback.
- The maintainer who added the backdoor has disappeared.
- Backdoors are bad for security.
This reverts the following without making any other changes:
The sentence "This was a blatant violation of the Debian Free Software Guidelines" is highlighted.
Below the github screenshot is a frame of the 1998 film The Big Lebowski with the meme caption "What, are you a fucking park ranger now?" from the scene where that line was spoken.
i think /c/politics@lemmy.ml was removed due to redundancy with /c/worldnews@lemmy.ml more than /c/usa@lemmy.ml.
that's not to say it couldn't be a place for non-news-related political discussions, but in practice it mostly got posts which would fit in worldnews.
it could be restored if one or more users with a good history wants to take responsibility for moderating it.