𝒍𝒆𝒎𝒂𝒏𝒏

Very classy merc 👌

The owner clearly cares for that thing well - the finish, bodywork and chrome-like elements look absolutely immaculate

Flash drive hidden under the carpet and connected via a USB extension, holding the decryption keys - threat model is a robber making off with the hard drives and gear, where the data just needs to be useless or inaccessible to others.

There’s a script in the initramfs which looks for the flash drive, and passes the decryption key on it to cryptsetup, which then kicks off the rest of the boot mounting the filesystems underneath the luks

I could technically remove the flash drive after boot as the system is on a UPS, but I like the ability to reboot remotely without too much hassle.

What I’d like to do in future would be to implement something more robust with a hardware device requiring 2FA. I’m not familiar with low level hardware security at all though, so the current setup will do fine for the time being!

Free real estate 😂

I think so, assuming these malicious packages are all primitive enough to just look for the single file in a user’s home folder lol. The only downside here is needing to provide the keyfile location to ssh every time you want to connect… Although a system search would pretty much defeat that instantly as you mention

SSH keyfiles can be encrypted, which requires a password entry each time you connect to a SSH server. Most linux distros that I’ve used automatically decrypt the SSH keyfile for you when you log in to a remote machine (using the user keyring db), or ask you for the keyfile password once and remember it for the next hour or so (using the ssh-agent program in the background).

On Windows you can do something similar with Cygwin and ssh-agent, however it is a little bit of a hassle to set up. If you use WSL i’d expect the auto keyfile decryption to work comparably to Linux, without needing to configure anything

I think they would start obfuscating the relevant code to get around it

Many ad networks and AABs do something similar (especially Admiral) in an attempt to evade ad blocking extensions

I assume it’s a feature to prevent Android’s memory management from forcefully killing Firefox… for me the tabs don’t unload, but they behave as if the JS running inside them has been frozen/paused.

Maybe installing those tabs as apps via Firefox’s menu will bypass this

From GoG specifically, as they patch the older games on their store to “just run” on modern Windows

For me it’s the ability to set up a shared instance with the base request URL, and set headers for things like the user’s token, allowing all requests made with that shared Axios instance to be sent to the right path with the token without needing to define them for each individual request.

To be honest though something similar can be done with spread syntax in the Fetch API’s options parameter

it’s got telemetry on by default.

Very, very hard pass. Might even blow out my suspension doing so

A lot of jQuery’s features are now available in native JS - would also suggest just using native JS anyway because jQuery won’t throw any errors into the console if a selector matches no elements etc.

The only additional library I’ve needed recently for (personal work) is Axios for requests - easier than working with the Fetch API in some cases

Ohhh my apologies - just went again to look and saw it. I think I missed it because it doesn’t show as an image until you tap it

This would fit in pretty nicely at !thenightfeeling@lemmy.world too

Edit: sorry, I may have misunderstood your post - free email != email masking.

My original post below…

Curious why you consider email address masking services as for those with “drastic anonymity” requirements?

I personally don’t think so: they are pretty much just a digital P.O. box, and are typically not anonymous in any way (subpoena/court order to the provider). They are built-in to Firefox too, it will automatically create new ones OOTB as you sign up on websites, if you click the autofill.

They are however IMO one effective tool out of many to restrict the ability of data brokers and hacking groups (aggregated breach datasets) alike from making money from your online presence without your consent.

In almost all cases this data is freely searchable for law enforcement and private investigators, allowing them to avoid going through the legal system to investigate and possibly detain you for things you’re not guilty of

deleted by creator

Disordered; especially, disordered in mind; crazy; insane.

This is hardly deranged, there is a lot worse than this which is more deserving of that description IMO lol

Or about the D.E.V.I.L.S. format listing option on ffmpeg

If they’re easy to get, why not have them 😉

Thank you 😁

I think the authors should consider watermarking their stuff, particularly if it isn’t something recognizable like Strange Planet

It prevents apps from opening links in your browser directly, since they have to go through URLCheck first. Let’s say you click a link in your email, and instead it opens a “google.com/url?q=https://amazon.com” or a “safelinks.outlook.com/?url=…” instead of just taking you to Amazon.com. URLCheck will get rid of the unnecessary redirection and allow you to go directly to the site.

Adding onto that, my pet peeve with email links is them showing you a link that says Amazon.com, but then you go to click the link it opens a bunch of email tracking links before finally taking you to Amazon.com. With URLCheck you can actually stop these links from opening, and go to the website directly in the browser yourself.

If you’re familiar with that issue that popped up regarding “.zip” domain names, and how they can be engineered to look like an official URL, this is a non issue as you’ll get a warning if any link contains malicious unicode characters that could be mistaken for something else

Also, if you have multiple apps that can handle a link (maybe different youtube apps like libretube, newpipe, grayjay), you can pick which one to open after clicking a link. Android does have a stock app picker, but it’s very easy to mistakenly set an app as default.

Android apps can also track what apps triggered them to open - URLCheck can mask this, and even set some advanced flags for how the link handler app should be opened.

To be honest after using it for a while, I really wish there was something similar available for desktop

This is how I do it 👌 no need to install another when the pi already comes with one OOTB.

If OP is looking for VNC clients for zorin OS, there’s an app called “Connections” in the store which works great