Cyber Activism ✊

The problem:

CAPTCHAs put humans to work for machines. That’s the wrong way around. When you solve a CAPTCHA, you become the pushover who supports adversaries for humanity.

The fix:

Exploit the fact that boomers are still living and some of them need analog ways of functioning. So go boomer and use snail mail or whatever the CAPTCHA-free way is.

If it’s a private sector business, fuck them. Don’t even give them your business in the first place. They are confused about who serves who and they hope you will get that backwards too.

If it’s a public sector service, there must be an analog way. Find it. Or sue them if you can’t find an analog way - don’t be lazy.

The problem: white goods (e.g. washing machines) are going further into the enshitification direction. The Internet of Shit is becoming unavoidable for new appliances. Your washing machine will likely depend on Internet and connect to a server that tracks your usage.

For the past 20 years or so they already have kill switches where they refuse to function if an error occurs. The manufacturer conceals from consumers the procedure to reverse the kill switch. So even if you can fix your machine, you can’t.

The fix:

Stop supporting the motherfuckers. When your machine breaks down, try to fix it. If you fix it mechanically but the kill switch blocks you from starting it again, don’t repeat the same stupid decision to buy a new one.

Instead, wash your clothes by hand until you find a dumped machine. Then fix the dumped machine, if you can. If it has a spinning drum, give it a hand spin and make sure the ball bearings are good before going further because they have made those irreplacable in recent decades. Repeat as needed.

If you’re just starting out and have not had a machine previously, don’t make the stupid decision of buying a machine that is made to exploit you. Look for a dumped one and own that shit.

Hand-washing isn’t as bad as bending over and and helping the predatory motherfuckers eat your soul. If you want easier hand-washing, buy a washboard from Ohio (USA); those probably never break down. Or this repairable machine from India \url{www.thewashingmachineproject.org}.

“But my addiction to convenience is too overbearing - I must buy”

Try this before you do that:

1. Find the model you would normally buy.
2. Write to the manufacturer and falsely state that you have that model and ask for the service manual (not the user manual), and ask for the software reset procedure. Or call them but be ready to give them a fake story of breakage to legitimise your request.
3. Watch as the mfr ignores you, evades, or tells you to fuck off and buy a new machine.

You will not get the svc manual from the manufacturer. Still feel like buying it after knowing how they treat customers after they think you bought their product?

Most people probably do not realise that most email to and from government agencies, NGOs, and corporations traverse the servers of Microsoft Corporation, in the clear.

How would you know, you ask? Do an MX lookup.

$ for type in mx txt; do torsocks dig @"$dnssvr" -t "$type" -q "$domain_portion_of_email_address" +noclass +nocomments +nostats +short +tcp +nosearch; done

The best exploit is if you live in the same area as the destination. Lucky for me, this is the case for most of my recipients. So I can cycle to them and drop off the correspondence without postage. And because I withold an email address from them, their response imposes postage costs on them -- which is exactly what I want. They should be penalised for their poor choice of e-mail suppliers.

Danish people are screwed

I have no idea how a Dane can partake in this because national postal service is eliminated in Denmark. You can possibly drop off the correspondence but I suppose post boxes are going away which means you need to get it in recipient’s hands during opening hours. But then how can they respond? Would they have to use FedEx? That backfires because FedEx should also be boycotted and so it ultimately helps another shitty corp. And you have no control over who the recipient will choose to carry the response.

Germans have an extra cost or inconvenience

In Germany, some recipient’s postal boxes are publicly accessible and some are not. When they are not, only the postal worker has a mail room key. And you probably have no way of knowing in advance if the recipient’s mailbox is accessible.

Perhaps the best workflow in Germany is to print the letter, stuff the envelope, and cycle to the destination. If you’re locked out and there is no one to tailgate in, then you have to accept that you lost the gamble and put a stamp on it and post it.

Americans somewhat screwed - but FAX is quite useful

In the US, it is illegal to directly put mail in a postbox that is not your own. USPS is a gov-imposed monopoly. Every city is so sprawled out you’re probably best off buying postage and using USPS anyway.

Consequently, fax is still very useful in the US -- see below.

Why faxing is great

If the recipient still has a FAX number, use it! FAX numbers are dying like flies because people don’t use them enough. It’s a way to send correspondence gratis without revealing your email address. So fax gives you more control over your data than email.

It’s worth noting that the recipient’s fax may be a service that repackages the fax as an email that traverses MS servers anyway. But it’s still more private than email because you need not disclose an email address and also MS would have to run OCR on the payload to snoop on it.

It’s a crapshoot but the odds are in favor of fax (vs email).

The extra benefit to hand delivery: a poor man’s registered letter

You can print a form and ask the recipient to sign for the delivery. Most will sign. Some will not. But when they do it gives you some proof of delivery that may help in court if anything goes sideways. I have actually used this kind of proof of delivery in court before.

To support Trump's executive order to close DEI Offices, cancel DEI-related trainings, and terminate any DEI contracts, the federal Office of Personnel Management has set up an inbox for federal employees to alert them of any DEI related efforts that should be shut down.

It'd be a shame if this inbox were so flooded with spam that it became unusable.

deiatruth@opm.gov

Wasn't sure of the best community to post this is, so feel free to spread the word elsewhere.

cross-posted from: https://sopuli.xyz/post/12515826

I’m looking for an email service that issues email addresses with an onion variant. E.g. so users can send a message with headers like this:

From: replyIfYouCan@hi3ftg6fgasaquw6c3itzif4lc2upj5fanccoctd5p7xrgrsq7wjnoqd.onion  
To: someoneElse@clearnet_addy.com

I wonder if any servers in the onionmail.info pool of providers can do this. Many of them have VMAT, which converts onion email addresses to clearnet addresses (not what I want). The docs are vague. They say how to enable VMAT (which is enabled by default anyway), and neglect to mention how to disable VMAT. Is it even possible to disable VMAT? Or is there a server which does not implement VMAT, which would send msgs to clearnet users that have onion FROM addresses?

89,004 local governments existed in the United States in 2012. By extension, there are a shit-ton of public sector websites including schools and libraries. So why can’t there be a public-funded search engine just for indexing all the public service websites?

Citizens who need to access a public service should not have to visit some shitty Google-like search engine by a surveillance advertiser to find a public resource. Google and Microsoft should not be gateways to public access. They can offer their shitty service for private sector searches but governments should have sovereignty from that. If I have to ask tech giants what is the URL for my secretary of state, it’s a fucked up dependency.

It also shouldn’t just be a search engine. There should also be a hierarchical structured directory. A public service directory plus search engine would be inherently ad-free and tracker free, federally funded.

Progress needed.

The state of medical privacy has become quite appalling lately. I started using a young doctor in a new office and they are gung ho on modern tech. That’s fine to some extent but they want to send me invoices and all correspondence via e-mail. No PGP of course. I did an MX lookup on their vanity email address & it resolves to an MS Outlook server.

I asked them for my test results. They offered to email them.

My response: I do not want sensitive medical info coming by e-mail via Microsoft’s servers. I did not give you a copy of my email address for that reason. It needs to be snail-mailed to me.

Perhaps of greater concern is that the receptionist acted like I am making a unusual request, and that they do not mail things. Apparently I am the only patient who has a problem with sensitive medical info going to Microsoft. So the receptionist is investigating whether she can get approval to mail me my results by post.

I wonder if someone in that clinic will have to run out and buy stamps because I have a problem with Microsoft.

cross-posted from: https://links.hackliberty.org/post/984895

Microsoft finances #AnyVision to produce facial recognition technology that the Israeli military uses against the Palestinian people.

So if you oppose Israel’s brutality then #Microsoft should be on your boycott list.

If you are undecided, these stories might help with your decision:

• snipers target a red-cross medic for execution (2018) → https://edition.cnn.com/2018/06/03/middleeast/razan-al-najjar-gaza-nurse-killed/index.html
• Hind Rajab (6 year old; 2024) → https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/world/2024/feb/10/im-so-scared-please-come-hind-rajab-six-found-dead-in-gaza-12-days-after-cry-for-help

For Hind Rajab, my boycott is on until I die.

cross-posted from: https://sopuli.xyz/post/5730013

Before sharing a link I would like to determine whether the website excludes people from access, and who is excluded. I can test for myself whether the Tor community is excluded, but what about:

• VPNs
• i2p
• public libraries
• #cgNAT issued IP addresses
• various regions
• particular browsers (e.g. lynx, w3m)

for example? I cannot check all those means of access. If a website is implementing some form of digital exclusion, I would like to ensure that I am not helping the exclusive website gain visitors.

#askFedi #netneutrality

1. Free-world compatible bug tracker:

   (problem) You intend to report a bug, but the project officially uses an exceptionally controversial bug tracker (e.g. Gitlab.com or MS Github).

   (solution) Users report the bug wherever they want (forum, mailing list, Mastodon, usenet), then a reference to the ad-hoc bug report is indexed somewhere so users can browse all existing reports for a particular project. A similar idea is proposed here: https://pleroma.libretux.com/objects/c2e53ffd-212b-42c7-92cf-2ab7422e0372

2. Censorship Whistleblower:

   Maintains local copy of posts to Reddit & Lemmy. Periodically checks public (cookieless) view of those articles. Logs & alerts on shadowban/censorship/moderator actions.

   Perhaps collaborate on metrics to expose patterns of censorship. Perhaps automatically post copies of censored material in a out-of-band place that has different people in power.

3. Citation Scrubber/Optimizer for essays:

   1. Accepts text-based file or a link to an already published doc, parses out all URLs and checks for:

      • Tor hostility (403, CloudFlare, Impurva, tar-pitting)
      • assets of tech giants (CloudFlare, Amazon AWS, Google Cloud, MS Azure, etc)
      • JavaScript that fails LibreJS
      • dead links

   2. Creates report showing:

      • any offending discoveries from the above checks
      • most recent mirror link found in wayback machine (regardless of article quality/ethics, in case the article later disappears)
      • alternate links to nefarious/harmful links

   3. Produces new markdown version (if the input was in markdown), which automatically applies the suggested changes. Perhaps give an option to retain the bad links but annotate warnings.

4. Surfraw Expansion:

   CLI search tool with results imported to a local db for filtering and analysis before using. E.g. CloudFlare results could be given a reduced ranking.

5. Mastodon pro-netneutrality client:

   • When posting: checks your link to see if the document has access restrictions (e.g. paywall, blocks tor, CloudFlare). If yes, it edits your toot with an archive.org version of the link and keeps you in the editor.

   • When reading: posts containing bad links are hidden or replacement links are attached. Stats are kept so chronic offenders can be unfollowed, muted, or targeted for etiquette pursuasion/gentle lecturing.

6. Mastodon pro-netneutrality server:

   Similar to the client. Posts with Tor-hostile and/or CloudFlare links are refused.

7. Email address free-society compatibility tester:

   Does an MX lookup & checks whether an email address is hosted in a walled-garden like Gmail or MS Outlook, and reports known situations that the server refuses RFC-compliant messages. E.g. some servers will reject a message if the domain of the FROM address doesn't match the reverse lookup of the connecting IP; some reject connections from dynamic IPs, thus forcing senders to share the message with another third party.

   Perhaps state the retention policy of the server, if known, and/or the legal retention limits in that jurisdiction.

   Checks whether the email address has a PGP key on public keyrings.

8. Wire-Bitlbee plugin

   Wire is a better alternative to Signal, but the bloated client app is Electron based. A bitlbee plugin would make it possible to use any IRC client the user wants.

Vote here:

• on ideas 1-4
• on ideas 5-8