/tech/ - Technology

How do enterprise software companies charge so much for their products when there are FOSS alternatives for them? It makes sense for applications used by end-users but I don't know why network firewalls, private DNS servers, proxies, VPNs, API gateways, linux distros, server monitoring tools and RDBMS systems need to be paid for. Do they provide a benefit that goes above and beyond their FOSS alternatives?

Palo Alto Networks' recent growth got me thinking about this. What do they do that their competitors or many other FOSS tools don't? I've also noticed that the prevalence of proprietary slop is much lower in development/devops than it is in cybersecurity and network administration. Maybe it's just my soydev bias talking, please correct me if I'm wrong.

Has the FSF or any adjacent organizations or companies tried to bankroll some hardware again? It mostly seems like some amount was thrown at the Lemote Yeeloong MIPS laptops, but also that they were only publicly sold for one or two years in 2011. Same thing with semi-endorsing the BeagleBone Black, but the SBC space has developed further since 2013 for better and worse. Imagine a RISC-V board flashed with Libre/Coreboot or OpenFirmware, that starts up an install of Guix or Trisquel. Or (switching from personal computers,) even that a "dumb" monochromatic laser printer that doesn't require deblobbing the firmware like Pine64's soldering iron.

i recently came to possess a printed out slide deck detailing an nsa collection program against telegram. i got it very accidentally, i live in a building with many national security-types and found the printout in the trash area. sounds crazy, not sure who's it was or why they took it out of a secure facility, but weirder things have happened. in a past life i used to work in government and even held a security clearance at times, and the program seems plausible to me. not going to post the slides themselves, don't want anyone to get in trouble, but i have no problem summarizing.

* the nsa collection program is called JUICYSTUFF. sometimes abbreviated JUST or JUST*. the program has buckets for different targets. JUSTRUMORS = russia, JUSTCHAOS = china, JUSTDISORDER = north korea, JUSTINSIGHT = iran, JUSTHAVOC = violent extremist organizations, JUSTMIRE = rest of world, JUSTSILENCE = telegram bots, etc.

* the program primarily uses two technical tools, TEMPTINGBAKE, sometimes abbreviated TEBA, and HUNTINGGLASS. both work by spoofing target users when interacting with telegram servers.

* TEMPTINGBAKE is the more sophisticated tool. given a telegram user id, it can collect the user's contact list, messages and media. it can only collect content accessible and readable on telegram servers so not things like secret chats. because its so sensitive nsa limits it to a few hundred targets per day. there are thousands of targeted users on TEMPTINGBAKE collection so most are collected every several weeks.

* HUNTINGGLASS requires a user id and additional telegram key information associated with the target user. nsa can usually provide this from other data holdings. it collects the same information as TEMPTINGBAKE.

* total telegram users targeted is in the 10s of thousands. tasking users is managed by an internal nsa jira instance. the target management aspect of the collection program is called JUDICIOUSHARVEST.

* nsa runs the program for the whole us intelligence community and the five eyes.

fair to have some skepticism about this, would love to see if any anons have heard of this program (i hadn't) or have ideas for figuring out accuracy. i hope the fact that this was printed means someone else out there with more knowledge is trying to get the word out. there's too much organizing that unfortunately happens on telegram not more secure methods imo, so i consider this as a warning. maybe telegram even tacPost too long. Click here to view the full text.

Mozilla is removing dozens of about:config settings in every firefox update. At this rate, about:config will be completely empty in no time
https://bugzilla.mozilla.org/show_bug.cgi?id=1773039

In 2024 reddit will introduce heavenbanning, the hypothetical practice of banishing a user from a platform by causing everyone that they speak with to be replaced by AI models that constantly agree and praise them, but only from their own perspective, is entirely feasible with the current state of AI/LLMs.

Do you use or have any opinions on for lack of a better term collaborative version control hosting websites? As non-registered user there seems to be constant issues with github search, excessive slow-downs, and of course there are concerns with over-centralization. However it seems to be one of the best places for marketing projects to others. Here are some collaborative version control hosts am aware of:

- Github: https://github.com
- Gitlab: https://gitlab.com
- Gitea: https://gitea.com
- Gogs: https://gogs.io
- Bitbucket: https://www.atlassian.com/software/bitbucket
- SourceHut: https://sourcehut.org

Some of these require self-hosting, or a paid service neither of which is my preference. Looking forward to hearing your responses.

you wake up and start checking out whats happening in the world right now: a bunch of big global events are going down that you cant really change. when you try to voice your disagreement about whats happening, youre told to shut up.

after that, you hop on a job recruitment website and throw in an application for a potential gig. but theres a good chance you wont get a formal rejection notice; and if you do, it probably wont explain why you werent picked compared to someone else. this lack of info leaves you wondering if the outcome was because of something you did or didnt do. after all, the flaw cant be systemic.

next, you check out an online dating app looking for some romantic connections.if youre a guy, youre probably sending out a bunch of messages, but youre not getting any replies. this leaves you wondering if you need to jazz up your profile or improve your messages, even though the reason for the radio silence isnt clear. after all, the flaw cant be with the app, just look at its popularity! its possible that your efforts just arent being noticed. on the flip side, if youre a woman, you might be flooded with messages, many of which are just plain inappropriate, misogynistic or objectifying. this unwanted attention stems from your gender, and no matter what you do on the app, you have to deal with it.

when you go to the grocery store to pick up some food, youre bummed to find out that a product you always buy is suddenly gone, and no ones explaining why. on top of that, items that used to be reasonably priced have shot up in cost. meanwhile, youre hearing reassurances about how strong "our" economy is. all of this happens without anyone asking for your opinions or giving you a heads up; its just presented as something you have to deal with, usually framed as being for your own good.

trying to use proprietary software for work, you find out its had a major update that changes a lot of the features you relied on. they say the updates are meant to make it better, and they want you to get used to the changes.

youre informed about an upcoming election, which happens every four years or so and is filled with claims about how important your vote and opinions are. youre assured that this election is super crucial, even the most important one in history, just like they said last time. even though the overall story suggests you cant really influence the bigger system, youre still expected to take part in decidingPost too long. Click here to view the full text.

Indiana Jones video game coming out soon. Think it will compete with skyrim?

I need a good portable music player, so I don't rely on my phone for audio. I already have a quad-driver IEM, hence a good one with a good card is necessary. I will definitely buy it used, so make sure it's affordable and under 100 Euros. For products over 100 Euros that are worth it please mention why.