/tech/ - Technology

>>29815
usable still. lately i've been compression bombed a few times by some tor nodes, which i had to blacklist. if this is happening to you, you will see so in your tor log.

>>29816
It's dramatically faster than remember it.

>>29815
>>29816
>>29826
So far the only trouble has been XDA, a random softs site, and https://fonts.google.com/icons.

>>29815
Very usable tbh. I remember when I first tried it 10 or so years ago it was too slow to even consider for anything other than if I absolutely wanted to go to an onion. Now I think I could get away with using it for every website that doesnt demand an account. Note the word demand, think Normiebook and the like

Tor posters are all Peruvian.

>>29187
This is optimistic, especially because of the "begging for since wikipedia was a thing" component, but a good post.

As a creative, I have no issues with AI. Music wise, the entire music industry is fucking garbage at the moment and honestly. Stuff hitting charts as music is honestly worse than alot of the AI songs i've heard, like that hh song by Kayne is genuinely a shittier, less funny, racist shock song than the stuff /pol/ generates. What I hope is that AI actually raises the bar a bit for what is acceptable music to be presented by an actual human for mainstream consumption.
Imagry wise? Digital art is all fucking garbage anyway, who gives a shit? I enjoy the novelty though of /tv/ turning everything into ghibli.
only annoying aspect of AI so far is that it's made everyone who can't debate online lean on it heavily, and present arguments that come off like a fedora tipper writing with a fucking quill, sea lioning the shit out of you.

>>29876
>What I hope is that AI actually raises the bar a bit for what is acceptable music to be presented by an actual human for mainstream consumption.
Why would it? How is shitty AI art inspiring anyone to make better real art?

>>29877
>Why would it? How is shitty AI art inspiring anyone to make better real art?
Art at the professional scale is a collaborative process usually. There have long been tools to "cheat art" by just animating or redrawing models someone else made and you posed or whatever. AI art is just shit. There are some extensive methods to get better results, but at a certain point, maybe you'd be better off just using some older methods. Maybe some of those methods combined with the AI even. I don't know, I've never seen any of this shit that was really at a professional grade yet. We'll see.

>>29877
If your dogshit song can be done better than fucking garbage AI, then maybe you wrote a shitty-copy paste lazy track.
I'm genuinely hoping that AI sends every hip hop artist and pop musican to the unemployment line. Maybe some genres that AI will struggle to actually copy (progressive genres, psychedelic genres, layered/complex genres, music that skirts multiple genres) will actually come back to the forefront.
AI won't be creating the next Dark Side of the Moon or Nothing Lasts But Nothing Is Lost or Closer so why should I care if a bunch of slop that has been strangling the industry for decades dies off because people will equate it with AI?
Even if artists use AI, if they make a good song, why should I personally care?

>>29804
Dope

>>29804
I remember pushing my obsidian "vault"–I imagine they're trying to do the thing discord did where they make a word mean a thing it doesn't mean, like "server = guild"–to github for a while before microsoft bought github, I should make a notes repo in codeberg because I found out codeberg was pretty easy to push to because it doesn't bitch at you to phone factor authenticate.

>>29789
I used to do that too but now I use org-roam. It's very nice too

>>29756
I use Emacs, markdown and git. I should use org-mode instead because it's more powerful but I need to learn it first. I haven't much looked into it but it seems easy enough. I also use pen and paper. By the way, is there any good open-source notetaking apps for Android?

>>29868
logseq is available (both markdown and org compatible) only down side is the file navigation compared to obsidian.

Cleaned up the CSS a little more. Need a solution to dynamically make the groups take up less of the screen.
Something to do with flexboxes no doubt.

>>29831
>Something to do with flexboxes no doubt.
Had the idea that when clicking the expand also expanding horizontally to fill the width of the body; so implemented this.
Also setup the flexbox stuff, so if the screen is small it takes full, otherwise it attempts to divide into thirds and flex-grow: 1;
Next up are the SVG icons, Websocket scripts, (backend) group specific calendar, (backend) combined groups calendar, and (optional) trash can.

>>29867
Got the SVGs dialed in and then decided it was better off with simple text buttons.
It seems to look best in landscape on mobile atm, though in general mobile is not entirely well supported.
Namely there are issues with the menu button overlapping the content and making it inaccessible.
Not sure about the best way to go about fixing that is.

Also wrote some checks to see if the user is a member of a group before displaying it to them.
And also to add them automatically to a group if they're creating it.
And another set of checks to make sure only the creator of a group can edit it.
And to make sure there aren't duplicate members or subgroups.

wish could have thought of something more interesting to make than a calendar forum.
Might have much more motivation to complete it if this was the case…

>>29873
Had several ideas for something like https://memex.garden (before knew of it), a microEmacs, an RCS chat.
Probably a skill issue that what was implemented was only a calendar and forum in python.

I find the fact that this same thread topic keeps popping up over and over with OP always having the exact same opinion very suspicious.

>>29800
Most of the AI threads are negative and/or express something different don't they?

>>29801
Not recently (post-4chan shutdown).

It is oversold and used in use cases it is a bad fit for. A good example would be AI upscaling where instead of artifacts from algorithmic upscaling, the visuals dive right into the uncanny valley even with professional AI upscale jobs like the Aliens 4k upscale where mouths melt in and out of existence as the AI slaps on body parts on objects it can identify.

>>29757
I hate AI because…

>Capitalism leads to layoffs whenever they can replace real workers with AI or robots. But the capitalistic system is not going anywhere because of AI or robots.
>Some people are too reliant on it and they can't think independently. Too many mistakenly think that AI doesn't have biases
>LLMs can be used to generate spam or disinfo.
>According to some studies, LLMs can be more persuasive than many people realize, even thought it could hallucinate wrong or inaccurate things.

>>29735
Mhm, such individual adventures oftenly result in a silent punishment and being forgotten. If Luigi's act was seen as heroic for some, we'd have more of CEO's getting assasinated.. only at rare moments in the history we had a revolutionary ethos being present in the society.

comrades… you needn't be so narrow minded.

i'm at least going to share secret research with the org im in (not saying which rn) to help with our analysis and publications. already looked into the legal ramifications based on my jurisdiction and worst case scenario i could tank it.

now i'm just thinking of how far i could take it. there's at least a couple of OAuth-secured WAN-facing systems which host most of the reports and data they produce, but the real juicy stuff is internal investment controls and confidential company disclosures gated behind higher levels of authorization. like my bosses' boss or one of the business senior leadership. obviously getting someone else's credentials would make this a lot more serious and punishable but if i pulled it off i could give others access without compromising myself.

i realized the token in old log file idea wouldn't work but if the Oauth does succeed it gives a long-lived refreshing cookie which is what id really want. i cant push any code that would go through VCS but i might be able to get a compiled test version of an app sent to someone, with something baked in that would quietly copy all the headers i need to a drive where i could get it before anyone notices.

there might be easier ways. people around the office leave computers unlocked unattended sometimes. support and various people pass around scripts they don't look at. getting access to someone's email higher up would be interesting too but not sure how i would do that. i'm wondering if any of you have other creative ideas or advice

why don't you just introduce some kind of "bug" that ignores bullshit bank charges to make it stop stealing money from poor people?

>>29735
This. Even worse than Luigi. Luigi at least killed a mega porky. This would do nothing.
>>29751
I'd really advise against this. You already have access to investment info, no? This is already worth quite a lot. Why jeopardize it by doing something like this?

>>29752
It would be very hard to introduce something persistent like that into production systems. Anything that directly hits their money will be a one time thing they might revert. Also I'm closer to the institutional clients side, other huge corps, not retail which is like regular customers. But idk I'll need to think more

>>29754
Because I know I can do more. Why are you guys being such boring pussies about it? I just need to talk to a leftist actually knowledgeable in cybersecurity

>>27788
>the only thing that matters is that
the only thing that matters is that communication through cock.li is objectively more secure than riseup

>>27788
>don't you think that using a service that is more popular draws less heat to (You) individually?
Absolutely not.
German law enforcement requested the totality of Riseup donators infos to the payment processor back in 2017.
Cockli is under 'attack' because they are big and popular.
Windows get more CVE per year because they are more popular

>there is no difference to the user if their PGP encrypted messages are stored in plain text or encrypted, you shouldn't trust your security to a third party if you can avoid it
I agree
But why are you saying "the cock.li TOS is "don't do crime" and they won't ever know you're committing crime since the e-mails are encrypted" in the same post lmao?
They both do. You should use GPG on both.

>BUT, from a purely functional perspective, cock.li is objectively superior to riseup when it comes to protecting your privacy, if you're serious about security i'm sure you'll understand why it's preferable to lock your door with an ugly key rather than keep it open
Again, I don't think you understand who's using riseup. Hint: Not internet schizos who think the CIA will target them specifically like 99% of cockli users (the other 1% are doing cybercrime or CSAM)

Post too long. Click here to view the full text.

>>27802
>cock.li is being threatened with closure by glowies
<riseup continues to operate with absolutely no pressure from the powers that be
this was supposed to be a dig at cock.li? if riseup actually threatened them like cock.li they wouldn't be this comfortable, plus the fact that they want to crack down on cock.li shows that it's a service that serves your privacy well, otherwise they would attempt to infiltrate and subvert rather than shut down
i rest my case

>>27803
They are not threatening Cockli with closure. Vince wants to close it if they try anything. Not the same thing.
It's understandable but some people would prefer to keep being reachable as it wont change anything for them (GPG use + metadata being already spied on anyway) and they may need it as it's their only mean of communication with some people (like a journalist and his source, just for example).
And it may not even be true at all, for all we know maybe Vince is just trying to grab a few $. I hope not but it's a possibility.

>riseup continues to operate with absolutely no pressure from the powers that be
They were under 2 FBI gag orders a few years ago. Idk but that's some pressure.
Now they have onions, end to end encryption (irrc) and still push people to use GPG and keep ransomware operator at bay with their invite only system, that may explain why they have less pressure.

Again, please stop acting like you don't understand that. I think, I hope (as you said you work in infosec), you are just -acting- stupid.

Could I get a code too?
[email protected]

>>29719
Migrating passwords also means the only thing not on my Linux box are my notes (for now).
Think this is all pretty basic OPSEC; not sure what a more serious dedication might look like.

>>29720
>not sure what a more serious dedication might look like.
Basically separating a public persona (billing), from disjoint private personas.
Obviously the disjoint aspect is what's most tricky about setting this up.
Browser fingerprinting and IP logs means this effectively requires onions.

>>29716
In the imperial core your baseline threat model always consists of automated data collection and the real-world places it feeds back into. This means you can either give up and hope you're median enough to effectively fly under the radar or always apply your best to remain private, anything else puts you at an unnecessary risk. Compromises, especially concerning financial services, are natural, but privacy should never be given up lightly.

I save all my passwords on an encrypted partition btw, this is my generator script:

#!/bin/rc
if(~ $#* 1) {
	c='A-Za-z0-9$~&%[{}(=*)+]!#`;:,<.>''"@^/?\|\-_'
	k=$1
}
if not if(~ $#* 0) {
	c='A-Za-z0-9$~&%[{}(=*)+]!#`;:,<.>''"@^/?\|\-_'
	k=32
}
if not {
	c=$1
	k=$2
}
dd -if /dev/random|tr -cd $c|dd -count $k -bs 1

>>29727
>median enough to effectively fly under the radar or always apply your best to remain private
Am not doing this currently, to fix it would require onions in a chroot as was suggested to me.

>this is my generator script:
Shell is alien to me, but the lack of libraries and terseness is nice.

>>29742
you can easily adapt the script to posix shell, just change the argument checking and replace plan9 dd with anything else

>>29503
It does seem like an excellent client, and was thinking even KurobaEx-beta was pretty good.

>>29505
Just saw the chan for the app is hella crazy

>>29502
Using this for few weeks. It is good; albeit the absence of good themes

>>29709
>>29502
Forgot pic

>>29502
Nice find. It will take time for me to adjust but this is awesome to see a whole new app to post on mobile.