Defcon is my biggest regret about the whole “US going to shit” situation. I’m from Europe, and I was planning to eventually attend, but there’s no way I’m going there until USA gets their shit together, which I suspect won’t be during my lifetime at this point.
They should move it to Europe, especially for this kind of event, I’d suspect that for a lot of attendees and speakers, who tend to be pretty anti-systemic, going into US safely at this point is not an option.
The companies are wastly overestimating how much I care about seeing their slop content.
The hatered for forced logins, age verification or prompts like these has been slowly curing my internet addiction. I’m not signing up or accepting your bullshit.
I recommend transfering to Cloudfare, since they have guaranteed wholesale price (no added fees, and only what the tld owner and ICANN asks), so they should be cheapest (since anything less is selling at a loss for the registrar, at least ifI understand right).
Namecheap has started overcharging me like 20+$ on a renewal compared to CF. So, transfering after a first year (which is where registrars like Namecheap take a loss and give you a discount) is probably the cheapest way how to go about it.
As far as I know, Cloudfare is the only registrar that offers you wholesale price, as in the price asked by the tld owners. So, you a registrar can’t go lower, because that’s what they pay for it.
But, a lot of registrars will give you first year at a heavy discount (so, at a loss), just so they can ramp up the price to wholesale + a lot extra. I got my domain for like 5$, and they then asked for 40$ for renewal, while wholesale is around 25$.
So, I just transfered to Cloudfare for the renewal. Tbh I don’t remember if it was the first or second year, and what are the transfer rules, but I think it should be possible to just buy a first year at heavy discount with i.e Namecheap or something, and immediately transfer to Cloudfare for the first renewal at wholesale price.
Unless I’m mistaken, this mostly depends on software/os you install.
A RPI with OpenWRT will be secured in exactly the same way as a router with OpenWRT and a laptop with OpenWRT. (At least I think so, I vaguely remember hearing about some Intel CPU vulnerabilities, but I don’t think there’s anything remote).
Power draw will be the main problem, along with more limited range because of the strength of the WiFi card.
How does IronFox compare to LibreWolf?
Am dumb, missed the “for android” part.
I use Pixel with GrapheneOS as my phone, and I just have a separate profile that only has WhatsApp installed and nothing else. Since the profiles are completely separated, it doesn’t have access to anything else I do on the phone and it’s not running in the background (the profiles are basically sandboxed fresh slates, and switching it can be set-up to behave in a same way as basically turning off the phone as far as the profile is concerned).
When the bridge asks me to log in again or refresh a session, I simply switch to the second profile for a minute and re-log in. I’ve heard iIt might be possible to set up an emulator and leave it running on the server, but that felt like too much effort.
Yeah, that’s my experience as well. In addition to being lazy with updating, so if some kind of supply chain attack happens, I usually sorts itself out before I get to updating :D
But I did limit my browser extensions, after I a cause with Nano Defender taught me a lesson - it was a mildly popular anit-anti-adblock killer that worked where other adblocks were detected, but the developer sold the extension to a company that turned it into a info-stealer malware and pushed an update through chrome store, which got accepted and propagated, and some of my social network sessions got compromised. So, I just stick to more popular projects where something like this shouldn’t happen, and don’t use random extensions.
Yeah, that part about WhatsApp is annoying. I just have a spearate profile on Graphene that has only WhatsApp installed, and whenever it wants me to refresh a session I just switch to the profile and log in.
There is, but it requires you to log into the app every two weeks to maintain a session. You can setup a emulator to do it for you. I just have a separate profile on my Graphene with Only WhatsApp that I switch to and login whenever I get a warning.
I’ve been using it for almost a year by now, and so far I didn’t have any problems. I’ve not considered that problem though, so it might be happening and I was just lucky.
WhenI was setting it up, it took me only like two hours tops. The ansible project is well documented, has a clear setup guide, and the process is really just getting server with ssh access, changing DNS, changing around 5 values in the ansible config and running it.
As far as I know the Discord bridge has some limitations, the major one being that IIRC it doesn’t atually support calls. But just for chatting across servers it has worked well for me.
There’s also the fact that you have to either trust the project with your password (as in, the the bridfe adds a matrix bot that runs on your server, but needs your pssword), since I think it uses the web version in the background (but then you can also use it for DMs and any server), or set up a bot on the discord server you want to bridge, which obviously cant be done if you’re not an admin. It’s a foss project, but there’s always a small risk of it gping rogue.
https://github.com/spantaleev/matrix-docker-ansible-deploy
Its pretty well documented and easy to follow, it took me only like an hour to setup.
I’m hodsting my own Matrix server with WhatsApp, Telegram, Discord (you don’t need a bot for that, you can just share your login with the bridge) and Messenger bridge. I have all my IMs in one app, don’t have to install spyware on my phone, and I can make bots that troll annoying people that message me on any platform.
Hosting it was super simple, thanks to the Ansible project that’s extremely robust and well done, I literally just got a hosting, domain amd changed like 5 config values to enable the bridges I wanted, gave it an IP and ssh key, and ran it. And if I need to update, I literally “just update” (it’s all wrapped up into “just” tool), and it eve handles cases where I didn’t update for a while, failing graciously and telling me what I need to do maually, usually just rename some config values.
I wholly recommend it. You probably wont convince your friends to switch from <insert app here>, and this is the best compromise.
I’m using a small instance on Hetzner, for 6$ a month. You could in theory get a free oracle cloud instance for it, but I didn’t manage to get one.
And you can easily share it with anyone interrested, make them an account, so they can also consolidate their DMs. I’m sharing it with a few friends and colleagues.
Yeah, I know and that’s what I’m afraid of. I guess I’ll just have to come to terms with most websites not working in some obscure web browser that’s not feature-complete. Would actually help with my addiction, so it won’t be so bad, I guess.
You are right, it was unfairly harsh wording, I apologize for that. Most of those products are super cool and important, I’ve kind of extrapolated it from what I’ve read in other posts about them spending too much on stuff like events and other, non-developemnt, related stuff that I actually never checked, while also not realizing that they also have a ton of other projects, which mixed with the dissapointment with the recent development about the Meta partnership led to me choosing that wording unfairly.
If it keeps going on like this, it won’t be long before I’ll just say fuck it and switch to elinks…
Hmm, on that note - is there any CLI web browser that can do javascript and css? Because iirc, elinks doesn’t, though I havent used it in years.
IIRC, only like 2% of Mozilla spending goes towards FF (I may be misinterpreting something, but I remember 2% being thrown around), so funding FF without rest of Mozilla bullshit shouldn’t be that hard. Of course, since Mozilla did spend so little on FF, it’s a question how much they actually care about FF and what would happen if they lost access to their golden goose. They shouldn’t have problem funding FF, but they probably have other bullshit they don’t want to let go and that has more priority for them.
Any recommendations? My only experience with defcon is through recordings of the talks from there, and they’ve always been phenomenal, and some videos from the events like various CTFs. Never really looked into it more. I think I also saw a documentary a few years ago that was pretty sick.