Anonymouse

Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia's intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia's re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.

TL;DR: keep your apps updated & don't scan QR codes that you don't trust.

As if anybody here needs a reason to be wary of what you do online, this essay shares how a foreign adversary used back doors that were intentionally put in place to spy on Americans and how the rest of the world probably has the same back doors.

I especially appreciate the phrase "nerd harder" and the quote, "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia".

How can IT folk help politicans to understand?

While reading many of the blogs and posts here about self hosting, I notice that self hosters spend a lot of time searching for and migrating between VPS or backup hosting. Being a cheapskate, I have a raspberry pi with a large disk attached and leave it at a relative's house. I'll rsync my backup drive to it nightly. The problem is when something happens, I have to walk them through a reboot or do troubleshooting over the phone or worse, wait until a holiday when we all meet.

What would a solution look like for a bunch of random tech nerds who happen to live near each other to cross host each other's offsite backups? How would you secure it, support it or make it resilient to bad actors? Do you think it could work? What are the drawbacks?

I thought this group may enjoy this read about a suggestion on an option to take in the Google antitrust lawsuit. Of particular interest is that certain groups feel that the "right" approach is that everyone should be able to surveil the population, Google-style and the choice quote:

The judge repeats some of the most cherished and absurd canards of the marketing industry, like the idea that people actually like advertisements, provided that they're relevant, so spying on people is actually doing them a favor by making it easier to target the right ads to them.

As if you need any more reason to degoogle, consider what would happen if Google removed you from their platform tomorrow. This article some of the problems with putting all your eggs in one basket.

I had a super fast but small SSD and didn't know what to do with it, so I was playing with caching slow spinning LVM drives. It worked pretty good, but I got interrupted and came back a few weeks later to upgrade the OS. I forgot about the caching LVM, updated the packages in preparation for the OS upgrade, then rebooted. The LVM cache modules weren't in the initfs image and it didn't boot.

I should know better. I used to roll my own kernels since Slackware 1.0. I've had build initfs images for performance tweaks. Ugh!

Where's my rescue disk?

Here's the "Privacy First" pitch: whatever is going on with all of the problems of the internet, all of these problems are made worse by commercial surveillance.

If something like this were implemented in US federal law, what could the downsides be? Like California Proposition 65, the "cookie law" didn't stop tracking, it just made more pop ups. Would this do the same thing?

I haven't seen this posted yet here, but anybody self-hosting OwnCloud in a containerized environment may be exposing sensitive environment variables to the public internet. There may be other implications as well.

I was out walking around and "popping" quests on StreetComplete. I was wondering what the consensus is on the question "Who is allowed to park here?" In this case, it's an ungated parking lot next to a commercial/industrial warehouse with many companies occupying the same space. A few of the parking spots had a sign indicating "reserved for XYZ customers", but most did not. This is not a city-owned parking lot. What's the right answer?

I understand the intent, but feel that there are so many other loopholes that put much worse weapons on the street than a printer. Besides, my prints can barely sustain normal use, much less a bullet being fired from them. I would think that this is more of a risk to the person holding the gun than who it's pointing at.

Is there any decent iPod management software for linux available? I have a 6th generation iPod that I use only for music and it's really the last thing that I keep my windows partition around for. The more I use linux, the more unintuitive iTunes feels. I had tried GTKPod in the past and one other, but they didn't support the 6th gen iPods. I'd be happy with just a CLI copy type command!

Is anybody using only IPv6 in their home lab? I keep running into weird problems where some services use only IPv6 and are "invisible" to everyone (I'm looking at you, Java!) I end up disabling IPv6 to force everything to the same protocol, but I started wondering, "why not disable IPv4 instead?" I'd have half as many firewall rules, routes and configurations. What are the risks?