• 0 Posts
  • 8 Comments
Joined 1 year ago
cake
Cake day: July 8th, 2023

help-circle
  • kyub@discuss.tchncs.detoOpen Source@lemmy.mlK-9 Mail is now Thunderbird
    link
    fedilink
    arrow-up
    27
    arrow-down
    2
    ·
    edit-2
    6 days ago

    Just FYI I installed the apk from the github repo (not the google play version) via Obtainium a few days ago and it tried to make a connection to 2 cloudflare IPs during setup of my account. Without prior consent or any mention. So just be aware that there is still some form of telemetry or unwanted connections happening, even though they removed the telemetry flowing to Mozilla’s own telemetry endpoint. K-9 had zero of this, it just spoke with your mail servers and that was it. So be careful and block outgoing app connections by default. I did not analyze the data being sent, just that there were those 2 unwanted connectiins. happening.


  • Answer is correct, I just want to clarify a bit more:

    “Password protected” in your case probably just means that you have a bootloader password or a user account password. Both would not matter in this case. If you put your drive or partition anywhere else, and it’s not an encrypted partition, it can be read. Independently of user access rights. Any other OS accessing the same drive/partition can literally read everything if it’s not encrypted. Provided, of course, that there’s a file system driver available for the OS.

    Windows by default doesn’t have any Linux filesystem driver installed. I’m not sure if that’s still the case when you install WSL. And there are 3rd party Linux filesystem drivers available as well.

    But to protect yourself against robbery or a Windows which might in the future include a Linux filesystem driver, you should always encrypt all of your partitions. And when encrypting, use Bitlocker only for your Windows system partition, not for any data partitions, and certainly not for Linux partitions. For Linux partitons, use the integrated LUKS2. Bitlocker on Windows isn’t private encryption by the way, since a recovery key is being uploaded to MS’ servers automatically. That means MS has theoretical access, the US government has, and law enforcement has. As well as any hackers who manage to exfiltrate that key from somewhere. That’s why I’d use Bitlocker only for the C: partition, a 3rd party encryption tool like VeraCrypt for any other Windows partition, and LUKS2 for any Linux partiton.


  • Of course they do. It’s to be expected that big tech companies use all data they can gather for training AIs, tracking users, creating psychological profiles of the users and selling data to the highest bidders.

    Microsoft is also known for creating tools and products which track employees and workers and provide nice looking dashboards and statistics for the employers. And they partner up with Palantir and other companies to create even more effective surveillance solutions for companies and law enforcement to use eventually. MS is a data company since a couple of years, just like Google or Meta is. Data is very valuable.

    In the case of Microsoft Office and Teams, there’s also the issue of corporate espionage. Companies from all over the world are freely giving away sensitive data about their documents, employees and projects to a US-based megacorp. There was a time in history when this would be called corporate espionage which is supposed to be bad and illegal and so on. But, since they’re all doing it voluntarily, and there’s no definite proof of MS doing anything because it’s a black box and no one except MS can inspect what they’re doing, it’s apparently “fine”. It’s like we have collectively become dangerously naive.

    So yeah, it’s all “fine”. Until it isn’t. Until it is revealed one day. Then we can all be shocked and say “how could they do this, how could they violate our trust like that, their marketing slides looked so nice and the consultant was so charming and said we needn’t to worry about anything they would keep our data safe”. Well, if you trusted them in the first place, that’s your mistake. You cannot trust a company like MS, Meta, Google, TikTok, and so on with a huge track record of privacy violations. Ever. Cloud = someone else’s computer. Host your own stuff. Prefer not to use software with proven track records of privacy violations. Don’t use products or services from companies with such track records. Prefer open source over proprietary because when the code is openly auditable that’s a plus for trustworthiness, and proprietary applications usually have a bad track record of privacy violations and other anti-user features, while open source software rarely includes such things.

    And it’s only going to get worse. With upcoming things like Recall, that’s almost like having a permanent camera behind you recording your screen at all times. I feel bad for all Windows users, but on the other hand, I don’t actually have to care. Keep trusting them blindly, but please don’t be surprised when it will come crashing down on you one day.


  • Yes.

    If you still want to play such “modern” games loaded with spyware, I recommend a dedicated only-for-gaming PC (running Linux of course*) using a different IP address than your main system (probably a notebook), for example by using a VPN on one but not the other. I’d recommend using the VPN for the gaming machine, it’s less of a risk there, it allows for easy circumvention of geo-blocking, etc. If you need to access some services (e.g. chat) from both machines, create a separate account for it. Don’t share account credentials between machines. In fact, act as if the gaming machine is permanently infected with random stuff “required” for modern games, and isolate it accordingly. This is just an idea how to mitigate those problems and don’t let them creep into to your real machine where non-game-related data could leak out as a result. But you’re still going to support the developer doing this which is not recommended.

    *) Why still no Windows, in this isolated case, you ask? Well, because it’s important to fight MS’ monopoly on gaming machines, so don’t support it by running it and contributing to its marketshare. Instead, run Linux and enjoy watching Windows’ sinking market share. In fact, if you can, don’t support such games either by not playing them, that would be the ideal solution. But this is written under the presumption that you or your friends still want to play it and you kind of feel left out otherwise.



  • Clickbaity titles on videos or news sites is the new standard. I watched it. The point he’s making is basically that music was harder to make/produce some 50 years ago, so there was more incentive to “make it worth the effort”, compared to today. And the 2nd point he makes is that music consumption is now so easy as well (listen to whatever you want instantly) compared to when you could only listen to something when you bought the physical album, that there’s also less incentive for the listener to really get involved into some albums.

    Personally I think these are valid points on the surface but they are not “the answer” to this kind of multi-faceted question. They’re at best a factor but we don’t know how big these factors are. Also I think one big reason he thinks that way is because he grew up in that environment and so he has a bias for “owning physical copies of albums”.

    I also think music hasn’t gotten worse, the market is just simply over-saturated because there’s just way too much music, you’ll never be able to listen to it all. And there are absolutely hidden gems or really good bands/artists forming even today, it’s just much harder to find them. Generally a problem of today’s age: it’s likely that what you’re looking for already exists, you just have to find it within a whole ocean of content.

    If you’re looking for innovative or non-standard stuff, you can always look at smaller artists or the indie scene, same is true for movies, games, music. The big producers always have a tendency to stick to what works and what’s proven to be popular so everything becomes similar. But smaller artists do not have to care about such things, they are ready to risk much more and in doing so, you might just create a real gem or something that was never or almost never tried before.