activistPnk
@activistPnk@slrpnk.net
- Comment on E-Mail with own domain 2 weeks ago:
PM’s apps perform the encryption on your own device because it’s your device that runs the apps. That is e2ee, but still only in the two scenarios I mention and even then it’s also vulnerable to targeted attack. PM could ship malcious j/s if it wanted (the likely case being to comply with a court order). It’s better if your own non-j/s FOSS MUA handles the crypto, which is actually easier if you don’t use PM.
If mailbox.org works the way anonaddy works, then that’s not e2ee. The msg payload is seen by the server that does the encryption, in the very least. The sender’s ESP would have already seen the msg.
- Comment on E-Mail with own domain 2 weeks ago:
Indeed, which is more reason to not blindly block dynamic IPs.
- Comment on E-Mail with own domain 2 weeks ago:
Consider self-hosting HALF the service. Something like this:
Outbound
local Postfix on dynamic IP → relay (optional) → recipient
You can configure Postfix to use a relay depending on the recipient. E.g. if you need to reach
alice@outlook.com, MS will reject your dynamic IP. But if you havebob@outlook.com, you can tell Postfix to relay via MS servers using yourbob@outlook.comaccount for all *@outlook.comrecipients. And yes, you can still use a different vanity address in the FROM: field, likeGobbel2000@nerds.org, if that’s what you want to be known as. You can freetype whatever your want as the from address if you use a good MUA like mutt.Inbound
(your acct @ rise-up or disroot.org or danwin1210.de) → POP3 onion → local Postfix → dovecote or procmail → local files read by your MUA of choice
You avoid a lot of complexity and labor by not maintaining a WAN-facing server. Though you still have a fair amount of effort in configuring your junk, you need not do all the configuration up front. You can do it on a per-outbound msg basis to spread your config effort out over time.
You can even hack postfix to send over Tor. And you can make it possible to support *onion email addresses, which is something that no non-self-hosted service offers.
When I email someone for the 1st time, say it’s alice@someunknownneverseensvc.xyz, I first configure my mail server to relay to
@someunknownneverseensvc.xyzover Tor. If that fails (and it often does), I configure Postfix to directly send to that server from my dynamic IP (or VPN if I have that running). If that fails, then I can cave in and compromise my privacy by relaying through a 3rd party, if I choose. If I really want to send the msg but I really do not want an additional MitM, I may be able to create an acct on@someunknownneverseensvc.xyzand use that as a relay.This approach relieves you of the reliability problem… you need not maintain a server always online and listening. But of course you lose some privacy because all your inbound traffic is seen by your ESP. At least you can potentially cut out your ESP on outbound mail.
- Comment on E-Mail with own domain 2 weeks ago:
side note: downside is, your data there is more snoopable, less so with something like proton.
Can you elaborate? AFAIK, Protonmail only gives e2ee in 2 rare situations:
- Both parties use PM
- The non-PM user has a PGP key and the PM user is competent enough to add the key to their PM address book. (This is where Hushmail is superior to PM, but HM is not gratis)
In all other scenarios (no e2ee), PM traffic and data-at-rest is just as exposed as conventional non-PM.
- Comment on E-Mail with own domain 2 weeks ago:
True, but sending from a static IP that is linked to you yields less privacy. I’ve decided: fuck these email recipients who demand I compromise privacy in order to give them the convenience of relying on IP reputation. Sure, google and MS servers refuse email from me, but I prefer that anyway.
- Comment on Tomato: Software that aids community based organizations in redistributing resources. 2 months ago:
They apparently stole the brand of a FOSS router firmware (an openwrt alternative).
- Comment on Why aren't Linux based mobile OSes more popular? 3 months ago:
Corporations certainly would bend to consumer demand if consumers were wise enough to boycott and make demands. But the question is whether consumer wisdom would ever advance to scale to make that happen. I think I have little hope of seeing it in my lifetime.
- Comment on Why aren't Linux based mobile OSes more popular? 3 months ago:
There are 35 million Mexican adults (38%) without a bank account. So living unbanked is at least an option.
Nonetheless, it’s interesting to hear that all banks in Mexico are digital and that not a single one offers offline service. And that not a single digital bank offers logins w/out 2FA, or 2FA by SMS (which includes feature phones), or 2FA by using a card reader. If all that is true, consider posting about it in !smartphone_required@lemmy.sdf.org.
- Comment on Why aren't Linux based mobile OSes more popular? 3 months ago:
This is extremely reductive and oblivious to the actual realities of banking in various countries.
I think you will be hard-pressed to find a country that does not have a single bank that does not require a smartphone. If you find such a country, plz post about it in !smartphone_required@lemmy.sdf.org and send me the link. Then we may be able to make a case for ppl in that specific country not being boot-lickers, if at the same time being unbanked is illegal.
If you think it’s easy to be “unbanked” then I would suggest that you try it yourself first.
I am doing that, in fact. 5 creditors are threatening lawsuits for non-payment after refusing my cash. One took me to court and it was an easy win for me. I just pointed to the law.
- Comment on Why aren't Linux based mobile OSes more popular? 3 months ago:
It’s banking:
The army of corporate boot lickers in the mobile phone context is largely composed of people who think banking on a smartphone is wise, despite the attack surface and despite the bank being empowered to monitor their customers more closely. Banking apps is the most significant culprit for gluing people to Android.
- Comment on Does the USPS, FedEx and UPS give a crap about weed shipments since Hemp sprayed with th same terpenes and looks the same as weed has been shipped legally for 9 years now? 2 years ago:
Interesting lesson in this story:
Pkg with contraband was intercepted, documented, all needed warrants secured. Pkg is delivered while the house is staked out by LEOs. Sometime after delivery (a day later, iirc) they bust in, find the pkg, and arrest. The pkg was sitting just inside by the door, unopened. Defense argued “my client knows nothing about this unexpected package. Who’s to say the sender wasn’t framing the recipient?” So he obviously got vindicated.
So there’s a game of timing. Recipients need to be given the chance to open the pkg and react by calling the police. Not sure how it goes if you consume it immediately after opening and burn the box.
- Comment on Does the USPS, FedEx and UPS give a crap about weed shipments since Hemp sprayed with th same terpenes and looks the same as weed has been shipped legally for 9 years now? 2 years ago:
To be clear, the spores are perfectly legal. You can mail order spores that come in saline solution in a syringe without trouble. The businesses selling that are smart enough to not use media mail, which of course crosses a line.
The nuance here is you said “kit”, which suggests everything you need for growth and thus intent. Maybe you’re right on that bit. Buying everything separately would require surveillance to put all that together that you have a kit, in effect.
- Comment on Most motorists want noise cameras installed to clamp down on loud cars 2 years ago:
@Lhianna@feddit.de did not say which rights were at issue. Sleep is proven to be essential for survival. It’s also important to livelihoods. Sleep deprivation is also a common torture tactic. These rights are enshrined in the Universal Declaration of Human Rights.
- Comment on Most motorists want noise cameras installed to clamp down on loud cars 2 years ago:
I think not. But then I’m not living in a wealthy part of town. It only takes one of those little fuckers to wake up 10,000 people.
- Comment on Most motorists want noise cameras installed to clamp down on loud cars 2 years ago:
I’d far rather deal with the noise than having yet more surveillance.
My cognitive dissonance triggers on this point because one of the reasons I cycle is privacy. I am also firmly in the #fuckCars camp (noise, pollution, death, selfishness of people putting their convenience above lives of other people & animals). It’s hard to give a shit about car drivers having privacy. And also realize that car drivers inherently sign up to give up privacy in order to use a personal car anyway (registration, insurance, banking transactions tied to those activities and their fuel purchases, etc). The fuel purchases of car drivers feed the oil industry, which in the US feeds the war chests of republican candidates who disrespect both privacy and the environment.
Yet people making the wise pro-privacy considerate decision to cycle are still exposed to breath car fumes, noise, and life-threatening physics (e=mc²). Hard to have sympathy for car drivers.
- Comment on Most motorists want noise cameras installed to clamp down on loud cars 2 years ago:
Electrics cars will make it a non issue
I do not see EVs replacing scooters (which are driven by lower budget commuters). A single unmuffled scooter driving through #Paris at 3am can wake up 10,000 people according to Bruitparif. And don’t forget horns. Assholes will used their horns at 3am on my street. The only thing they give a fuck about is their own convenience.
The idea of harsh punishments works if a vehicle is continuously loud because it will eventually cross paths with a cop. So that position is fair enough. But what about horns? There’s never a cop around when horns are misused.
- Comment on Most motorists want noise cameras installed to clamp down on loud cars 2 years ago:
⚠ That article is a bit enshitified and autoplays video. Just a warning to anyone on a limited internet connection.