Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "privacy? yeah right"
-
Well, here's the OS rant I promised. Also apologies for no blog posts the past few weeks, working on one but I want to have all the information correct and time isn't my best friend right now :/
Anyways, let's talk about operating systems. They serve a purpose which is the goal which the user has.
So, as everyone says (or, loads of people), every system is good for a purpose and you can't call the mainstream systems shit because they all have their use.
Last part is true (that they all have their use) but defining a good system is up to an individual. So, a system which I'd be able to call good, had at least the following 'features':
- it gives the user freedom. If someone just wants to use it for emailing and webbrowsing, fair enough. If someone wants to produce music on it, fair enough. If someone wants to rebuild the entire system to suit their needs, fair enough. If someone wants to check the source code to see what's actually running on their hardware, fair enough. It should be up to the user to decide what they want to/can do and not up to the maker of that system.
- it tries it's best to keep the security/privacy of its users protected. Meaning, by default, no calling home, no integrating users within mass surveillance programs and no unnecessary data collection.
- Open. Especially in an age of mass surveillance, it's very important that one has the option to check the underlying code for vulnerabilities/backdoors. Can everyone do that, nope. But that doesn't mean that the option shouldn't be there because it's also about transparency so you don't HAVE to trust a software vendor on their blue eyes.
- stability. A system should be stable enough for home users to use. For people who like to tweak around? Also, but tweaking *can* lead to instability and crashes, that's not the systems' responsibility.
Especially the security and privacy AND open parts are why I wouldn't ever voluntarily (if my job would depend on it, sure, I kinda need money to stay alive so I'll take that) use windows or macos. Sure, apple seems to care about user privacy way more than other vendors but as long as nobody can verify that through source code, no offense, I won't believe a thing they say about that because no one can technically verify it anyways.
Some people have told me that Linux is hard to use for new/(highly) a-technical people but looking at my own family and friends who adapted fast as hell and don't want to go back to windows now (and mac, for that matter), I highly doubt that. Sure, they'll have to learn something new. But that was also the case when they started to use any other system for the first time. Possibly try a different distro if one doesn't fit?
Problems - sometimes hard to solve on Linux, no doubt about that. But, at least its open. Meaning that someone can dive in as deep as possible/necessary to solve the problem. That's something which is very difficult with closed systems.
The best example in this case for me (don't remember how I did it by the way) was when I mounted a network drive at boot on windows and Linux (two systems using the same webDav drive). I changed the authentication and both systems weren't in for booting anymore. Hours of searching how to unfuck this on windows - I ended up reinstalling it because I just couldn't find a solution.
On linux, i found some article quite quickly telling to remove the entry for the webdav thingy from fstab. Booted into a root recovery shell, chrooted to the harddrive, removed the entry in fstab and rebooted. BAM. Everything worked again.
So yeah, that's my view on this, I guess ;P31 -
"We care about your privacy [...]"
That's why we make it ultra inconvenient to turn off all of our advertising trackers and give you a broken list of on/off sliders that are slow as fuck. Also, why not just press the 'accept all' at the top of the page? See that big green button? Yeah green is good let's just press it and get this over with right?
Oh and that 'deny all' button? Yeah, a shame nobody actually put some programming into that thing, why not just press the green button next to it? You're only making it harder for yourself y'know...4 -
Well, this has been one hell of an awesome ride already. I’m at 70K+ and the biggest ranter as for reputation (those upvote thingies). Although I don’t care about being the biggest one currently, I do take pride in it but I’ll get back to that one later on. (I’ll very likely lose the first place at some point but oh well, couldn’t care less :))
I joined back in May last year through an article I found on https://fossbytes.com (thanks a bunch!), joined and was immediately addicted. The community was still very tiny back then and I’ve got to say that getting upvotes was also not the easiest :P. But, I finally found a place where I could rant out my dev related frustrations: awesomeness. I very much remember how, at first, reaching 1K was my biggest devRant dream and it seemed to be freaking impossible. Then I reached 1K and that was such a big achievement for me! Then the ‘dream’ (read these kind of dreams (upvotes ones) as things that would be awesome to reach not just for the upvotes but for participating, commenting, ranting, discussing and so on within the community, so as in, it shows your contribution) became 10K which seemed even more impossible. Then I reached 10K and 20K seemed freaking impossible but I got there a little faster and from that point on it’s been going fast as hell!
It’s always been a dream for me to become a very big but also ‘respected’ or especially well known user/person somewhere because that pretty much never happened and well, having dreams isn’t wrong, is it?
The biggest part of that dream, though, was that it would be a passion of mine that would get me there but except for Linux, the online privacy part was something I always deemed to be ‘just impossible’. This because irl I ALWAYS get (it’s getting less though) ridiculed for being so keen on my privacy and teaching others about it. People find me very paranoid right away but the thing is that if they ask me to explain and I actually present evidence for my claims, it’s waved away as if it’s nothing. (think mass surveillance, prism, encrypted services, data breaches and so on)
I never thought I’d find any other people who would have the same views as I do but fucking hell, I found them within this community!
Especially the fact that I’ve grown this much because of my passion is something I am proud of. It’s also awesome to see that I’m not the only one who thinks like this and that I’ve actually find some of you on here :)
So yeah, thanks to everyone who got me where I am now!
Also a big thanks to sir Dfox and Trogus for putting your free time into making this place happen.
Love you peoples <3 and to anyone ‘close’ on here I forgot, if you match any of the comments as for privacy/friendliness etc, don’t worry, those nice things also apply to you! My memory just sucks :/
P.S. Please do NOT comment before I comment that I’m done with commenting because I’ve got a lot of comments coming :D61 -
Dear Telegram, the fact that you're using a service which provides app usage/metrics/analytics kind of is not nice.
"But they've got the right to!"
Of course they do. But, when you advertise yourself as a messaging app focused on privacy, I expect you to behave that way.
And yes, we know your crypto is broken as fuck but that's not the point right now.
Oh and yeah, the next blog item will probably be about Telegram and how not-privacy friendly it is.22 -
It's funny to see how a coworker of mine and me are very similar minded on some privacy stuff. He's a very cool/open guy and just a regular consumer (used the default services etc) but he shares quite some of my views. This is a convo we had today:
*got to the WhatsApp subject somehow*
Him: oh right, you didn't use that haha
Me: yeah 😅
Him: why was that again, privacy reasons or something, right? xD
Me: uhm yes *help*
Him: Well fair enough.
Me: so you'd think I'm right? I mean it uses end to end crypto... (I'm entirely with him in the next few lines but I always approach it carefully)
Him: they veeeery probably have some kinda fucking masterkey.
Me: why'd you think that?
Him: it has over a billion users, the owner is facebook, fb is directly integrated with several mass surveillance programs, they are known to work closely with one particular one, the intelligence interests are way too high for letting such an opportunity pass and after all, THE FUCKER IS CLOSED SOURCE AKA NO ONE CAN FUCKING VERIFY THE CRYPTO NOR THE APP ITSELF.
Me: I agree haha 😅
Him: it's not rocket science, it's modern day mass tracking/surveillance logic :)
I like that guy.5 -
So now I'm working on my first collab with a fellow devRanter on a privacy website thingy! Excited and want to start working on it right away.
BUT OH NO I'VE GOTTA GO TO WORK IN 15 MINUTES TO STAND BEHIND A TABLE PACKING MOTHERFUCKING BOXES ALL DAY, YEAH NO THAT SOUNDS FUCKING COCKSUCKING EXCITING. (okay I can pay rant but still).
I need a hug 😞41 -
Went to see Jason Bourne last night. No spoilers, but I'm guessing this is how the writers came up with the story:
Writer 1: Let's make it super techie
W2: Yeah, that way it's about current issues, like Internet privacy.
W1: Should we hire a tech consultant so we get things right?
W2: Nah, I saw the Matrix once, I understand computers.
Actual line from film:
"Use SQL to corrupt their database"
😑13 -
*logs out of Google on Android*
*has this persistent Google search bar on launcher which I keep on accidentally tapping*
Alright, so I'm not logged into Google to see how it goes. Kind of an experiment to see just how intertwined Android and my life are with Google. And it's going quite well actually, except for my prime apps that I can't seem to get around.
*reads Google privacy policy*
"We protect your data by keeping it secure!"
Hmm, yeah.. you and 3 letter agencies are keeping it secure and out of the hands of other individuals.. that makes sense.
Don't be evil.. unless you're the devil, right?
Fuck you, I won't login like this.
*accidentally opens Google*
*le trending results show up*
- KSI vs Logan Paul weigh-in!
- KSI vs Logan Paul Manchester!
- KSI vs Logan Paul arena fight!
*opens up NewPipe in which I am not logged in either*
- KSI vs Logan Paul!!!
- Did you see the KSI vs Logan Paul stuff yet?!
*logs back into Google straight away*
Personalized search engine.. many hate it, but boy do I fucking love it.rant disney idiots obnoxious cunts fuck that logan fuck that jake kid too wtf is wrong with people who the fuck watches those morons4 -
End to end encrypted (maybe decentralized?) social network including shit like voice/video/group calls.
Privacy site I'm working on right now.
Yeah that's it for now :)12 -
"There's more to it"
This is something that has been bugging me for a long time now, so <rant>.
Yesterday in one of my chats in Telegram I had a question from someone wanting to make their laptop completely bulletproof privacy respecting, yada yada.. down to the MAC address being randomized. Now I am a networking guy.. or at least I like to think I am.
So I told him, routers must block any MAC addresses from leaking out. So the MAC address is only relevant inside of the network you're in. IPv6 changes this and there is network discovery involved with fandroids and cryphones where WiFi remains turned on as you leave the house (price of convenience amirite?) - but I'll get back to that later.
Now for a laptop MAC address randomization isn't exactly relevant yet I'd say.. at least in something other than Windows where your privacy is right out the window anyway. MAC randomization while Nadella does the whole assfuck, sign me up! /s
So let's assume Linux. No MAC randomization, not necessary, privacy respecting nonetheless. MAC addresses do not leak outside of the network in traditional IPv4 networking. So what would you be worried about inside the network? A hacker inside Starbucks? This is the question I asked him, and argued that if you don't trust the network (and with a public hotspot I personally don't) you shouldn't connect to it in the first place. And since I recall MAC randomization being discussed on the ISC's dhcp-users mailing list a few months ago (http://isc-dhcp-users.2343191.n4.nabble.com/...), I linked that in as well. These are the hardcore networking guys, on the forum of one of the granddaddies of the internet. They make BIND which pretty much everyone uses. It's the de facto standard DNS server out there.
The reply to all of this was simply to the "don't connect to it if you don't trust it" - I guess that's all the privacy nut could argue with. And here we get to the topic of this rant. The almighty rebuttal "there's more to it than that!1! HTTPS doesn't require trust anymore!1!"
... An encrypted connection to a website meaning that you could connect to just about any hostile network. Are you fucking retarded? Ever heard of SSL stripping? Yeah HSTS solves that but only a handful of websites use it and it doesn't scale up properly, since it's pretty much a hardcoded list in web browsers. And you know what? Yes "there's more to it"! There's more to networking than just web browsing. There's 65 THOUSAND ports available on both TCP and UDP, and there you go narrow your understanding of networking to just 2 of them - 80 and 443. Yes there's a lot more to it. But not exactly the kind of thing you're arguing about.
Enjoy your cheap-ass Xiaomeme phone where the "phone" part means phoning home to China, and raging about the Google apps on there. Then try to solve problems that aren't actually problems and pretty vital network components, just because it's an identifier.
</rant>
P.S. I do care a lot about privacy. My web and mail servers for example do not know where my visitors are coming from. All they see is some reverse proxies that they think is the whole internet. So yes I care about my own and others' privacy. But you know.. I'm old-fashioned. I like to solve problems with actual solutions.11 -
Most succesful project was around this time last year.
A scary club of privacy haters made a 'webapp' to advise people what to vote for in the national elections.
The tool was really bad in multiple ways. For instance, if two parties would score the same amount of points, one would, at random take second place without conveying this to the user.
Oh and it also collected all the data people entered "for scientific purposes". A very sketchy practice, a non profit, funded by the government and George Soros (I kid you not, illuminatie confirmed ;) ).
The tool had this disclaimer on the bottom, saying this webapp needs cookies to function. So that triggered me to make a copy of the tool that works better and ... offline, and without cookies. You could download a html file and turn of your wifi (for the paranoid ppl among us), use the tool, delete the file. No trace.
It was a little bit of tung and cheek project, a gimick, the original was called stemwijzer, mine was called offline stemwijzer.
It was a one day build and a day after launching I got a call of the original stemwijzer project leader. Demanding to take the thing offline for infringing copyright (yeah sort of was). I tried to explain him why I made this and why privacy for such things should be held in high regard. He basicly told me I was talking shit and did not want to discuss, I told him I don't take stuff offline because of phone calls. I told him to email me a seist and desist.
So that guy prolly had a stressful day (because of the launch of his tool), had a few glasses of wine, and wrote an email. He wrote me I was a pathtic kid and I should do more useful stuff. He wrote that anyone could program a tool like that. And he wrote me I should do him a favour not share this email with my measly amount of twitter followers. Super professional email.
So I did him that favour, I did not share it with my twitter followers, I shared it with one of the largest political blogs in the country.
My tool sort of took of after that. To stop infringing copy right I changed the name and I removed their content from the script and wrote instructions on how to copy and paste in the json content yourself and "make your own tool".
The response was great, people actually emailed me job offers and I think that the current job I have is due to the succes of said project. So be balsy, challenge giants, start riots, it will get you places.2 -
Me : Yeah dude, totally. I support Right To Privacy.
Also Me : To get OTP filled automatically, i need to ask Recieve Sms Permission from user. Also to send them, too.
😂😂😂😂8