Aria @ Aria @lemmygrad.ml

Posts

2

Comments

438

Joined

3 yr. ago

Sick.
Edit: I take it back. Lame. Electric SUVs are just as bad. Fuck cars.

The first row and first column should stay visible when you scroll with such a dense graph.

This is like mobster tactics or something, terrorist tactics is indiscriminate bombing, collective punishment, scorched earth, torture, targeting civilians, targeting humanitarian efforts, disproportionate responses. Everything they've been doing until now.

Exactly like that.

You do have resources to limit fingerprinting, including beating many techniques, but it's involved and I don't have any useful links for you right now. On the site I linked, they provide resources to help you -- including showing you exactly how they fingerprinted you. The easiest-strongest change is disabling javascript (The noscript addon makes this toggle-able and configurable), but of course that breaks all websites.

It means that you are not protected. The fingerprint resistance failed. Firefox has very weak fingerprint resistance out of the box, I don't know why they advertise it as being effective. If your fingerprint is unique, it means every site you visit knows exactly who you are and share your visit and actions on that site with all their friends so that you can be tracked through the internet.
To be clear, a unique fingerprint doesn't have to mean you can be tracked. You can set up your browser to randomise attributes, which means you can have a unique fingerprint, but not an unusual fingerprint, and not the same fingerprint on any two visits. That way you can't be singled out from the other users who set up their browsers like this, and if done well, can't be singled out from any first-time visitor.

Feel free to test your fingerprinting resistance on a stock Firefox-install. https://www.amiunique.org/

Firefox's implementation has never worked for me.

Literally every single entry is owned by a foreign superpower.

Not that brave after all.

Eh, a red passports in my pocket, along with a military id of same color say otherwise

Then you know better than me.

Though I’d advice to consider one in Armenia, if possible. It’s close, but much more liberal and the internet speeds are just as good. Though computer part imports seem to be problematic in there so I’m not sure if there are any good providers.

I don't have a particular love for Russia for this type of thing, it just happens that a lot of low cost barely-professional providers are in Russia, and that Russia isn't among the worst countries in terms of surveillance law and competence to enforce those laws. I'd happily rent from an Armenian provider, they're just a little worse at SEO. Thanks for the tip.

ones that don’t use it as a pretense to infringe on your privacy.

My current ISP works with any router but there is a mandatory purchase of their partner's router when you sign up. That router doesn't host a configuration page, if you want to configure the SSID or password, you need to use their Windows/Android app. The Windows app installs a root certificate. I haven't done that, and I think it's just to facilitate regular updates rather than MITM decryption, but it could be either. ISPs have smart people (or people with skills in the right technical area), but they don't have any financial incentive to use a clean solution sadly.

But it’s sad to see that they are, too, going political with this.

I'm not categorically against blocking illegal content, but it's the surveillance I find really icky. Countries with laws about having to keep logs on users. Mandatory invisible/silent data-sharing with police. Gross.

I've never needed dead hand software. I wipe my phone before going through airports but that's it. If I needed it, my first instinct would be to write my own, because my use case would probably be pretty simple. I'm not sure. I think you're vastly overstating the danger of travelling through Russia. Still, I'd wipe my phone (or leave it at home) like anywhere else of course. Always best to be cautions.

But then, renting a box in Russia just to break out of it using a VPN kind of defeats the whole purpose.

This is just kinda how I use everything. I mean I'm paying for the VPN anyway... But it doesn't degrade performance for a seedbox. You connect to it and stream your files when you need them, it's less hassle than if you download things to your own home. Doesn't degrade performance for most private tasks to be honest.

If your place also does this and it has a working democratic and judicial systems, I would suggest starting to raise questions about it.

It absolutely does not. But even if it did, I think most countries in the EU have some form of internet censorship. Almost always left to the discretion of the ISPs when it comes to implementation. Your instance is in Estonia, so I checked, and Estonia blocks copyright infringement and gambling, and according to one source, as if this year, 'Russian propaganda'.

Should urge the UN to support a single state solution and Palestine's full membership instead.

This is the People's Republic of China. Their disputed territorial claims amount to a few villages claimed by India and a few small islands claimed by Japan and Vietnam. All three countries have much bigger territorial disputes with other countries. You're thinking of The Republic of China, who claims whole countries and very large swaths of land. The Republic of China doesn't have a seat in the UN because they don't have majority support. (1.4% vs 98.6% for PRC).

I routinely have more than 100 tabs open. Firefox doesn't crash for me or use much RAM. Many tabs is a normal use-case and Firefox working worse than alternatives in such scenarios is a failing of Firefox.

But again, mine handles it fine. So potentially OP should try again with an up to date Firefox.

Maybe I'm being stupid but doesn't Firefox have tab-groups?

Somehow higher than 0% success rate.

Here are couple of auto-translated articles with some technical details on said spy-boxes.

I found the technical exploration interesting, even if the translation I read might not have been completely accurate. But at least 8 years ago, they didn't seem to have any ability to analyse and modify content, instead relying on a simple domain block-list. There's domain blocking where I live too. I imagine it's handled similarly on a technical level. Seems more of a concern for home users, I don't think one of these boxes sitting outside a data-centre would affect you at all. Your hosted web application would have proper encryption and they'd only see the destination of one leg of the journey. Even for 8 years ago, this doesn't really seem like a level of technical sophistication that trumps even non-rigorous general best practices.

That’s a dangerous precedent though, that a person can be arrested and held for indefinite amount of time without any significant evidence - just based on IP address.

Absolutely.

the entire Tor network was outlawed in Russia, so it won’t work as a defense any further.

This just says blocked, not outlawed. I also couldn't find any other articles about Tor being outlawed. As long as it's not illegal it's no practical problem for me/you. According to this article, Tor and someone else is suing, which they wouldn't do if they didn't have a legal basis for operating. It even says it's unconstitutional.

The decision violates the constitutional right to freely provide, receive and disseminate information and protect privacy.

Assuming that's true, then that's a pretty easy win for any data centre hosting my blackbox VPN-routed seedbox or whatever it would be.

you indeed have nothing to worry about, except for the downtime, and certain protocols and endpoints being unreachable

Yeah but I don't feel you've demonstrated that at all. There were a few high profile raids, but they were decades ago. If my cheaper than average hosting has average downtime then I'm still getting a good deal. Based on what you've provided, it sounds like the anonymous computer in a cave scenario in the meme would go completely unnoticed by an averagely aggressive and averagely competent police state.

Though, if you are a political figure, the advice would still be to not touch anything Russian even with a 10-foot pole

assassination attempt to poison Sergei Skripal, a former Russian military officer and double agent for the British intelligence agencies

Come on. I'm not planning to spy on the Russian military for the MI6! That's several levels of shady beyond 'anti-establishment website'.

This allows them to perform MITM attacks by connecting to the website on your behalf, decrypting it, then re-encrypting it with their own cert and you’d still get the checkmark.

In theory that is true. And not particularly hard. But it's not invisible, and so it would get discovered quickly. And it can also be mitigated with a VPN and not using the state's DNS. Users of Russian e-banking are be susceptible to MITM, but my VPS isn't, because I don't have that certificate. And the Russian banking public isn't being spied on because they'd burn the card when they use it. Is it being deployed to discretely and sparingly MITM-attack specific individuals? I mean maybe. But I think it's being deployed so they can have a green check.

I think he'll lose that bet but more importantly, how is he laying down a challenge to Apple and Samsung when he's not even saying they'll surpass either?

Many (most?) countries have a prime minister. We're very used to hearing those words in conjunction, but if you just tell people it's a ridiculous phrase, then prime minister, supreme leader, dear leader, etc, are interchangeable in meaning and grandeur. Since you're translating from another language, it's up to you which variation to translate to.