Syn_Attck @ Syn_Attck @lemmy.today

Posts

1

Comments

317

Joined

1 yr. ago

What's the alternative that everyone has and you can make a new one without much issue or privacy infringement?

SMS

Facebook

Telegram

WhatsApp

Signal

Session

XMPP

Matrix

We still use email because it's ubiquitous. Boomer to Zoomer, everyone has at least one email address.

State-assigned unchangeable passwords that you hand out to 20-100 companies throughout your life (every job, every loan, every credit card, every financial account, every background check, every...)

This was 70 million people in 1 breach.

Keep in mind there are only 340 million people in the US, many of which are under 18.

We need a better system.

https://en.m.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach

The Office of Personnel Management data breach was a 2015 data breach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained by the United States Office of Personnel Management (OPM). One of the largest breaches of government data in U.S. history, the attack was carried out by an advanced persistent threat based in China, widely believed to be the Jiangsu State Security Department, a subsidiary of the Government of China's Ministry of State Security spy agency.

In June 2015, OPM announced that it had been the target of a data breach targeting personnel records.[1] Approximately 22.1 million records were affected, including records related to government employees, other people who had undergone background checks, and their friends and family.[2][3] One of the largest breaches of government data in U.S. history,[1] information that was obtained and exfiltrated in the breach[4] included personally identifiable information such as Social Security numbers,[5] as well as names, dates and places of birth, and addresses.[6] State-sponsored hackers working on behalf of the Chinese government carried out the attack.[4][7]

The data breach consisted of two separate, but linked, attacks.[8] It is unclear when the first attack occurred but the second attack happened on May 7, 2014, when attackers posed as an employee of KeyPoint Government Solutions, a subcontracting company. The first attack was discovered March 20, 2014, but the second attack was not discovered until April 15, 2015.[8] In the aftermath of the event, Katherine Archuleta, the director of OPM, and the CIO, Donna Seymour, resigned.[9]

I assume so from what they've said in this thread. Normally I'd say someone just needs to develop thicker skin but a lot of lemmings are perpetually online so I wish JoYo Peace, Pussy (or dick), and the soft touch of grass on a spring meadow morning.

Seriously though if you can't handle your opinions having downvotes, practice makes perfect. You shouldn't shelter yourself from downvotes JoYo, just embrace them and realize you don't need to prove your ideas to anyone but yourself. Look at my comment history, it's a mix of +5-50 and -5-50 (tbh mostly 0s and 1s). People will disagree with you in life, and the answer is not to go on the attack. Take the criticism and accept it or don't, and move on. But if you're getting constant downvotes, always, then there's a reason for it - probably the thing you're obsessed with and keep posting about. If you constantly post about MAGA saving us and the second coming here on Lemmy, you're gonna have a bad time.

Edit: their downvote ratio isn't even bad.

Oh JoYo, my sweet summer adult... conversation and finding common ground is what builds relationships.

Sorry for the long comment I was just saying what I gadda say in the first.

Yeah I went overboard.

Good luck getting into my phone!

That's what I was referring to. I'm glad you live in a country where that scenario seems movie-like but I live in the land of the free.

Oh, you were speaking of the permission not installation method. I missed that. Thank you.

Edit: @Pantherina@feddit.de can you clarify.. you mean "All files access" right? https://gofile.io/d/GnG330

Man sitting at library table: tap tap tap tap tap

Couple behind him: starts arguing violently, creating massive distraction

Man at table:

Let me know how that Killswitch on your phone works, hope you configured the power button shutdown press time from the default 10 seconds to 2 seconds, because SWAT can throw a flash bang through your window and have their boot on your neck before you're able to navigate the shutdown screen.

Note: I am in no way siding with any government agency, only stressing that they know about encryption, and their goal is to get you on the ground before you have a chance to shut your phone off. Even if you do manage to turn it off in time, hopefully your phone has the latest and greatest in anti-coldboot technology. I don't know that GrapheneOS or any security mods wipe RAM.

I want to point out how similar this is to the FYES arrangement which allows close allies to spy on each other's citizens to skirt the legal blocks of a country spying on its own citizens. This allowed Facebook to honestly say (from a legal standpoint) they didn't read/use private messages for ads. Because they didn't say they didn't sell private messages to other companies for tons of $$$, and let them do the reading and advertising.

Let's not forget how similar Facebook is to a CIA program that ended from public scrutiny only a few years prior, and how much involvement Facebook now has with US Government entities.

If the CIA (or just Facebook) wanted to

• Kill budding decentralization concepts and
• Cause overload to the system while Facebook retains ultimate control once everyone gives up or only a few small instances are left

Threads is how it would be done. Interesting naming coincidence too, as pulling a thread causes the entire garment to become structurally compromised.

Let's not forget how similar Facebook is to a CIA program that ended from public scrutiny only a few years prior, and how much involvement Facebook now has with US Government entities.

If the CIA wanted to kill

1.) Budding decentralization concepts and

2.) Cause overload to the system while Facebook retains ultimate control once everyone gives up or only a few small instances are left

This is how it would be done.

I assume they want it to hide their # of downvotes from their self.

Session installer?

Edit: Just checked, it's on session installer, I don't recall changing it (I remember it walking me through it) so it must be the default or at least recommended.

I don't know, I assumed it was HTTPS vs. HTTP or the way auth tokens are gathered (using your phone to do it instead of their server, possibly linking to your Google account and risking a ban), but since they're both unavailable when the One isn't working it makes me question that assumption. I'm sure someone else can answer.

Thank you

Mayhaps. It would make sense.

James Thurber described White as a quiet man who disliked publicity and who, during his time at The New Yorker, would slip out of his office via the fire escape to a nearby branch of Schrafft's to avoid visitors he didn't know

reasons

Considering this was 1956, I would imagine "secret reasons" was used where we would use "personal reasons" today.

Or Mr. White was drunk.

My thinking was more along the lines of old vulnerabilities in VLC (specifically codecs/implementation) exploiting a set of the most commonly sold TVs, and spreading via torrents. If your malware group can target 6 models of the best selling 5 year old TVs and spread via torrents and then infecting video files, which spread over Windows networks and keep infecting video files, it could be a good few million device strong botnet.

Seems more like something an APT actor would focus on because the effort:reward ratio isn't there for most groups, and it would take a lot more effort than the MicroTik botnet or other compromised router nets.

I'm hesitant to run any outdated network-connected devices on my (read: the one my personal devices use) network. The only older model device we have running is a brother printer but it still receives firmware updates, and it's segmented so printing is never done directly from anyone's device, it's hooked up to an old laptop running a simple custom web server that accepts files and puts them in the printer queue, and tunneling and DNS are configured on the router, if someone needs to print, they go to [thenameoftheprinter].com in their browser and upload the file(s) and it prints. Devices without access to the guest network can print with Bluetooth, it just requires opening the laptop and pairing and manually printing.

But that was born out of issues of compatibility with the printer running on the guest/kids network, and not wanting to plug it directly into the router or use the Brother apps more than "This printer is older, must not have direct network access."

You should edit the title because most people aren't going to click through and read, they're just going to assume the title is correct.