Em Adespoton

And in recent years, VPN abuse by malicious actors has gone WAY up. Well, either that or the ability for InfoSec practitioners to trace the threat actor back to the VPN has gone up. Or a combination.

On Reddit I have thousands of comments, over 240,000 karma, and I haven’t logged in in around two years.

But then, like with Lemmy, I picked my subreddits carefully and left when it seemed like they were being overrun with bots.

Yet.

So… Zoom went down because GoDaddy mistakenly started resolving the domain to 0.0.0.0? That’s what it sounds like….

In some cases, it’s people who’ve done the research and written the paper who then use an LLM to give it a final polish. Often, it’s people who are writing in a non-native language.

Doesn’t make it good or right, but adds some context.

The money they get from the government to run it has a small portion tagged as COVID money for disaster response. Which somehow has resulted in the entire funding being tagged COVID. Which means, unlikely to be renewed tomorrow.

Interesting story.

I started using Objective C in 1994 on NeXTcubes, and later NeXTstations.

For simpler, one-off projects, it was great; also great for its ability to make any existing C library or function (or even block of asm) an object that played nicely with all the rest. And every API was just another set of objects! Discovery was easy.

It wasn’t until it came to maintenance of complex codebases that it became a problem. There’s a reason things like NSurlHandler stuck around right into modern macOS — replacing objects like THAT had implications all up and down the dependency chain. Essentially, it became Apple’s equivalent of DLL Hell.

It was also the last language that I thought could be almost all things to all people; after that, I realized that specialized languages that performed really well in a single context were a much better way to go.

Of course it might. And the percentages are all subject to variation depending on who wants to buy and sell stock at the time.

The term “Artificial Intelligence” has been bandied around for over 50 years to mean all sorts of things.

These days, all sorts of machine learning are generally classified as AI.

But I used to work with Cyc and expert systems back in the 90s, and those were considered AI back then, even though they often weren’t trying to mimic human thought.

For that matter, the use of Lisp in the 1970s to perform recursive logic was considered AI all by itself.

So while you may personally prefer a more restrictive definition, just as many were up in arms with “hacker” being co-opted to refer to people doing digital burglary, AI as the term is used by the English speaking world encompasses generative and diffusive creation models and also other less human-centric computing models that rely on machine learning principles.

He’s draining the swamp with a pump and dump!

If you’re calling it antivirus, you need security software but probably don’t know how to properly implement it.

I don’t have these legitimate concerns, and I STILL keep stuff like that as thoughts in my head. The only reason I’d journal my thoughts is if I eventually wanted someone to read them.

I keep my journaling for things I actually do in real life that I want to keep track of.

What is the purpose for writing it down? When you know that answer, then you look for the safest way to accomplish that purpose, which probably isn’t a diary.

Realistically, what the article suggests to me is that I should carry a burner phone when crossing borders and if I need my real phone, turn on lockdown mode and then turn it off and stow it in my luggage with the understanding that it may get confiscated and never returned.

Probably worth reading the article. There are consequences to saying “no” at the border.

Torrenting means you’re sending copies of the files to anyone with a magnet link. Great for quickly sharing legitimate software with a wide group. If you’re trying to download stuff you don’t have a license for, torrenting is a bad solution. Better to find a small community where you can just share files directly, peer to peer or on a private server.

Torrenting has a very obvious digital fingerprint, so even if you’re using a VPN, your ISP knows you’re torrenting. And if your VPN provider gets served with a notice and their country is a member of any international trade agreement, they know who you are and have a responsibility to take action against you.

I keep all my traffic encrypted, use my own DNS, and run a VPN so that anytime I’m away from my place, my traffic is tunnelled through my home setup, which includes a piHole.

If I need more than that to obscure the traffic source, it goes through TOR.

I also run a few public web services off the same IP, so the traffic coming out of my address has plausible deniability.

Plus, I use tracker and ad blockers in all my browsers/devices, of course, as well as block JavaScript by default.

Generally, it’s best to go by capability, not by policy.

Any company has to do what the government of its country says. This goes both for the VPN company, AND any exit node country. So you have to always assume that whatever country your exit node is in has full access to the data exiting the VPN there.

Then there’s the technology being used, the expertise with which it is configured, and finally the policies in place for handling and storing your PII.

Mullvad has a strong record on all accounts, even as far as just giving a year’s notice that it will stop supporting OpenVPN.

AirVPN has virtually no track record, fewer details on hardware, configuration, expertise and PII handling, and it’s in the EU, so has to comply with EU laws as well as Italian laws.

Being in the EU means it has to comply with the GDPR, which does have its benefits. But it also means an EU member state could put a gag order on your account and be monitoring all your data without you ever knowing.

So it all comes down to who you want your data to be private from and why.

Personally, I avoid all public VPN services as much as possible, and assume that the only thing they’re really doing is tricking the next service in the hop as to what country I’m connecting from.