umami_wasbi

joined 2 years ago
sorted by: new top controversial old
iPhones Seized by Cops Are Rebooting, and No One’s Sure Why in c/technology@lemmy.world
[–] umami_wasbi@lemmy.ml 9 points 7 months ago

"new security feature" "warning"

πŸ™‚

Credit Card Options in c/privacy@lemmy.ml
[–] umami_wasbi@lemmy.ml 6 points 7 months ago

Utill you're no longer live in the US. I can't find Ptivacy alternatives after moved out.

Hacker News frontpage as a print newspaper that you can personalize in c/technology@lemmy.world
[–] umami_wasbi@lemmy.ml 4 points 7 months ago

I wish it can be installed as PWA

HSBC UK banning KDE Connect from F-Droid, and non whitelisted keyboards in c/android@lemdro.id
[–] umami_wasbi@lemmy.ml 4 points 7 months ago

Unfortunately, the work profile is already used up.

HSBC UK banning KDE Connect from F-Droid, and non whitelisted keyboards in c/android@lemdro.id
[–] umami_wasbi@lemmy.ml 7 points 7 months ago

When it allow screenshotting

141
HSBC UK banning KDE Connect from F-Droid, and non whitelisted keyboards (lemmy.ml)
submitted 7 months ago* (last edited 7 months ago) by umami_wasbi@lemmy.ml to c/android@lemdro.id
47 comments fedilink
 

(Rant)

At somepoint, HSBC decided KDE Connect installed via F-Droid is less secure.

Photo of the HSBC UK app urging I install KDE Connect via GPlay or Galaxy Store

Then it decide non-whitelisted keyborads are a security risk. Only Gboard and Samsung Keyboard is confirmed within the whitelist.

Photo of the HSBC UK app telling me to switch input method citing security risk

I understand the point that risk can be introduce at various points, yet this is simply too much. Yeah there are people phone infected by malware but from Play Store. Not a single time I heard one ever happened on F-Droid distributed apps, at least not from the official repo. Also, I will put more trust on an open source keyboard than any proprietary keyboard.

Furthermore, I'm shocked that an app can read my app list, and current keyboard (introduced in Android 14). This just make building a profile much easier as I belive everyone almost have an unique set of apps they like. I don't think any apps need such functionality. Why the f it needs to care what input devices I uses? This make me worry more about untold (aka burried deep in Privacy Policy) data collection.

Running a Continuous NAS on Dual-Boot PC with Linux and Windows: Is It Possible? in c/selfhosted@lemmy.world
Running a Continuous NAS on Dual-Boot PC with Linux and Windows: Is It Possible? in c/selfhosted@lemmy.world
[–] umami_wasbi@lemmy.ml 8 points 7 months ago (1 children)

Unless you want to game. Anti-cheats are notorlessly anti-virtual machines.

The GrapheneOS team finally responded to my requests for a comment in c/privacy@lemmy.ml
[–] umami_wasbi@lemmy.ml 16 points 7 months ago (1 children)

So use what browsers? Chrome sounds more secure (I didn't read previous post), yet I don't want an advertising company looking at my browsing habbits, nor supporting them dominating the browser market share and have a powerful influence on every web standards.

Decrypting more complicated L1 secured DRM streamings. in c/piracy@lemmy.dbzer0.com
[–] umami_wasbi@lemmy.ml 1 points 7 months ago (1 children)

Maybe. I'm not in the loop but I believe you would need to gain some solid trust from the core team to get that access. It won't be a knowledge just flows in the scene up for any newly join members to grab.

How the "Block Instance" work? in c/lemmy@lemmy.ml
19
How the "Block Instance" work? (lemmy.ml)
submitted 7 months ago* (last edited 7 months ago) by umami_wasbi@lemmy.ml to c/lemmy@lemmy.ml
2 comments fedilink
 

There is "block instance" under "settings > blocks" but what does it do? I added a few onto the list but it seems does nothing to remove contents links to the instance.

What I want to achieve is to block all users post from specific instances when spams are high.

Decrypting more complicated L1 secured DRM streamings. in c/piracy@lemmy.dbzer0.com
[–] umami_wasbi@lemmy.ml 3 points 7 months ago* (last edited 7 months ago) (3 children)

AFAIK, L1 are hardware backed using Trusted Execution Environment like ARM TrustZone. Unless you can find an exploit to exfil the key from the chip, you have no luck. It was done before and published, but I believe it is patched already. Anyone holding such exploit would keep close to their chest to avoid it beimg patched.

Can a Unified Push push server see/read notifications? in c/privacy@lemmy.ml
[–] umami_wasbi@lemmy.ml 3 points 7 months ago* (last edited 7 months ago)

I never used it, but I would assume yes after reading the frontpage and the doc. At no point there is a PSK set between sender and reciever, not I see any signs for key exchange between devices.

This is not a definitive answer though as I didn't read the source code of Nfty, nor the UnifiedPush spec.

262
Apex Legends is taking away its support for the Steam Deck and Linux (www.theverge.com)
203
Steam doesn’t want to pay arbitration fees, tells gamers to sue instead (arstechnica.com)
222
Asus says they will unlock my bootloader for ...money. (xdaforums.com)
 

How come this wasn't getting more attention?

161
Malaysia's plan to block overseas DNS dies after a day, but still need to stay vigilant (www.theregister.com)
 

There are reports in Registar's comment section that Malaysia didn't only redirect DNS traffic, but took active measures to block VPN, and MITM DoH where Cloudflare's DoH returns local ISP certificate.

In fact, some ISPs like Maxis and Yes were already blocking VPN (I see a lot of complains on Lowyat.net about Maxis blocking VPN, and I was using Yes WiMax and experienced the blocking firsthand. I couldn't connect to PPTP endpoints and L2TP endpoints caused the modem to disconnect from the network and reboot).

They were outright trying a MITM redirect attack on those using DOH. Many reported error messages saying that Cloudflare's DOH server were practically returning the certificate for Telekom Malaysia's DNS servers.

Even with many new technologies, I ralized that I not as safe and free as I want to be, maybe you too.

28
Greasy Opal's CAPTCHA solver still serving cybercrime after 16 years (www.bleepingcomputer.com)
 

If $70 +$10/mo can get me through all those annoying CAPCHAs, I will gladly pay. Of course, if cheaper or even free solutions exists, I will use it. My only requirement is it work 90%+ of the time.

475
Customs agents need a warrant to search your phone now (www.theverge.com)
 

tl;dr: only applies to NY Eastern District, and likely only US citizen can enjoy

25
How to extract firmware of my Lenovo T480? (pk.fail)
submitted 11 months ago* (last edited 11 months ago) by umami_wasbi@lemmy.ml to c/linux@lemmy.ml
8 comments fedilink
 

I want to check if my Lenovo T480 is afftected by the recent PKFail, but have no idea how to extract the bios firmware for validation. Can someone detail the steps? Thanks.

40
Consequences of a mail server offline? (lemmy.ml)
submitted 11 months ago* (last edited 11 months ago) by umami_wasbi@lemmy.ml to c/selfhosted@lemmy.world
22 comments fedilink
 

Just wonder what if my mail server went offline for some periods, and the sending party couldn't deliver.

Will there be any consequences except I don't get the mail? I tried searching but they all in the perspective of a sender and get a bounce, rather the other way around.

20
Experience with IONOS? (lemmy.ml)
submitted 11 months ago* (last edited 11 months ago) by umami_wasbi@lemmy.ml to c/selfhosted@lemmy.world
14 comments fedilink
 

Saw they have promotion Β£1/mo without setup when paid for a 12mo contract for the lowest end VPS. Anyone use it before?

Just planning to run frp on it. https://github.com/fatedier/frp

24
Don't get an used Quanta server - I just wanted a cheap Epyc server... | Craft Computing (www.youtube.com)
submitted 11 months ago* (last edited 11 months ago) by umami_wasbi@lemmy.ml to c/homelab@lemmy.ml
1 comments fedilink
 

Lesson learnt: don't ever buy an used server from Quanta

Also, isn't Epyc have an efuse that will pair it with the mobo?

view more: next β€Ί