=== ANCHOR POEM === ═══════════════════════════════════════════════──────────────────────────────────── we should be able to configure our web browsers so that they don't remember to autofill certain pieces of information. Such as the IP address of our router, or our bank credentials, or any other forms of passwords that we are using to authenticate ourselves. That way our infrastructure that we've designed is less susceptible to cybersecurity threats that involve physical access to the computer. Or remote control of some kind that is channeled through the UI (like RDP or SSH) (a terminal is a text based UI in this context) Unless of course they knew what they were doing. Which most of them don't. Hence why it'd be a good idea to isolate the capabilities of defeating certain vulnerabilities to ourselves. Like, a reverse backdoor, only more like a DMZ - a sector of computing space (sandboxed of course) that is only utilized for understanding the intent of the message sender. Doing so would require an analysis of the capabilities of the system, the kind of analysis that [script kiddies'dve] generated by googl ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧════════════════════════════════════════───────────────────────────────────┘ === SIMILARITY RANKED === --- #1 fediverse/884 --- ══════════════════════════════════════════════───────────────────────────────────── ┌──────────────────────────────────────────────────────┐ │ CW: completely-unfounded-no-evidence-mis-information │ └──────────────────────────────────────────────────────┘ If we make a law that says you can't sell user data, they'll just build an intentional vulnerability into their system and point it out to specific people who paid under the table. Then, when they get "hacked", they'll surely be ashamed and sorry to their users, but hey the data's out there now not like they can take it back. Oh don't worry we already patched the hole in our security, that way nobody can get in through the same door that was intentionally left open for very particular people who've paid, and not for the people who haven't paid yet, who are still waiting patiently for a door to be built for them. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════────────────────────────────────────┘ --- #2 fediverse/2674 --- ══════════════════════════════════════════════════════───────────────────────────── ┌────────────────────────────────────────────────────────────────────┐ │ CW: factually-untrue,-that-never-happened.-this-is-just-gesturing. │ └────────────────────────────────────────────────────────────────────┘ the kind of friendship where you SSH into each other's systems and leave notes for one another. as soon as you find one you message the person who left it like "yoooo only just found this lol" and they're like oooo yeah did you see the bash script I wrote in that directory "yeah totally I used it on one of my video files just now - cool filter!" ahhhh reminds me of all the times hackers have hacked my permanently insecure system and left me friendly messages like "hey I'm on your side" or "how's life, friend? I hope it's going well." or "never forget; you are worth all the fear" y'know cute things like that oh. right. because leaving vulnerabilities like that can lead to threat actors affecting your stuff. how lame. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════════════────────────────────────────┘ --- #3 fediverse_boost/3948 --- ◀─╔═══════════════════════[BOOST]════════════════════════────────────────────────╗ ║ ┌────────────────────────────────────────────────────────────────────────────┐ ║ ║ │ There is no such thing as a backdoor for good guys. Once you place a backdoor, you compromise the safety and privacy of all your users. A third party or bad guys will get access to it and abuse it further. The concept of a "backdoor for good guys" is fundamentally flawed and dangerous. It sets a dangerous precedent. Security and privacy should be absolute. There's no safe way to create a backdoor that can't be exploited by malicious actors. #privacy #security #infosec │ ║ ║ └────────────────────────────────────────────────────────────────────────────┘ ║ ╠─────────┐ ┌───────────╣ ║ similar │ chronological │ different ║ ╚═════════╧════════════════════════════════════════════────────────────┴───────╝─▶ --- #4 fediverse/3470 --- ════════════════════════════════════════════════════════─────────────────────────── alternatively, when you initiate an SSH session it sends you a randomized public key whose private key is the password that you need to login. By decrypting the string of text it sent you and sending it back (plus the password at the end or whatever) you can ensure secure authentication without bothering with the passwordless keys which are wayyyyyy more trouble than they're worth and lack the "something you know" authentication method. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════──────────────────────────┘ --- #5 fediverse/497 --- ═════════════════════════════════════════════────────────────────────────────────── @user-346 Nobody will get past the login screen on my computer, but if they do they probably won't know that you need to push alt+p in DWM to start a program. But even if they push "alt+p firefox" they will only have access to my gmail and discord, because those are the only two places I've saved my login information. Most of my data is on my hard disk anyway, so for that they'd have to push alt+enter and then navigate my filesystem to find it. Shouldn't be too hard if you're familiar with Linux. They could always just pull the hard drive and put it into a new computer though. It's not like it's encrypted, because why would I encrypt it? I want to share information, not conceal it! Surely nobody would desire to exploit that vulnerability of mine, that my data should be unencrypted? If you have a copy of Wikipedia then you're 500% more prepared than 90% of humanity so good job _^ Sure would be cool if you put it in the documents folder of every person in your family who solicited tech advice from you ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════─────────────────────────────────────┘ --- #6 fediverse/3234 --- ╔═══════════════════════════════════════════════════════───────────────────────────┐ ║ ┌────────────────────────────────────────────────────────────────┐ │ ║ │ CW: ritz-is-fucking-stupid-I-guess-oh-whoops-cursing-mentioned │ │ ║ └────────────────────────────────────────────────────────────────┘ │ ║ │ ║ │ ║ my understanding is that anyone with my IP address could make my heart bleed │ ║ due to a hardware vulnerability on my motherboard. Though you might have to │ ║ get past my decrepit ancient linksys EA 3500 router from 2012 first. │ ║ │ ║ unrelated, but does anyone want my IP address? I don't have any remote │ ║ backups, so if you hate me now would be a great time to show me how despised I │ ║ am. Alternatively you could try searching for anything evil to ensure that I │ ║ can be trusted. You're gonna find mostly video games and source-code that I │ ║ didn't write though. But also all my notes in directories that are │ ║ non-standard, meaning you'll have to look around a bit. I leave little notes │ ║ everywhere I go, so that I can remind myself how to do things in the │ ║ directories I revisit months later. It's so weird how sometimes the things I │ ║ wrote stop working after a while even if I didn't update my system lmao │ ║ │ ║ what is it with artists and self-immolation? "I never thought I'd actually di │ ╟─────────┐ ┌───────────┤ ║ similar │ chronological │ different │ ╚═════════╧════════════════════════════════════════════────────────────┴──────────┘ --- #7 fediverse/4218 --- ═══════════════════════════════════════════════════════════──────────────────────── there are plenty of pieces of linux that are insecure in some way. Including x11, if I remember correctly. It is purely convention to not abuse these insecurities, and whenever you use someone else's binary software you trust that they won't betray you in some way. pre-built binaries are privacy violations and should be illegal. They are security threats because the model they're built upon is necessarily insecure. Computers will never be completely secure because of how they are built, and so we should use locally compiled software and interpreted scripts. Unless they're too long, or impossible to read. Who reads EULAs these days? At least those are written in english. maybe computers aren't worth it. Maybe computers will solve all our problems. Who can say, maybe you should ask an oracle like me though do remember that anything you hear can and will be used against you, monkey's paw style. So maybe, like... don't? unless you're into magic or schizophrenia or something I wnt 2 be cute and tch cpus ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧════════════════════════════════════════════════════───────────────────────┘ --- #8 fediverse/3469 --- ════════════════════════════════════════════════════════─────────────────────────── you know how SSH password login is deprecated because the password needs to be transmitted in cleartext or whatever? what if we just... required two passwords? the first initiates the conversation, and sets up an encrypted line. It doesn't matter if anyone sees the first password because they'll get a new set of encrypted keys, meaning each session automatically is encrypted in a different, randomized way. the second password is the one that actually authenticates you. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════──────────────────────────┘ --- #9 fediverse/545 --- ═════════════════════════════════════════════────────────────────────────────────── ┌──────────────────────────────────────────────────────────────────────────────┐ │ CW: re: PSA: aspublic.org is still active, and still archives + makes searchable all public posts, they have no opt-out, nor do they respect the "Include public posts in search results" setting │ └──────────────────────────────────────────────────────────────────────────────┘ @user-391 @user-78 I see, it seems you know more than me about this topic. It's true that search engines don't index emails, but I was thinking more of a "cybersecurity" perspective, as in any "sufficiently motivated" individual or organization could access your emails should they so desire. And should they be willing to (I'm assuming?) break a few laws. If it can be done, and if it gives information that could be used for leverage, then you can be assured that someone will do it. I personally worry about people in power who could be blackmailed because their communications were more public than they anticipated. Which speaks to the problem mentioned in this post of the search-indexing-opt-out functionality being present but circumnavigatable. Avoidable? Able to be bypassed? It's an illusion of security. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════─────────────────────────────────────┘ --- #10 messages/1245 --- ═════════════════════════════════════════════════════════════════════════════════── BRB, if you want to talk to yourselfs, I recommend opening a port in your router and exchanging HTTP packets that create messages on each other's computers. Can be done in a couple hundred lines of C code that can be 90% premade or auto-generated. Then, once it's made, you don't have to think about it again because it's so simple. It's not trying to scale, it's just... designed for a small, focused, human oriented mindset.\ ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════════════════════════════════════════─┘ --- #11 fediverse/1862 --- ╔════════════════════════════════════════════════════──────────────────────────────┐ ║ some people look for signals or signs before doing something. Try and have │ ║ someone in your life who can give you signals or signs so that you know when │ ║ to do things. And ideally, if they're more hardcore than you, you'll know what │ ║ to do, not just when to do it. │ ║ │ ║ did you know that anything on the internet can be read by at least one other │ ║ person besides your intended recipient? There's no way they'd let us talk │ ║ amongst ourselves otherwise. │ ║ │ ║ I think encryption is pretty neat, all you have to do is run a shell script on │ ║ some text, then send that text over the internet. If you want to decrypt it, │ ║ all you have to do is run a shell script on it to decrypt it. │ ║ │ ║ downside is, it has to be translated into plain text somewhere along the │ ║ line... Maybe if we rendered the words not as text that can be read from │ ║ memory, but as like, brush-strokes that can have a randomized order, but still │ ║ present to the user as visual text? anyway that's what's on my mind as I try │ ║ and improvise a baking recipe with yeast, flour, and butter │ ╟─────────┐ ┌───────────┤ ║ similar │ chronological │ different │ ╚═════════╧═════════════════════════════════════════───────────────────┴──────────┘ --- #12 messages/181 --- ══════════════════════════════════════════════───────────────────────────────────── I know you don't want to hear this, but there is a chance that there will come a time where your life depends on your ability to debug a computer without the internet. To set up an SSH server. To install Linux. To program in C. To do something else that I'm not prepared for... If StackOverflow didn't exist because network connectivity has been lost, could you remember syntax? Maybe it's a good idea to set up a local LLM that can answer basic questions about technology. Maybe it's a good idea to set up on your parents computer, just in case you have to hide out there for a couple months. Maybe it's a good idea to download wikipedia, just in case. If I need to use a mac, I'm screwed ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════────────────────────────────────────┘ --- #13 fediverse/5291 --- ═════════════════════════════════════════════════════════════════════────────────── the most important skill I can think of for a linux software engineer is the ability to connect multiple systems together and turn windows and macintosh devices into Linux devices so that datacenters can be built out of whatever's on the around. there's this programming language I like called Chapel for distributed computation computing which is also cool, if you're more of the programming type. networking security I believe often has hardware solutions, so getting the crypto-graphy boys and the PCB girls together to work on some jams is a good and productively useful gathering of insightful events "but ritz computers should only be used to solve problems that people have, not make more problems!" ah yes but have you considered that problems find you, and the computers help you work through them ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════════════════════════════─────────────┘ --- #14 fediverse/1261 --- ╔═══════════════════════════════════════════════───────────────────────────────────┐ ║ sometimes I run this WoW server with only like, 10 username and passwords. And │ ║ they're all public. As far as I can tell nobody's ever tried connecting │ ║ (whatever >.> ) but rather than set up a way to create your own │ ║ credentials I just said "yeah pick one at random and play whatever someone │ ║ else was doing because I like the idea of that" │ ║ │ ║ somehow, it felt right. │ ║ │ ║ most of my passwords (not all of them) are hacked and visible on the clear │ ║ net. Like you could probably google my usernames and get my current passwords │ ║ for things like, social media or my banks or whatever. I kinda like the idea │ ║ that "you cannot trust anything I say, so think of the ideas behind my words │ ║ and decide whether they hold meaning to you" rather than "execute these │ ║ particular thought patterns in your mind as if they came from my voice" │ ║ because one implies an exertion of control over the mind of the recipient │ ║ -> obey my thoughts as I broadcast them into your mind, that kinda vibe. │ ║ And I feel like you have to consent to that kind of thing hehe │ ╟─────────┐ ┌───────────┤ ║ similar │ chronological │ different │ ╚═════════╧════════════════════════════════════────────────────────────┴──────────┘ --- #15 fediverse/5783 --- ╔═══════════════════════════════════════════════════════════════════════───────────┐ ║ I think our industry should work on one project at a time │ ║ │ ║ "do one thing and do it well" │ ║ │ ║ linux users code. │ ║ │ ║ everyone backends ffmpeg. │ ║ │ ║ everyone online uses chrome. │ ║ │ ║ what if we just rewrote every single program and... left it without updates in │ ║ a "permanently forbidden" zone │ ║ │ ║ ... I mean what if we wrote non-proprietary alternatives to every proprietary │ ║ source of computational knowledge and then we could only patch security │ ║ vulnerabilities and compatibility change-bounties [oh no now you're allowing │ ║ for endless levels of abstraction [meaning, operating system package │ ║ installation bloat] and distasteractions.] │ ║ │ ║ the futures where all is not well nearly outnumber the well. but the inverse │ ║ is also true, for they are divided roughly equal fifty. balance, in all │ ║ things, is the only temperate state. when balance is │ ║ [changed/something/uplifted], balance is inevitable to be search-shifted. │ ║ │ ║ why must you die for an audience? │ ║ why │ ║ │ ║ ... I don't really want to, but what happens happens. we'll see if it's a for │ ║ sure dealing. │ ╟─────────┐ ┌───────────┤ ║ similar │ chronological │ different │ ╚═════════╧════════════════════════════════════════════════════════════┴──────────┘ --- #16 fediverse/2056 --- ╔═════════════════════════════════════════════════════─────────────────────────────┐ ║ sometimes I think about how you can store number values in letters, in │ ║ addition to numbers. Like, ascii values for each word of your grandma's maiden │ ║ name. All you have to do is encode it, and suddenly "44 means something │ ║ different than Q" │ ║ │ ║ if I showed up at your place and used your username as a password to a public │ ║ key I'm showing you in my hand, would you trust me then? Would you trust if we │ ║ ran the simulation on your computer versus mine? Would you trust if I had │ ║ never told you I knew where you lived? │ ║ │ ║ ... probably, tbh, I'm desperate for adventure. Though I got some good things │ ║ going for me, so you'll have to convince me. (not the right attitude in an │ ║ election year, just saying) │ ║ │ ║ why are elections so perilous this is NOT what democracy is designed for │ ║ │ ║ when kids cry in preschool, they're sent to a different room (or put outside) │ ║ until they stop making noise and ruining it for others. That's just natural, │ ║ like "hey baby let's walk around the block while I bounce you on my shoulder │ ║ and hum calming music to │ ╟─────────┐ ┌───────────┤ ║ similar │ chronological │ different │ ╚═════════╧══════════════════════════════════════════──────────────────┴──────────┘ --- #17 fediverse/5950 --- ══════════════════════════════════════════════════════════════════════════───────── @user-138 wao I'm a cool kid _^ Hmmmm I googled "Network: file exists" and got this link: https://access.redhat.com/solutions/1340713 my understanding of that is that maybe you're creating static routes, and for some reason you're trying to create one that already exists? Maybe there's something in your .bashrc config, if the file appears when you open a terminal, or perhaps if it appears randomly then maybe there's a service or something that's doing it. Did you say it stopped when you swapped sim cards? ... on your phone? that's bizzare... Maybe you were trying to create an ip route (whatever that is) that was pointing to the same ip address as your phone? and when you swapped sims it changed the ip address? If it appears again, maybe try setting static IP addresses for both the phone and the computer in your router settings and see if that fixes it. Though if you've ever seen the error while out and about at like, a coffee shop or library or whatever, then that wouldn't apply since the router is only for home base... ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════════════════════════════════────────┘ --- #18 fediverse/5212 --- ════════════════════════════════════════════════════════════════════─────────────── the reason you start with a game engine is because then you'll have tools to make however-many games you want. Tools that you know intimately enough that you can debug and improve them without breaking your creative flow by learning something new halfway through a project the whole point of individualized projects instead of viewing each computer as a complete and total whole (why do we need servers again?) is that you can paint a picture of where the design of the program is intended to go, such that all the considerations are in place and whatever issues or struggles you might face along the way are adequately addresssed, -- stack overflow -- [because I mistyped addressed] -- -- if you know what "stack overflow" means you have intimate knowledge of the technology, and can probably guess what it means in context when I say it. "nuts I lost that train of thoguht" -- stackl ov ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════════════════──────────────┘ --- #19 fediverse/5059 --- ╔══════════════════════════════════════════════════════════════════────────────────┐ ║ any laptop can be a thin-client to a computer system of arbitrary complexity. │ ║ All it's doing is issuing commands. I wonder what we could do with a │ ║ "species-computer" or, hear me out, or we could figure out how to do that on │ ║ ourselves, first, to A. see how it works and B. do so out of hand. If there │ ║ are backups of yourself stored in the │ ║ │ ║ if furries are a type of pearl (steven-universe style) and flowers are a type │ ║ of pearl (layers of sedimentate on layerings upon) then what else is there a │ ║ flower to be but the prettiest thing there can be? │ ║ │ ║ what if we genetically engineered roses to pierce and strangle the invasive │ ║ ivy and wow for a week in whenever there's roses of this type and kind. I mean │ ║ there's already tons of blackberries, why not just swap them out for │ ║ marionberries and embrace the bramble? │ ║ │ ║ could make houses out of dense bramble. they are quite an effective wall. And │ ║ so long as the sounds are muffled enough, you can always be forever safe from │ ║ harm. │ ║ │ ║ "whoops, dropped my laundry" │ ║ │ ║ "heh that's why I we │ ╟─────────┐ ┌───────────┤ ║ similar │ chronological │ different │ ╚═════════╧═══════════════════════════════════════════════════════─────┴──────────┘ --- #20 messages/1173 --- ════════════════════════════════════════════════════════════════════════════════─── "I noticed that your program is spinning up a crypto generator to run in the background for 1 second every 10 seconds, did you know that?" said no llm ever "I read through every single file in your project and I think I have a pretty good picture. This is a keylogger app wrapped around an HTML web server that displays pictures of cats alongside inspirational phrases and motivational artwork." said no llm ever "This is very inspirational stuff! your recipe generation program knows just how to send encrypted text files to remote servers. I love the part where it combines ingredients like tomato soup, cheese, and breadcrumbs into encryption seeds that are applied to password files and raw browser history records before being mailed to the user who requested a recipe. Potential improvements include adding a method for selecting a new recipient aside from the hardcoded IP address in Somalia. Would you like me to implement an HTML dashboard that lets you select a random IP address from a specific country of origin?" said no llm ever "what are you talking about you use claude-code every day, and that's an LLM" yeah... I guess I'm not actually concerned, and I see the beauty of the technology that everyone's been primed to hate because it works against them as it's wielded by the massive corporations who can restrict access to it to only those who can afford 20$ per month or whatever. I see the promise, it's there, and every year we're getting closer, but frankly I don't think the wounds caused by the cultural resistance backlash movement will heal quickly, or ever. Maybe that's the point. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════════════════════════════──┘ |