![](https://lemmy.world/pictrs/image/bec5e4d9-24e7-4519-b708-76cc990bc32a.png)
![](https://fry.gs/pictrs/image/c6832070-8625-4688-b9e5-5d519541e092.png)
Best breadcrumb from article:
I wanted to understand: what kind of human spends their days exploiting our dumbest impulses for traffic and profit? Who the hell are these [SEO/Google] people making money off of everyone else’s misery?
Desert Nomad, First Responder, Reverend, Intelligence Analyst, Computer Expert, Cowboy, Sorcerer, Metaphysician, Polymath.
Best breadcrumb from article:
I wanted to understand: what kind of human spends their days exploiting our dumbest impulses for traffic and profit? Who the hell are these [SEO/Google] people making money off of everyone else’s misery?
Really odd some Lemmy choices, allowing News Aggregation Posts (Simple link and summary) from a particular user that is somehow not flagged a bot/influencer/paid. I duna know how you can post Tech News Links 10 times a day, every day, for 5 months and still be allowed to post as a “person”.
Is it ignorance, indemnity, or conspiracy that this News Media Corporation didn’t give the primary mitigation?
A white noise generator.
Also, it’s the language scam of the decade to have a [privacy] agreement or terms with a “third party” which is basically anonymous/anyone/indeterminate/changing/.
This is super helpful, I may post this to infosec.exchange. Flathub makes this so much more difficult to find the reason for what looks like a real breach. I don’t use Flathub for security reasons so I don’t know if you can even isolate the PID? Anyone know?
I don’t want you to have to spend a lot of time or troubleshoot over the web but if you see anything that stands out as “wow shouldn’t be there/running” when you run these commands come back to us:
ps
the PID of Signal or secondarily, Flathublsof -p PID
sudo strace -f -t -e trace=file -p PID
sysctl kernel.randomize_va_space
What that user is describing is very serious. They are saying iOS can reach into Signal and extract data.
Huge if true! You could conceivably submit your phone to a Cybersecurity company and share in any reward.
Help us with:
Who knows how to compute a hash for an installed mobile phone app? We need to compare it with legit.
Let’s not go all the way down the rabbit hole in one pill. Steps of one less person so inured (Definition: Made tough by habitual exposure), so hopelessly dependent on Google.
Welcome to the real world.
Yeah, GetPocket App from Aurora store was able to turn on location on GrapheneOS about 4 months back. After reading the AuroraOSS Store Founder’s profile on Gitlab, I no longer trust AuroraOSS and if you are using GrapheneOS I would advise to vet and install your own apks.
I had a CalyxOS phone whose ROM was hacked which should be impossible outside the factory. Yes, I’m sure and if you had access to the phone, you would also be sure. I’m a huge target whereas most people are not so maybe some high end team was run at me and that would not happen to you.
I’m not competent enough about mobile OS security as of yet to vet mobile OS in detail, but thanks for awareness on Lineage/Divest.
Your argument is valid in an abstract, logical way and I appreciate that. In the real world, it’s nearly impossible for nVidia management to all the sudden gain all the secrets/features from a partner company from a man who used to work there! and not suspect something…
Maybe nVidia did nothing as to plead ignorance and let the guy take the fall or they knew it. Either of these cases is just as criminal when morals are applied.
Calling nVidia the victim is twisting words very badly and I’m not sure you didn’t mean to do that. This is such bad press for nVidia isn’t it? If I were nVidia CEO Jensen Huang I would pay people or even make comments pseudonymously. I mean, what does it take to post on Lemmy, just an email account?
It would be ethically and competantly correct to interally investigate how now you as a Corporation (Word root: Corp = body; Corporation => Arrangement of Bodies) have all your peers features from a former employee of them and there is no way to ethically get around that. None.
That’s the same argument as another plumber who all of a sudden repaired pipes in this totally original way like you did, while you worked on the same job, after working with you. He watched you and took the idea is what happens in the real world.
Corporate Espionage is a huge thing and it’s happened all thoroughout history and maybe even now.
Just so I’m clear in my communication, there is no case where nVidia can logically be a victim. Best case = co-conspirator.
The Blacklight results come up exceptional compartively, 1 tracker, 1 cookie, and it’s easy to block Google. It doesn’t do that over accounts or sessions however, and that is a quite positive attribute. Thanks for the awareness on that though, for everyone. I always advise to use a blocking browser. I guess overall I see the best-in-class results to be worth it every once in a while.
You mentioned Cromite for Android, isn’t that conflicting? Cloudflare is the #1 MITM privacy destroyer so that’s great too. I’ll have to check under VPN.
Could I get your recommendation for what you would advise for a private search engine that has acceptable results?
Good info overall, thanks for this comment.
Hah, I didn’t even realize this was you! Great job here, although between us you already know what I think about what it takes to secure TOR ;)
Thanks for the compliment, I had to hack around bad Gogs docs for hours to implement that.
What a superb list! Saved.
I was thinking of writing a guide on how to lead a digitally private and secure “life” since so many bad guides are out there.
I’d like to add that the best private and secure Operating Systems are:
Private Search Engines
Private Browsers
Qubues runs containers yes, but the unique use of a paravirtualized Fedora Linux kernel itself leaves open lots of unique security holes and is therefore extremely hard reviewing the security of it yourself.
GrapheneOS is constantly being showboated by Ed Snowden which is a red flag and I did experience app contamination on it. I would also suggest PostmarketOS. Definite no on CalyxOS.
I’d like to throw in my own Free Open Source, git clone, security repositories for BSD and Firefox available on Bitbucket, Github, and my own self-hosted git server with the latest files. All my software is currently written in Python (my very first Python scripts!) and short so it’s very easy to review.
If a person breaks into a Industrial Plant and steals $10000 worth of computer hardware and the software that was on it, they go to jail for a long time during which they are not allowed much if any “profits”/income. When a Corporation steals $100million, they pay the other company and gain even more money if they are in market dominate position.
This exchange of money from thief to victim however misses compensating the most aggrieved party, the marketplace > users > you. Really overall though, Civilization loses.
The problem with the Corporate Legal System is that once something like this is found to happen, morally, ethically, and to secure the future of Civlization, the thieving company should be shutdown in 6mos and all assets put up for auction.
Corporations have legal “personhood”, but it seems to be just the best parts. Since this is well known to nVidia CEO Jensen Huang maybe he just said to himself, “It’s just Business”.
Mozilla Foundation fronts Mozilla Corporation which is for-profit and brings in nearly a Billion in revenue.
Don’t donate, do harden it.
Mozilla Foundation fronts Mozilla Corporation which is for-profit and brings in nearly a Billion in revenue.
Don’t donate, do harden it.
I tried Kagi and canceled after a week. It’s a reformat of DuckDuckGo, a better format for sure, and lack of sponsored links, yet it adds AI too. In the end, it’s the same old curated unhelpful results that leave millions of high value boutique and indie sources of information out. Also, it’s Orion browser is bad.
Basically ask yourself that knowing all the good writers, content creators went to Substack, yet hardly any search engine gives results from there, why?
Canva is on the traditional corp Extend, Embrace, Extinguish mission to snuff Digital Content Design that is local only and has no AI. Canva bought Affinity Design Suite, which was the reaction of the non-corp creative world to not have to Adobe Creative Cloud, may it burn.
I believe we are in the era of “the great rug pull” of consumer empowered technology, moving to corp empowered technology stack, with them in control at all levels.