Clear falsehood. All I have to do is type [pregnant man emoji, coming in September 2021] [squirt gun emoji, having universally replaced real gun] [bomb emoji, because real bombs are okay I guess] [skull emoji] and they know what those characters are, so they can ban you for posting them together.

The U.S. had a choice. Freedom or tyranny. The purity of abandoning the strange doctrine that speech, that information is inherently evil, rather than evidence of evil. Or censorship that devours everything, destroys everything, collaborates with every tyrant around the world.

And we see how they chose.

The ban on child porn creates a market for child porn and the fresh abuse of children to make those images from scratch, like printing money. The refusal to acknowledge a private space - ANYWHERE - means that foreign governments can just go ahead and send their notices that the Hanzi for "Liberate Hong Kong, revolution of our times" looks like a cartoon child rape, which of course is JUST AS BAD as a real one. It doesn't matter whether children are raped, but whether people THINK about them getting raped, let alone SEE them getting raped and start asking inconvenient questions about whether there is something they could actually DO to stop it.

This is the society where colleges control dissemination of information with an iron fist, lest something politically incorrect be said, even if it means that students have to play in Covid-infested classrooms to get something approximating an educational experience.

This is the society that never goes to China with anything but demands that they censor the software pirates, censor the servers doing lookups for racist websites, censor the cruelty to animals, crack down on drugs and products that might compete with name brands ... then says look at us, we stand for FREEDOM.

Now, nobody sane trusted Apple anyway, and yet, emergencies come up and security tossed to the winds. If you're a dissident from another country facing constant deportation, or some nutcase trying to protest a pipeline or an election or a race issue, I bet you have a lot of emergencies.

This isn't the first, maybe not even the worst. The CARS. God told Lot, "Go out and find me *ten competent techies with the honesty to report on and fight back against 1984, and Democracy will be spared". Lot came back with... https://www.vice.com/en/article/4avagd/car-location-data-not-anonymous-otonomo

We got NOBODY. The internet must burn, the libraries must burn, the cities must burn, the vaccine will not be given, the virus will mutate, the people will die, the civilization will die, all things will pass away, and every few DAYS there is another harbinger like this that points the way to doom.

The article leaves the question of "who" open, but the latest gist comment puts it in perspective (emphasis mine):

In all cases, we can see the headers set-cookie, server, cf-ray and expect-ct with values set by Cloudflare, which would not be possible if TLS termination was done directly on matrix.org/vector.im servers.

Unfortunately the "Grid" project which claims to want to resolve the privacy issues in defaults and docs seems to want to re-architect the protocol, instead. From a year-old question on the project's status (emphasis mine):

Grid is definitely not stalled, but all the work is currently happening between people who are exchanging and trying new things on a test network. Once we have conclusive data and an API we are happy with, we will update this repository. It will happen at some point this year. It is simply not the only project we are working on, so it all looks slow/stalled from the outside, but it is actually not. At some point there will be an update. But the network and the protocol is in use at the moment, if that can reassure you.

BTW, that gist the article links to is apparently an old version, and the new ones are at https://gitlab.com/libremonde-org/papers/research/privacy-matrix.org/-/tree/master/. And that's a year old. Even chasing down updated docs from these people is tedious. No wonder their code is absent.

All I want is a doc that details how it is and isn't possible to secure a server and client, what you configure and what you patch. Give that a name to fork it, sure. Instead, these are just treatises and blog posts. Many such cases.

• Original Pillar piece
• WP/MSN version (that linked to Pillar)
• WP follow-up where Grindr officially remained skeptical of the Pillar's data claims, presumably because they thought location data was struck or sufficiently anonymized
• Pillar's followup statement (direct image link), with no new information on what "obtained and authenticated a data set" entailed

Some Twitter replies express frustration in their being so cagey about something they claim is so easy. A few others condemn Pillar's privacy violations, but obviously those are built in to the software.

Still others question whether they contacted the right person in the RCC. I'm beginning to wonder myself whether they went more for bombast than concern. Did they show his superiors the data, or is this all a "trust me, bro" situation? We can't expect the mainstream media to care about the distinction, but this guy's organization would. I imagine they found a lot of other correlations. Was this just the first guy to resign?

I wish we had more information.

I would eat my hat if they ever delete them. What kind of spy agency throws away information? They may move it to a subsidiary, sure ... not throw it out!

The two horoscope apps make sense. A smart scammer starts by picking a dumb mark.

That was an eye-opener. Thanks for sharing.

You can only make use of this if you already have the data. At that point it matters little whether they have to brute force the password based on every possibility or based on a huge list. The password is going to get cracked.

How does a 200GB password list come in handy when trying to guess the password of some online account that locks you out after three failed attempts? It doesn't.

The list is what, 200GB? All they offer is an "add-yours-to-the-list", no download in sight.

You don't have to "add" it. You can probably download the list and check it offline.

Except the ZOG emperor did absolutely nothing to anyone (except whites) and was never considering banning anything in the first place.

Without the threat of being banned by Trump, the CCP owned DouYin will show their true intentions.

(generally speaking, facial recognition technology is notoriously less accurate for women and people of color)

Or maybe that just fits the narrative. White farmers don't get bailed out. Whites don't get the benefit of the doubt of fraud.

What is this South Africa? Not hardly.

They just combined few password DB leaks and called it rockyou2021.

I've followed the kerfuffle from afar, reading the most popular articles and comments on the "LiberaChat" side. And one theme dominates these stories, like a poorly-written comic book (which is how all drama plays out on this side of the Current Year):

Rasengan pisses off the right people. Every bad decision he might have made makes me chuckle. This Korean dude might actually be based.

I can imagine good reasons for doing all the terrible things he does (like dropping a bespoke, byzantine ircd nobody else uses for something normal people can configure, an ircd which was even controversial a decade ago when there were more people hacking on ircds), but I don't need to. He angers the people who got so angry that they died their hairlogo trans colors and moved out of their parents' house so they could stay up late and put their dildos on a shelf. At least, I'm 41% sure that's what happened.

Edit: (two days later) It turns out they anonymize IPs now like Rizon and other mainstream networks do. Based.

I don't want to lie about my UA but I have to change it in order to avoid Cloudflare's CAPTCHA. Cloudflare passes Tor Browser's UA for IP addresses of Tor exit nodes. Btw, Cloudflare distinguishes its users by TLS/SSL fingerprinting as well as by HTTP headers including UA. I must doubt that organizations encouraging TLS/SSL want fingerprinting more beyond security. Hey, Tor Project and EFF, don't be evil...

Firefox usage fell by 1.02% from 2020-05 to 2021-05, so over the next three years, it should fall to about 0.3%, and I guess it's pretty much dead at this point, so it will merge with Chromium, I bet. Edit: I knew someone already said it.

Calling it now, Firefox will move to Chrome's browser engine, too.

But I usually can enable only some of the scripts. Besides, there are probably better ways of tracking someone, like cough the FLoCing FLoC. cough

But since I don't use Chromium browsers any more, they can't actually do that, and I doubt it's coming to Firefox, unless you count its inevitable death.

Some sites only work by enabling scripts.

I don't even change my user agent most of the time, so it just equals to what my browser is, but pretending to be Windows 10 while I actually have Windows 7, so it is Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0 currently (this is what LibreWolf does by default, btw).

So anyway, the only time the user agent differs from the defaults is when I want to enable a desktop version on mobile and when I want to bypass getting user agent blocked because I'm using Wget, so I usually just empty it (or set it to a browser user agent because it also gets blocked).

Also, since I block third party scripts with uMatrix by default, there's not much point to constantly changing the user agent because the trackers won't see it anyway.

The F-Droid (free software android app repository) team has decided to migrate from Freenode to OFTC.
https://f-droid.org/en/2021/06/10/important-community-update.html

No single user-agent would protect your privacy anyway. What I do is to let my user-agent switch every ten minutes. Also, user-agent not only carries browser information, but also browser version and operating system.

Having scripts blocked per default also helps.

I don't mind websites knowing my user-agent is fake. I mind websites having the ability to track me based on my user-agent. Thus my user-agent changes automatically.

I don't understand AdNauseum. If it "clicks" on ads, isn't it allowing third parties to track your browsing all over the internet?

I assume they add passwords to the next list...

The key thing for cracking passwords is, at some point it is way faster to search every password anybody has ever thought of, than to search every password anyone possibly could think of.

Yes, an honest site would just let you look up in the index starting with any string of letters, so you didn't have to give away your password in the process. Therefore, this is not an honest site. Q.E.D.

Faster proof: It's a site, from a company, on a computer. Therefore it is spying on you and selling your information. Q.E.D.