LainTrain @ LainTrain @lemmy.dbzer0.com

Posts

12

Comments

2,083

Joined

1 yr. ago

Voicing lines/acting is all tedious to me unlike programming :3

Tell your wife, her parents, and anyone else who will listen, then call the cops and complain of harassment and get a restraining order on her.

Idc where you live but there's many places where lesbians in this situation will be treated as men and you don't want it to ever get to that point.

She's a teenager, teenagers who seek to ruin the lives of adults should rot in prison for life, they are not dumb, they know what they're doing, especially if their way of doing so is abusing their victim status under the patriarchy to their own advantage.

Ty

I made a PayPal account like 20 years ago in a third world country. The only thing you needed then is an email and password.

I have no real name on there and no PII, technically my bank card is attached but on PP itself there's no KYC. I think you could probably use some types of prepaid cards with it if you want to avoid using a bank altogether but for me this wasn't an issue, I just didn't want my ID on any records, I don't have any serious OpSec concerns otherwise.

I'm sure you could either buy PayPal accounts like this if you needed to, or make one in a country that doesn't have KYC laws somehow.

From there I'd add money to my balance and send money as F&F. At no point did I need an ID so in that sense there's no KYC.

Some sellers on localmarket were fancy enough to list that they wanted an ID for KYC, but I'm sure you could just send them any random ID you made in paint from the republic of dave and you'd be fine.

TG is Telegram but you got the rest of it right

This wasn't a thing until like 2 years ago and I've no idea why it's become a thing at all. I've never once had the desire to donate to some "creator" on the internet nor known anyone who has.

I think the principle could be applied to scan outside of the machine.

It is making requests to 127.0.0.1:{port} - effectively using your computer as a "server" in a sort of reverse-SSRF attack.

There's no reason it can't make requests to 10.10.10.1:{port} as well.

Of course you'd need to guess the netmask of the network address range first, but this isn't that hard.

In fact, if you consider that at least as far as the desktop site goes, most people will be browsing the web behind a standard consumer router left on defaults where it will be the first device in the DHCP range (e.g. 192.168.0.1 or 10.10.10.1), which tends to have a web UI on the LAN interface (port 8080, 80 or 443), then you'd only realistically need to scan a few addresses to determine the network address range.

If you want to keep noise even lower, using just 192.168.0.1:80 and 192.168.1.1:80 I'd wager would cover 99% of consumer routers.

From there you could assume that it's a /24 netmask and scan IPs to your heart's content. You could do top 10 most common ports type scans and go in-depth on anything you get a result on.

I haven't tested this, but I don't see why it wouldn't work, when I was testing 13ft.io - a self-hosted 12ft.io paywall remover, an SSRF flaw like this absolutely let you perform any network request to any LAN address in range.

I think communists and socialists and anarchists and broadly leftists do argue for cooperatives and workplace democratisation.

The reason they maybe don't do it enough is because those businesses in our present environment will get beaten by exploitation mostly.

Co-operatives by nature will sacrifice profit for employee conditions because they have more stakeholders (and shareholders) to be accountable to. Lower wages through exploitation will tend to reduce costs and allow the capitalist businesses to drop prices, and outcompete opponents and secure more investment capital due to higher market penetration, which will allow them to invest in their business, incl. Marketing and product development, and outcompete the more fair sustainable business, until they corner the market and can jack up.the prices and bleed consumers dry and push for laws/lack thereof to exploit employees and cut costs further.

https://www.bleepingcomputer.com/news/security/ebay-port-scans-visitors-computers-for-remote-access-programs/

I can't edit a removed comment, can I?

Do you think it's a good idea to remove valuable information because the person who said it is an asshole, or can we maybe move past trying to fit our egos into ones and zeroes?

Thank you. I play my part in the world the only way I can.

Yeah, something like that. I'm a sheltered little piss baby. But I'd like to know the rationale.

Thanks for your input! What I'd love to know is what are those people into, if not tech? If they don't know any "nerds" then who do they know and what do they talk about?

Well, I'm glad you know about it now, but let's be real nerds won't shut up about it, so there are plenty who do know but choose not to.

That said, I see no way under a capitalist framework to justify Google being forced to explain to users that they can use F-Droid and what the benefits are, nor do I think such average users will understand an explanation or choose to not ignore it and enforce them to word it such that it doesn't end up doing nothing or the opposite.

The only hoop is one setting to enable third party app installs afaik, possibly also turning off play protect.

Idk at this point it's like saying that changing the TV channel is a "hoop" because it requires a button press.

Not defending Google either, every time I install an app from F-Droid it prompts me to "Turn on Play Protect" to "improve security" with an obligatory dark pattern to boot but honestly if someone can't navigate a simple dark pattern idk how they get dressed in the morning or know truth from fiction.

Yeah sorry already edited the comment. Feels like my grammar has gone to shit lately.

Whole place glows like it's bioluminescent at this point.

A shame really.

I really liked being able to buy Monero with PayPal on LocalMarket and sellers always used TG, bit of a scam exchange rate wise but well worth it for small domestic DNM orders without fucking with KYC data harvesting ops like exchanges etc. and then have to mess with atomic swaps and whatnot just because the gov't fascists-in-chief used my taxes to ban BTC ATMs from back in the day.

I imagine the sellers used this to launder money they made as vendors on DNMs or some such enterprise.

Websites you visit can port scan your entire network bypassing most firewall rules and NAT. Your phone tracks your notifications and keystrokes and builds data models from both.

People love it though. Or they hate technology. Anything but hating corporations and the rich that gives them that sweet sweet dopamine