Melody Fwygon

  • 1 Post
  • 181 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle



  • Melody Fwygon@lemmy.onetoPrivacy@lemmy.mlWhat is the most private phone?
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    3
    ·
    edit-2
    2 days ago

    I actually don’t agree with this video; and firmly believe it is more than a little biased.

    For example, the Pixel, AOSP and Android are given several undeserved points due to lack of proper information or understanding of how certain features work. I imagine this is the case too for the iPhone; if a bit less so.

    The review apparently doesn’t deep dive into settings or attempt to maximize privacy by turning off unwanted ‘features’ when settings switches are available to the user; nor does it assume that you set up accounts in as private of a manner as reasonably possible or toggle off as many default-on consent switches as needed.

    While I would support scoring and dinging each case or instance for “Privacy Settings that don’t actually work”…this video really doesn’t do a lot of legwork and leans on the anecdotal evidence of scary news stories too much.

    Worse was the fact that the entire video felt like they were shilling for Graphene OS; which is known to have a slightly unfriendly maintainer and community surrounding him to say the least.

    No mention of Lineage or other privacy oriented Android ROMs were analyzed. AOSP too, was unfairly lumped in and dinged for specific points of the Default Pixel configuration…and yes there are major differences between AOSP and Pixel Android; even though Google tries to be less in-your-face invasive than the other OEMs. Not enough credit is given for the “On-Device” smart features implemented properly on the Pixels.

    Out of personal experience; I’d actually rate a proper Lineage OS install of 4 whole Android versions ago to be more private than stock. Not quite as private as Graphene; but not quite as invasive and much more enforcing of privacy. The debloating provided by a clean AOSP-like ROM, such as Lineage, as opposed to a “Stock Android” configuration from a major OEM is stark.

    Most importantly I personally feel that the privacy model chosen for the video is far too thickly detailed for an average person. Most of the privacy concerns listed on each card contained concern points that might only tangentally apply or don’t apply at all to mobile phones. The way that each card was scored and applied felt low effort. None of the points on any of the card(s) were weighted with average users in mind.

    I really hope someone goes into a much deeper dive; this video is basically clickbait that parrots the commonly parroted advice in the privacy community; which isn’t even good advice, it’s just ‘One-Size-Fits-All’ style advice which gives the user no room to make necessary ‘Privacy vs Convenience’ tradeoffs that they themselves could have made if they understood proper threat modelling.



  • Actually; (basically) SIP over (basically) IPSec sounds pretty correct. Wish the dense technical manuals I read had explained it that way; makes a lot more sense to me as a Net Admin type of IT person.

    I do remember reading that the protocol was basically encapsulated. Dunno about any encryption; probably there’s not any at the IPSec level. I do know that the SIMs themselves probably contain certs that have some value; I just don’t know if they handle any encryption or if they’re just lightweight little numbers for authentication only.


  • If I’m understanding how 'WiFi Calling" works; it’s still “identifying you” to the cell provider the same way; via your SIM. The only difference is they don’t get an exact location because you’re not using any cell towers typically.

    I do suspect SIMs and eSIMs are still doing all the heavy cryptographic signing done on a typical phone network though…they’re just not screaming your IMEI/IMSI all over open or even encrypted airwaves; nor is a WiFI signal triangulate-able typically due to it’s short range.


  • I am glad to see it when the selfish people at the top fall so far down the hill. They orchestrate their own falling typically, much like Ikarus in his waxen wings, falling when he flew too close to the sun in direct sunlight at the height of a hot summer’s day.

    As for Google; I hope the DoJ not only pulls up all of the resultant weeds in the garden, but also makes sure to till and salt the soil thoroughly, so that no part of Google can ever hope to rejoin it’s other pieces to form a monopoly or ‘anything like a monopoly’ on anything, ever, again.

    Google must rightfully suffer a most painful and enduring ‘Corporate Death Penalty’ so to speak; in order to ensure that no company ever gets so bold again. We must also repeat this with several other large companies like Microsoft, Amazon and Apple too; as well as a few other companies I’m unable to name because I’m unaware of how ridiculously massive and monopolistic they are.


  • This is exactly the kind of task I’d expect AI to be useful for; it goes through a massive amount of freshly digitized data and it scans for, and flags for human action (and/or) review, things that are specified by a human for the AI to identify in a large batch of data.

    Basically AI doing data-processing drudge work that no human could ever hope to achieve with any level of speed approaching that at which the AI can do it.

    Do I think the AI should be doing these tasks unsupervised? Absolutely not! But the fact of the matter is; the AIs are being supervised in this task by the human clerks who are, at least in theory, expected to read the deed over and make sure it makes some sort of legal sense and that it didn’t just cut out some harmless turn of phrase written into the covenant that actually has no racist meaning, intention or function. I’m assuming a lot of good faith here, but I’m guessing the human who is guiding the AI making these mass edits can just, by means of physicality, pull out the original document and see which language originally existed if it became an issue.

    To be clear; I do think it’s a good thing that the law is mandating and making these kinds of edits to property covenants in general to bring them more in line with modern law.





  • Keybase is better than Signal. You may not like it’s current owners but it still works, still functions, and can be used to chat privately. It’s entirely OSS on the client side; and server-side software isn’t provided; but with an open Client; it’s likely trivial to reverse and re-implement your own. (Keybase itself doesn’t provide their server code; it’s private due to abuse constraints)

    Keybase is End to End Encrypted. It may not be as “feature rich” but all features are private.

    I’m not sure if it’s indev anymore though; and it does allow you to be as public or as private as you’d like to be about your identity.




  • I’m going to be bold enough to say we don’t have as wide of an AI/LLM issue on the Fediverse as the other platforms will have.

    I’m certain that if someone did collect data from the Fediverse; it would become a hot topic and it might not be enough data anyways as the Fediverse is not mainstream enough normally. So the data and language collected here might skew in a few imaginable ways that one might find undesirable for a general model of word frequencies.

    Also the fact that people might not appreciate that data being collected. Let’s be real. It’s too soon for such a project to begin. The AI TREND MUST DIE as it currently lives and it’s corpse must be rotted away completely. Now, in internet time that may not be all that long…a few to several years…the memory of the internet can be short-lived at times. It must, however, fade from the public conscience into some obscurity first.

    Once the technology no longer lies in greedy hands again; new development can begin anew.


  • Melody Fwygon@lemmy.onetoMemes@lemmy.ml2 life pro tips in one meme!
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    2 months ago

    In general; I think even 2 billion is too much. Nobody needs that much money.

    At best; I think no one should be able to have more than about 500 Million. You get one house, and one car for each adult family member if you’re married with non-adult kids. Adult kids don’t add uncounted vehicles; they have their own limit. Anything that is seaworthy or airworthy counts as about as much “Wealth” as you initially spent on it minus a reasonable depreciation rate yearly as determined by the market, so no buying a thing and having it lose 30% of it’s value the moment you drive it off the lot after buying it.

    Additionally; to block too many shenanigans; wealth added by any property that is bought sticks; 3 years at minimum. This prevents people from storing too much excess in property and shell-gaming it. A company you own or have stake in cannot lend (in a long term) or gift you property in excess of 1% to 10% the wealth limit. (Depending on what the thing is). Companies may also not hold property or money in lieu of an individual personally; everything the company owns must have a global company function; and not personally benefit one or more people only. (Basically no executive-only or owner-only Jets; everyone from the tiniest manager on up should have access to it if there’s a business reason for it)


  • It occurs to me that adding a visual watermark might actually serve to obscure a visual watermarking scheme that is otherwise invisible by providing data that scrambles or breaks the watermark decoder itself.

    Audio watermarks can be distorted in any number of ways; and it could be that some of the wildly poor audio quality in most cam-rips is probably the only way you can defeat the watermark; by using a LQ microphone and encoding the audio to a very limited bitrate and then re-upsampling; to defeat any subtle alterations a digital watermark might make to the audio waveform.


  • Watermarks are only an issue in-as-much as it is used to trace down which copy was leaked.

    With modern digital projection systems; you don’t get a reel of film; you get a briefcase of [SS/HD]Ds containing the raw, encrypted, footage. The digital projection system will decrypt using provided keys. There’s no output except the standard ones for the theatre projectors and sound systems…so capturing the output is difficult.

    If you do intercept the signal; the projection system might detect it; and refuse playback or wipe the decryption keys. Watermarking is also a danger; since your theater can get identified as the leak source and sued.


  • Now we wait for someone to build an absolutely wonderful chat app on top of this wonderful bit of PoC code…

    I genuinely hope someone does. Imagine what this could do if this was routed over Tor using Private Services.

    Run this over that; and you’d have a bullet-proof text chat. Wrap a nice GUI client around all of that and you have a proper secure, anonymous messenger with no problems. With a little more build-out; you could even implement the Matrix protocol over this wire-line and basically have full inter-federation and moderation over a secure wire protocol; allowing for complete privacy and client integration.

    TL;DR: Matrix over PQChat over Tor. Think about it. A Post-Quantum Dark-Matrix web.