• 0 Posts
  • 28 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle

  • If you’re just interested in connections (and don’t care about packet inspection) you can use Little Snitch (paid) or LuLu (FOSS).

    Actually, all the Objective-See Foundation security tools are great and target specific classes of vulnerabilities, like LuLu for outgoing network connections, RansomWhere for detecting ransomwear by looking for encryption events, Oversight that monitors you cameras and microphones and a bunch of other really small, but really useful security utilities. Better than running a shady antivirus that’s going to suck up loads of resources and rely on signatures.







  • The biggest red flag is when they try and stop you from pasting your password (or anything else for that matter) breaking password managers.

    There are years-long arguments on social media with companies who do this with actual security experts telling them they’re hurting security (including referencing organisations like the UK’s National Cyber Security Centre) and their only response is “we don’t allow pasting for security reasons” but they can never explain how it helps security - because it doesn’t. It drives me mad.


  • and now Google of all companies wants to lock down the whole internet?

    Of all the companies, Google always seemed the most likely, both to want to and to be successful. They’ve tried before, sometimes in small ways, sometimes in larger more obvious ways (AMP, the implementation of content filtering in Chrome etc.).

    They’re the world’s largest advertising and data harvesting company. It’s their business. Of course they want to lock the internet down to serve their goals of learning as much about you as possible and using that data to shove ads in your face.

    Whenever using any Google/Alphabet product you have to ask yourself, “am I ok with this thing I’m about to use being built by the world’s largest advertising company?”. The answer should be “no” more than it is “yes”, particularly for things that have access to lots of your data, like web browsers, phones, home speakers etc.






  • I particularly enjoy the “if you need immediate assistance” note for a telephone line that’s open even fewer hours than the website. it’s positioned as an alternative to the site, but absolutely isn’t. Also, if that message is only displayed when the site is closed, there are no hours when the phone line is open but the site is closed, so who’s it helping? You couldwrite it down and call it when it’s open, but the site is also going to be open then, several hours earlier in fact, so is less “immediate” than the site that’s closed.


  • sijt@lemmy.worldtoMemes@lemmy.mlHotel > AirBNB
    link
    fedilink
    arrow-up
    10
    arrow-down
    2
    ·
    1 year ago

    Enforcing is unfortunately really difficult because the incentives are too strong. We have rules here which are meant to prevent AirBnB and similar by limiting the number of nights any domestic property can be let in a year. So all the hosts just jump from site to site and change the descriptions slightly to get around it. And it’s so brazen. They use the same photos and everything. The really organised ones have whole buildings and when you book they’re non-specific about the unit you get, so it’s very difficult to actually track which ones are rented at any point, particularly when the enforcement teams are so underfunded.


  • It’s really hard. And really expensive. I used to work in five nine environments, life or death type use cases, and my rule of thumb was that you double your cost for every extra nine you add.

    When we got to five nines it was multiple hot standbys with a custom control and orchestration plane - literally custom hardware we had to build. This was for local installations, so not modern cloud environments (it was over a decade ago), but many of the challenges are similar, like session handling, transmission replay and caching, locking, clashing, routing, jitter, latency etc.