Olivier Forget @teleclimber@social.tchncs.de
Seeking refuge in a distributed world. Web, future programming. Building things.
Joined Apr 2017
Olivier Forget
boosted
I don't know if this form of regulation is a good idea or not but I do think that it is inevitable in the long run.
The more society finds out about bullshit or obviously evil practices in tech, the less effective tech's mantra of 'regulation would make things worse' is going to be. At some point people are going to say: 'no, it can't be worse, you need to be regulated on every level, from employee certification up to market share and corporate ownership.'
Olivier Forget
boosted
Never connect to ProtonMail using Chrome : ProtonMail - https://old.reddit.com/r/ProtonMail/comments/9yl94k/never_connect_to_protonmail_using_chrome/
Olivier Forget
boosted
Soooooooo looks like Jack Dorsey went on a retreat in Myanmar, and his takeaway had fuck-all to do with what social media has done to foment the Rohingya genocide.
This is my long-winded way of saying it looks like I'm moving here.
Olivier Forget
boosted
@NerdResa
Before I had a networking course at university, I had a rough understanding of IPv4/v6, but had trouble understanding why some things need to be in the same subnet.
Then I read IPv6 RFC. Not only have I found IPv6 to be a lot less messy and easier to understand, but it also allowed me to understand how IPv4 works by combining the idealized model of v6 with the messy hacks I knew v4 has.
So IMO learning v6 before v4 is a good idea. But N=1, your mileage may vary.
Olivier Forget
boosted
Today I learned that USB-C MacBooks can sometimes send 20V to a 5V USB-C Yubikey, releasing the magic smoke from inside. π₯
Olivier Forget
boosted
mastodon meta, user discovery, a take Show more
Olivier Forget
boosted
We're now entering into the Engelbart era. Beyond the initial ooh-shiny phase of computing characterized by youthful exuberance and into a time when we need to make computers actually relevant to the human project.
Olivier Forget
boosted
@dankwraith @starrycosmos @ExperimentV @alanz
Decided I should check out my assumption that a disabled presinstalled Facebook app couldnt get my data
Have a very cheap Acatel Android I got new a year ago
Deleted the Facebook app when I got it
Looking at android settings, apps & selecting 'show system' from the menu I found that there are 2 facebook system apps
One of them starts up at boot, connects to Facebook & transfers some data. It has storage permission (I had it off)
1/2
Time to learn Go.
My programming past includes PHP and JS (and C++ and C a long time ago). So it's time to have a better language in my tool belt.
Tickled by Elixir too, but that will be for another time.
Olivier Forget
boosted
@blakehaswell One factor to consider is that if the Australian law is considered to be "successful" then similar laws will be passed elsewhere.
Some possible tactics:
- Ensure that any backdoors which the government adds are discovered and publicized
- Work towards reproducible builds
- Encourage everyone not to trust proprietary chat apps. Assume that such apps are already backdoored
- Devise and deploy systems for monitoring the relevant open source projects. For example, a system which monitors open source chat apps and lists changes to cryptography related sections. Make code review of sensitive files trivial
- The government won't follow its own laws, and will use apps which are not backdoored. Use FOIA or anything similar to check what apps are used/purchased by officials and point out the hypocrisy
- Run cryptography workshops for your people. Make cryptography cool. Make it fashionable. Make songs and art about it. The government will prefer that people are uneducated on the topic
Some possible tactics:
- Ensure that any backdoors which the government adds are discovered and publicized
- Work towards reproducible builds
- Encourage everyone not to trust proprietary chat apps. Assume that such apps are already backdoored
- Devise and deploy systems for monitoring the relevant open source projects. For example, a system which monitors open source chat apps and lists changes to cryptography related sections. Make code review of sensitive files trivial
- The government won't follow its own laws, and will use apps which are not backdoored. Use FOIA or anything similar to check what apps are used/purchased by officials and point out the hypocrisy
- Run cryptography workshops for your people. Make cryptography cool. Make it fashionable. Make songs and art about it. The government will prefer that people are uneducated on the topic
Olivier Forget
boosted
I see a lot of anger about Australia's Anti-encryption Bill, but what are we actually doing about it? We can't let this fade away over the Christmas break and become just another news cycle. Let's get organised!
People were asking if FaceBook's status was finally damaged for good.
There is an ad for the F8 Developer Conference on Birdsite right now, and the replies are ... rough.
Not a single positive one.
And when you click "show replies with offensive language" you get a whole lot more profanity directed at FB.
Whew! We just might be there folks.
Olivier Forget
boosted
@Art @Eric Buijs @Matej Δ½ach β
@Hiro π―π΅ π @gecko @Andrew Roach
I live in Australia. I have created encryption technology which cannot be broken - ever; and social networking software with E2EE where the users control not only the keys, but also the *algorithms*. It's physically impossible for me or anybody else to backdoor your encryption. It's also trivial to provide the same basic ability to other fediverse software.
There is also an Australian law which forbids me from discussing encryption technology with people from other countries (quite stiff penalties).
Anyway this entire body of work is available to anybody in the world right now and it's equally impossible for me to take it back. The only thing that has changed is that I can no longer help you. It's up to you to get smart and I would suggest that you need to do it quickly.
I live in Australia. I have created encryption technology which cannot be broken - ever; and social networking software with E2EE where the users control not only the keys, but also the *algorithms*. It's physically impossible for me or anybody else to backdoor your encryption. It's also trivial to provide the same basic ability to other fediverse software.
There is also an Australian law which forbids me from discussing encryption technology with people from other countries (quite stiff penalties).
Anyway this entire body of work is available to anybody in the world right now and it's equally impossible for me to take it back. The only thing that has changed is that I can no longer help you. It's up to you to get smart and I would suggest that you need to do it quickly.
Olivier Forget
boosted
When you're explaining decentralization
Olivier Forget
boosted
Pie chart of how you spend your time in the shower.
Is anybody still checking in on their FB? Are news articles that are negative of FB showing up in the timeline or is it "everything is peachy at FB but look what's going on in Yemen..." kind of timeline?
Olivier Forget
boosted
Is public discontent with Facebook reaching a boiling point?
Web Developers : MS Edge sucks and I don't test on it
Also web developers: OMG MS how could you stop edge development! Engine monopoly wah wah wah...
Olivier Forget
boosted
@baldur Yup, this was something I learned on the Edge team. Chrome doesn't have bugs; only other browsers do. That's what happens when it's the primary browser everyone uses for devving and testing.
Learning about running untrusted JS:
- can't expose your other JS so use VM2
- but VM2 will probably leak and doesn't protect against while(true) so run in a container
- but then you read containers can't be trusted! Kernel exploits galore! For real security use full virtualization
- But KVM might have bugs too! The real way to go is bare metal.
- You're gonna airgap that, right?
Seeking refuge in a distributed world. Web, future programming. Building things.
Joined Apr 2017
