What an unhinged rant. Even 30 seconds after posting I can barely understand my point. I’ll leave it there unedited though.

The root cause of this issue that they identify, is 100% the kind of AI that they’ll build for this situation.

Old mate wants to use it to keep people on their best behaviour. The kind of subjective wording that whatever he doesn’t like, is the exact reason people lie in court.

Power to that thought process through systemising it, legitimising it, is exactly part of the problem.

What’s that American who said lies about the eating cats then justifying it by saying “I’d lie if it got the American public to wake up”. Let me get the quote…

https://www.mediaite.com/news/remarkable-confession-jd-vance-absolutely-floors-observers-with-comment-that-hes-been-creating-stories-about-migrant-pet-eating/

If I have to create stories so that the American media actually pays attention to the suffering of the American people, then that’s what I’m going to do.

Yep. It’s not infallible, it’s intentional. Intent goes into the creation of systems and implementations. These are the kind of people that want these systems. They’re justified in their own minds.

So to close the loop you linked that article and it’s point was:

More than half of wrongful convictions can be traced to witnesses who lied

Don’t give them reason for more ways to do so. Don’t give them legitimacy. That’s deterministic. It’s intent. It’s not failed if it worked. Your opinion on a system which is failed or fallible is not the same as the Oracle hocho who wants to be God.

They’re not sharing your values, morals, ethics or compassion.

I saw a sign on each street light on a bike path in my town that said “these street lights use aluminium cabling because the copper was stolen”.

Your plan will work.

It’s PKI, public key infrastructure. It’s secure so it’s used in many applications. Including ssh using keys.

This will be able to do cross site (apps) information collection within other sites (apps) in this profile. The way this works is one of many, and complicated so: https://blog.mozilla.org/en/products/firefox/cross-site-tracking-lets-unpack-that/

The idea of profiles is to stop this behaviour and other behaviours through isolation. Along with other practices makes up a privacy-in-depth (layered) approach. It doesn’t solve everything.

For example if you are in the same house sharing an internet connection, it is possible to say “at least one outstation in this house (IP) are interested in ‘x’ and therefore I should target everyone in that house because people who live together are interested in similar things”. Even if you isolate, you could still teach a data hoarding company like meta you like something simply by them by necessity needing your IP to communicate.

Some people try to say ‘I’ve got a VPS with a VPN to communicate all traffic through’ but that doesn’t add any privacy, your exposed VPS with its IP is an IP only for you and still all collected information about you would be able to be thumbprinted to that IP across many services (eg instagram whatsapp and Facebook). A public VPN provider in this case adds a layer of obfuscation since you can change your IP rapidly and it’s an IP that’s shared with other unrelated users. Which is exactly why many services like reddit are banning access from them under the guise of “oh training data leaks from VPN, and we want to sell it” bs.

Anyway it’s a tough world out there to be private. I’m at an age where after 10 years without Facebook and I never had instagram, everyone knows I’m contactable via sms. It’s not secure, it’s barely private, but I don’t really “chat” except at the pub. So that’s where they ask me to visit. Lol.

I’ve been thinking of running something using second hand usb cameras and raspberri pi 3+ since my switch already has poe and my nas has 40tb.

I have a 3d printer so a wall mount enclosure shouldn’t be hard either.

Was thinking of mounting them on the window frames indoors.

Nvr software like this might work: https://github.com/seydx/camera.ui

Tailscale will allow me to access the Web front end anywhere on my devices. Individually it could hold the RPis too just for remote troubleshooting later if anything happens.

Personally I’d like to reuse as many things that I already own and have no specific reliance on a vendor. If I got a rstp camera later, I wouldn’t need a pi to host the camera. But I’ve got a couple of pis and a couple of usb webcam to start. It won’t work for night mode so I’ll have to make sure the outdoor lights are triggered by motion.

But I’ve not done anything yet this is all how I’ve thought about it in my head. So I’m watching this space to learn more too.

That’s so cool

I have a feeling it did because I remember watching early rtsp multicast streams of the anime initial D found through winamp in like 1999 at 240p. It’s so long ago that I’m not even sure that’s a correct memory.

Think of this:

You find a computer from 1990. You take a picture (image) of the 1KB memory chip which is on a RAM stick, there are 4 RAM sticks. You are using a DSLR camera. Your image in RAW comes out at 1GB. You project because there’s 8 chips per stick, and 4 sticks it’ll 32GB to image your 4KB of RAM.

You’ve described nothing about the ram. This measurement is meaningless other than telling you how detailed the imaging process is.

They took imaging scans, I just took a picture of a 1MB memory chip and omg my picture is 4GB in RAW. That RAM the chip was on could take dozens of GB!

Telegram isn’t encrypting chats (only secret chats).

As far as reproducible builds telegram has got instructions and caveats or excuses around builds for the same issues signal does: https://core.telegram.org/reproducible-builds#reproducible-builds-for-ios

Both easily make Android reproducible builds. This Twitter message is a rock being thrown in a glass house, knowing most people who consume Twitter like it’s a firehose, won’t swallow the nuance of the details.

I don’t even, not to complete lengths.

Reasonably sure they mean telegram. Only secret chats are encrypted. Telegrams chat otherwise is basically transport layer encryption.

https://www.wired.com/story/telegram-encryption-end-to-end-features/

Oh I think I’ve met you! You must be my coworker!

Just joking of course, looking fun of a privacy focused person while making a point my coworkers also don’t read. I’m glad you didn’t delete the post though, I enjoyed the journey. You did read, you’re better than my coworkers.

I’m not going to argue strongly for this, but there’s a certain irony that if the defender suite (defender for identity, defender for cloud apps, fervently for office, and defender for endpoint) was instantly unlocked in their plan 2 version for every subscriber for free, that would kill a huge segment of the security market including some of the industry leaders like SentinelOne huntress labs, and even SEIM providers like splunk and Arctic wolf and dozens more. The XDR and identity management industry would instantly be forced into an anti competitive environment.

There’s an argument for ‘but if they built it secure, then you wouldn’t need to bolt on detections’. I think a relevant metaphor is you buy a house, but then you add detection like cameras and intrusion detection. Make sure the locks on the doors and windows aren’t bypassed.

So I would think there is some nuance. And frankly for small business the cost for m365 business premium which has all of that, including a bunch of information protection and data loss prevention. You just actually have more of a configuration requirement that nearly none of my customers I onboard ever have done…

The messaging around this so far doesn’t lead me to want to follow the fork on production. As a sysadmin I’m not rushing out to swap my reverse proxy.

The problem is I’m speculating but it seems like the developer was only continuing to develop under condition that they continued control over the nginx decision making.

So currently it looks like from a user of nginx, the cve registration is protecting me with open communication. From a security aspect, a security researcher probably needs that cve to count as a bug bounty.

From the developers perspective, f5 broke the pact of decision control being with the developer. But for me, I would rather it be registered and I’m informed even if I know my configuration doesn’t use it.

Again, assuming a lot here. But I agree with f5. That feature even beta could be in a dev or test environment. That’s enough reason to know.

Edit:Long term, I don’t know where I’ll land. Personally I’d rather be with the developer, except I need to trust that the solution is open not in source, but in communication. It’s a weird situation.

https://www.bleepingcomputer.com/news/security/critical-bug-in-owncloud-file-sharing-app-exposes-admin-passwords/

Just remember to patch. Owncloud has some of the worst possible cves right now.

I’m just going to give you props. I have worked in Managed IT Services for a dozen years and some of the worst clients are construction, engineering and architects who use solidworks, autodesk and archicad products.

You’ve eaten humble pie and admitted that using computers as a tool, and systems design are different and though you might understand a lot, just like I can build a 3d model, the devil is in the detail.

Building robust solutions that meet your business continuity plans, disaster recovery plans, secure your data for cyber risk and to meet ISO and yet are still somehow usable in a workflow for end users is not something you just pick up as a hobby and implement.

The way I handle technology Lifecycle is in 5 steps: strategy, plan, implement, support, maintain. Each part has distinct requirements and considerations. It’s all well and good to implement something but you need to get support when it goes wrong or misbehaves. You need to monitor and report for backups, patching, system alerts. Lots of people might do the implement, but consider the Lifecycle of the solution.

People do these things at home but they’re home labbing, they’re labs. Production requires more.

Anyway a bunch of people closer to your part of the world will probably help you out here.

I just want to again recognise and compliment you on realising and openly saying you want help rather than just do the usual “oh I know best” that I hear over and over usually just before someone gets ransomed on their never patched log4j using openssl heartbleed publicly exposed server infrastructure.

Lol, a thousand hours would be 6 months of full time work (40 hour week). I’m not sure I’d employ someone who has 6 months of IT experience into a systems administrator job and task them to build a an erp/dms/unified coms solution for a client.

But this guy should be able to do it as a hobby?

Hmm you could be right. Keeping old protocols running for legacy compatibility reasons could in this case keep the solution working for some time.

The mini version doesn’t need hosting, it doesn’t have a proxy middle man. A 16yo kid reverse engineered the protocol and then got contracted by beeper to implement it as beeper mini. It’s a client directly connecting to apple like imessage native.

Will it break? I’d argue if the cost of breaking it in engineer time is worth doing to Apple, yes. All they’d have to do is roll their own crypto and reverse engineering that might be impossible. Probably easier ways to break it but then maybe it turns into a cat and mouse game.

Legally it’s hard to say if it’s OK too, the end user is likely fine, but the developer especially being contacted may not be since to reverse engineer it could be breaking terms of service or licensing clauses though I’m not really sure what kind of damages could be claimed. To reverse engineer they had to use the original on jailbroken iphones to go through the engineering discovery.

Anyway the point is, it’s not going through beeper or anywhere other than Apple. So there’s no component to host. It’s different to beeper.