You’d be correct. This is why median gives you a better representation of a general population. Averages can easily be distorted.
You’d be correct. This is why median gives you a better representation of a general population. Averages can easily be distorted.
Yep! The device has a built-in web server. You connect via it’s IP from any browser and configure it how you want. Here’s what it looks like in homeassistant.
Overview:
Historical data:
I would recommend this product from Shelly https://www.shelly.com/en-us/products/shop/shelly-h-and-t-gen3-1
Doesn’t no app or hub requried, works via wifi or bluetooth, has an e-ink display to conserve battery. I’ve had it since October and its been running without issue. Uses 4 AA batteries which I haven’t changed at all and are still above 75%!
There’s a newer generation (I have the previous one) so I can only imagine its even better.
For anyone considering Session messenger:
The Session developers dropped Perfect Forward Secrecy because it would be hard to work around it.
First things first, let’s talk about what we’re leaving behind: Perfect Forward Secrecy (PFS) and deniability.
Source: https://getsession.org/session-protocol-explained
In plain English, they dropped a security feature for their convenience to the detriment of their users’ security.
For anyone unsure what PFS provides:
The value of forward secrecy is that it protects past communication.
Source: https://en.wikipedia.org/wiki/Forward_secrecy
The Session devs also claim:
Session provides protections against these types of threats in other ways — through fully anonymous account creation, onion routing, and metadata minimisation, for example.
Reading between the lines, we can interpret that as introducing security through obscurity, which is generally considered bad practice - https://cwe.mitre.org/data/definitions/656.html
What’s wrong with Briar? https://briarproject.org/
Censorship-resistant peer-to-peer messaging that bypasses centralized servers. Connect via Bluetooth, Wi-Fi or Tor, with privacy built-in.
I think the reason these apps don’t take off is the compromises they make in order to work the way they do. When you do need them, you best hope you’re able to get them and get others to use them as well.
Ooh silverbullet looks nice too, thanks. Link for the lazy: https://silverbullet.md/
If you’re on Firefox on desktop/laptop, check out Bypass Paywall [0]. It was removed from the firefox add-on store due to a DMCA claim [1], but can be manually installed (and auto updates) from gitlab. The dev even provides instructions on how to add custom filters to uBlock Origin [2], so you don’t have to add another extension but still get some benefit.
[0] https://gitlab.com/magnolia1234/bypass-paywalls-firefox-clean
[1] https://winaero.com/mozilla-has-silently-removed-the-bypass-paywalls-clean-add-on-from-amo/
[2] https://gitlab.com/magnolia1234/bypass-paywalls-clean-filters
Because they get your profile picture, name, and email address when you click accept. I went through with it just to test, but definitely getting some data from its users.
You’re right, but security and privacy is about layers, not always 100% effective mitigations, especially not when the mitigation is a function (contact discovery) that requires a private list (your contacts) be compared against another one. For anyone where this is an actual security risk, they don’t have to to share their contacts. They will not know which of their friends/family are on Signal, but they can still use the service.
This feature does protect users in that any legal court order for Signal to present who is friends with who (as almost every other messaging provider has actual access to your list of contacts) is not possible. They’ve been subpoenaed multiple times[0] and all they can show is when an account was created and the last day (not time) a client pinged their servers.
Lastly, I’m not sure if this is even a feature or not but it wouldn’t be too difficult to introduce rate-limiting to mitigate this issue even more. As an example, its very unlikely that most people have thousands (or even tens of thousands) of people in their contacts. Assuming we go just a step beyond the 99th percentile, you can effectively block anyone as soon as they start trying to crawl the entire phone number address space, preventing the issue you’re describing.
Not necessarily.
Signal has people who are experts in their field. They engineer solutions that don’t exist anywhere else in the market to ensure they have as little information on you as possible while keeping you secure [0]. This in turn means high compensation + benefits. You don’t want to be paying your key developers peanuts as that makes them liable to taking bribes from adversaries to “oops” a security vulnerability in the service. In addition, the higher compensation is a great way to mitigate losing talent to private organizations who can afford it.
[0] Signal has engineered the following technologies that all work to ensure your privacy and security:
This is a nice surprise. Didn’t even know this was in development. Can’t wait to test it out!
I plan on making it available inside my own network, not public. This way if someone makes it past my security, I at least have something that might “catch” them in the act and disable my network so I can intervene. Just another security layer.
Fair point, but do note that https://wormhole.app is just a web-client for the wormhole protocol. There’s a reference implementation and there’s - personally - a much better go-based implementation (wormhole-william) that also has a few clients built using its API:
may not meet your requirements but have you taken a look at https://wormhole.app ?
How are you liking OMV5? Pros/cons?
I used Ubuntu for a while and distro-hopped before deciding to land on Debian. I figured major distros used it as their base for a reason. The older I get the more I appreciate the “it’ll release when its ready” approach that Debian takes. There’s no economic pressure to release with major bugs hoping the next sprint will fix most issues, like a lot of “enterprise” software. The Debian release cycle is not 100% predictable, but it is reliable. I’ve had a server go through a few major upgrades for nearly a decade before the hardware itself gave out. The OS was rock solid the entire time. Additionally, with flatpak, outdated desktop apps are no longer an issue and I use docker for hosting services.
I will admit that Debian is pretty “bland” from a fresh install, but I don’t mind that at all.
knowing nothing about the Eufy cameras, pros/cons?
What doesn’t work? I was just using it on Android as a PWA without problems. Only issue I could see is the top nav bar (where the notifications show) is gray vs black, which could be an easy fix. On Firefox if that makes a difference.
As someone who’s been wanting to test (and maybe move to Podman) in the future but hasn’t really spent any time on it, what features have Red hat removed from Podman?