Anyone have any suggestions for laptops with good build quality and good privacy/security features?

Been on a system76 but it's a cheap plastic clevo shell with components that far exceed what it can handle - it regularly goes over 90 C when compiling and it is so heavy that the case bends enough to make the screen glitch if lifted from the wrong corner. Not sure if that's a model issue or common across their lineup.

I guess there's Librem, anyone any experience with them? Other options?

TIL about tar's -a option. Bye memorizing nonsensical shorthands.

Some cryptographers are annoyed by the hijacking of "crypto" to refer to cryptocurrencies - but what bothers me more is the usage of OTP to refer to One-Time Passwords.

One-Time Pads (OTPs) are the conceptually simplest, yet hardest form of encryption. Provably unbreakable. But they require *truly* random, preshared keys, which make them impractical.

Why was this abbreviation overloaded? Why not call One-Time Passwords "Single-Use Tokens" or something to differentiate?

kekcoin boosted
kekcoin boosted

Is there nothing the internet can do to block this? Are there any non-profit domains left?
I feel like this really increases the need for decentralized #DNS. How is #Namecoin doing?

news.ycombinator.com/item?id=2
#org #por #icann

kekcoin boosted

Probably they shipped the Beijing version of the software to everyone. Maybe? Who would do such a thing. A mistake happened somewhere. This is worrying to say the least...

$ git merge beijing_PRC_compliant_version twitter.com/SwiftOnSecurity/st

twitter.com/lopp/status/117938

> Complains about Signal's lack of decentralization and privacy
> On twitter
> Linking a google docs spreadsheet

Cmon @lopp ...

Wondering if there's any consensus forming on what symbol to use for a satoshi.

There's this proposal: reddit.com/r/Bitcoin/comments/ which is amazing.

On the other hand the guy who got ₿ added to unicode is opposed to creating a new symbol twitter.com/kenshirriff/status

Personally I feel like repurposing existing unicode codepoints based on its appearance conflicts with the fact unicode symbols have a defined meaning, muddling that is shooting ourselves in the foot long term.

Thoughts?

@purism Still waiting on an answer to this before preordering.

Hey @purism which LTE basebands will the Librem 5 support? In other words, which specific flavour of PLS8 will be used? Are there going to be different editions for different markets?

Seems that didn't fix it. Still something somewhere ratting out my physical location to google, even after clearing all history, localstorage and cookies and purging all references to google from `about:config`.

Turns out firefox uses google services for its geolocation stuff to begin with, and while I had not given any sites permission to read my location data, I had not turned off firefox's geolocation entirely (that option is hidden behind `about:config`). Wonder if disabling those will fix the issue.

In any case, thanks for looking out for my privacy, mozilla. That google money must be nice.

For quite some time I've been wondering why google insists on serving me a version localized to where I live as opposed to a version localized to my employer's country, on my work computer.

Given that I rarely ever connect to the internet, let alone google, without VPN on that box, the timezone is set to my employer's, I generally don't use any language localizations on my systems and I have denied google.com's location requests every time, it was something that kept eluding me.

(...)

kekcoin boosted

Thread:

We need to talk about packaging, signatures, checksums and reproducible builds:

On your system you have a keyring of packagers' GPG keys that you inherently trust.

Releases get signed with a key, which verifies the packager as the author, and supposedly lets you and your system trust their contents.

But do you really trust your packagers? How could you? Do you know them personally and monitor their packaging work?

Would you even know if they release a package with malicious content?

@Purism Was looking at your Librem 5 specs and noticed the "Baseband: Gemalto PLS8 [..]". However, there's 5 different "regional" variants of that module, each supporting different LTE bands. Which are you using?

Many guides (even ones intended for cryptocurrency use) skip this.

Friends don't let friends generate insecure keys. Headless raspi setups generate ssh keys on first boot with relatively little entropy.

Don't forget to `dd if=/dev/random of=$raspi_root_mountpoint/var/lib/systemd/random-seed bs=1 count=512` before the first boot.

kekcoin boosted
kekcoin boosted

there's a funding initiative by Square for Bitcoin Core devs, apparently? twitter.com/jack/status/110848 (sorry for birdsite link)—if you're actively involved in Bitcoin Core's development and need this funding, and would like me to write a recommendation for you, let me know!

kekcoin boosted
Show more
Bitcoin Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!