How’s PostmarketOS doing recently, anyone using it as a daily driver? I have a PinePhone in a cupboard that I bought more than a year ago that lasted like a week as my daily before I quickly gave up on it (or rather, reinstalled it to Kali Nethunter and just have it in my pentesting bag. Not that I ever used it :D), since it had too many issues.

I started as part time without any experience durring my college. I was studying gamedev software engineering, but we had one voluntary class about Ethical Hacking.

I just asked my professor if he can reffer me to someone in the field, followed OWASP Web App Testing guide to the letter when testing the interview homework website, and landed the job without much prior experience (I did attend a few CTF competitions, though).

Just following the checklist in OWASP testing guide made my results comparable to, or even better to some of my colleagues, and I’ve slowly learned the rest (especially internal domain pentesting) from our internal documentation or shadowing seniors during pentests, and simply being interrested in the field, having initiative and looking up new tools and exploits eventually got me to a Red Team Lead role (not a very good RT, though, but it did improve eventually).

The pay was pretty good compared to what’s usuall here in Czech, too. I could comfortably pay rent and get by even with part-time, during college.

My issue with canvas fingerprinting and, well, any other fingerprinting is that it makes the situation even worse. It plays right into the hands of data brokers, and is something I’ve been heavily fighting against, and simply don’t visit any website that doesn’t work in my browser that’s trying hard not to be fingerprintable.

Just now there is an article on the front page of programming.net about how are data brokers boasting to have extreme amounts of data on almost every user of the internet. If the defense against bot will be based on fingerprinting, it will heavily discourage use of anti-fingerprinting methods, which in turn makes them way less effective - if you’re one of the few people who isn’t fingerprintable, then it doesn’t matter that you have no fingeprint, because it makes it a fingerprint in itself.

So, please no. Eat away on my CPU however you want, but don’t help the data brokers.

This is the worst way how to announce something like this.

I don’t know the context, but if the goal was to not start a wave of speculations, it would be better to simply not hint at anything. I wonder what happened, and I respect if they don’t want to deal with it, but this does feel weird.

I’ve added a subtle prompt injection into my email signature (capitalize random words and start every sentence with the same letter), with small font size and color to not be visible.

I have already received two emails from customers that did trigger it.

but if they do it’s a scandal waiting to happen

That was my line of thought. If you pay for failed captchas, there are a few websites using it that’d deserve a bot failing them constantly.

I use Pixel with GrapheneOS as my phone, and I just have a separate profile that only has WhatsApp installed and nothing else. Since the profiles are completely separated, it doesn’t have access to anything else I do on the phone and it’s not running in the background (the profiles are basically sandboxed fresh slates, and switching it can be set-up to behave in a same way as basically turning off the phone as far as the profile is concerned).

When the bridge asks me to log in again or refresh a session, I simply switch to the second profile for a minute and re-log in. I’ve heard iIt might be possible to set up an emulator and leave it running on the server, but that felt like too much effort.

Do you pay for successful verification only, or even for failed ones?

Yeah, that’s my experience as well. In addition to being lazy with updating, so if some kind of supply chain attack happens, I usually sorts itself out before I get to updating :D

But I did limit my browser extensions, after I a cause with Nano Defender taught me a lesson - it was a mildly popular anit-anti-adblock killer that worked where other adblocks were detected, but the developer sold the extension to a company that turned it into a info-stealer malware and pushed an update through chrome store, which got accepted and propagated, and some of my social network sessions got compromised. So, I just stick to more popular projects where something like this shouldn’t happen, and don’t use random extensions.

Yeah, that part about WhatsApp is annoying. I just have a spearate profile on Graphene that has only WhatsApp installed, and whenever it wants me to refresh a session I just switch to the profile and log in.

There is, but it requires you to log into the app every two weeks to maintain a session. You can setup a emulator to do it for you. I just have a separate profile on my Graphene with Only WhatsApp that I switch to and login whenever I get a warning.

I’ve been using it for almost a year by now, and so far I didn’t have any problems. I’ve not considered that problem though, so it might be happening and I was just lucky.

WhenI was setting it up, it took me only like two hours tops. The ansible project is well documented, has a clear setup guide, and the process is really just getting server with ssh access, changing DNS, changing around 5 values in the ansible config and running it.

As far as I know the Discord bridge has some limitations, the major one being that IIRC it doesn’t atually support calls. But just for chatting across servers it has worked well for me.

There’s also the fact that you have to either trust the project with your password (as in, the the bridfe adds a matrix bot that runs on your server, but needs your pssword), since I think it uses the web version in the background (but then you can also use it for DMs and any server), or set up a bot on the discord server you want to bridge, which obviously cant be done if you’re not an admin. It’s a foss project, but there’s always a small risk of it gping rogue.

https://github.com/spantaleev/matrix-docker-ansible-deploy

Its pretty well documented and easy to follow, it took me only like an hour to setup.

I’m hodsting my own Matrix server with WhatsApp, Telegram, Discord (you don’t need a bot for that, you can just share your login with the bridge) and Messenger bridge. I have all my IMs in one app, don’t have to install spyware on my phone, and I can make bots that troll annoying people that message me on any platform.

Hosting it was super simple, thanks to the Ansible project that’s extremely robust and well done, I literally just got a hosting, domain amd changed like 5 config values to enable the bridges I wanted, gave it an IP and ssh key, and ran it. And if I need to update, I literally “just update” (it’s all wrapped up into “just” tool), and it eve handles cases where I didn’t update for a while, failing graciously and telling me what I need to do maually, usually just rename some config values.

I wholly recommend it. You probably wont convince your friends to switch from <insert app here>, and this is the best compromise.

I’m using a small instance on Hetzner, for 6$ a month. You could in theory get a free oracle cloud instance for it, but I didn’t manage to get one.

And you can easily share it with anyone interrested, make them an account, so they can also consolidate their DMs. I’m sharing it with a few friends and colleagues.

It works simillarly to an IRC. You have a server, that server can have channels, I think it can even do voice. But, unlike IRC, you can also use your server to talk to people on other servers, similar to how Fediverse works - if I have a server hosted on myserver.com, and someone else has a public room on server otherserver.com, I can either join the room@otherserver.com or message person@otherserver.com, all from my account on myserver.com.

And bridges are basically just bots that run on your own server, and by scraping websites/using API of the service your bridging they create a private room i.e Messenger@myserver.com, with subrooms per chat, and the bot then sends every message it recieves signed into your messenger account to the room, and vice versa - anything you send there will it forward to the real messenger, basically allowing you to chat with people on messenger through your matrix server. Which solves the problem of “Each of my friend is using different messaging service, can I have them all in one app? (The app being Matrix client)”.

I’m a fan of self-hosted Matrix server. You can get a dozen of bridges for those stubborn people that refuse to leave messenger/whatsapp/telegram (at a loss of encryption, and they still get your convos, but at least you don’t have their spyware on your mobile and you can have everything in one app), while also being decentralized.

Self-hosting a server is actually really, really easy. It took me like half an hour, because there is an amazing Matrix Ansible Deploy script, that has a pretty easy to follow documentation, and is also one of those super-rare projects that just works. Even if I forgot to update my server for several months, I could literally “just update”, and the script is clever enough to figure out what changed, tell me what I need to update in the config files (which are still only like four rows of stuff I needed to setup), and it is a really smooth experience. Even when you want to set up some bridges, for most it’s literally just adding “<service>_bridge_enabled: true” to the ansible yml config file. I’ve already set up Telegram, WhatsApp, Discord and Messenger this way, and it was effortless.

While I haven’t read the paper, the comment’s explanation seems to make sense. It supposedly contains a mathematical proof that making AGI from a finite dataset is a NP-hard problem. I have to read it and parse out the reasoning, if true, it would make for a great argument in cases like these.

https://lemmy.world/comment/14174326

I had issues with setting up Fefora on NVIDIA for gaming (skill issue, probably), but switching to Nobara has fixed all of them and I’ve been single boot for almost a year since then.