• 0 Posts
  • 29 Comments
Joined 1 year ago
cake
Cake day: August 19th, 2023

help-circle
  • Someone made a mistake here. It’s not getting your IP address. An IP address is assigned by the gateway when you’re connected to an access point. An IP address is not an identity. They are always changing and can be shared. This has already been tested and upheld in court.

    It’s actually collecting your MAC address. Which is exchanged when your phone or tablet scan nearby WiFi points or Bluetooth devices. However, this can already be defeated. By default iOS and Android both have the option to randomise the MAC address in intervals. Making it extremely difficult to prove anything. This feature exists because the devices real MAC address never changes. It is unique. Alternatively, users can disable WiFi and Bluetooth scanning entirely. However, your device no longer participates in the Find My Devices program by Apple and Google, location does take longer to acquire in some scenarios, and accuracy may take longer to triangulate.


  • From their own privacy policy they outline what they do:

    For research and development purposes, we may use datasets such as those that contain images, voices or other data that could be associated with an identifiable person.

    To provide location-based services on Apple products, Apple and our partners and licensees, such as maps data providers, may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device.

    Apple’s websites, online services, interactive applications, email messages, and advertisements may use “cookies” and other technologies such as pixel tags and web beacons.

    We also use personal information to help us create, develop, operate, deliver, and improve our products, services, content and advertising

    At times Apple may provide third parties with certain personal information to provide or improve our products and services, including to deliver products at your request, or to help Apple market to consumers.

    Apple may collect location, IP Address, network information, Bluetooth information, connected devices, accessories, personal demographics, browsing history, browser fingerprint, device fingerprint, search history, app data, usage data, performance, diagnostics, product interaction, transaction information, payment information, purchasing records, contacts, social graph, watch history, listening interests, reading list, call metadata, device information, messaging metadata, email addresses, salary, income, assets, health data, ad interaction, in-app purchases, in-app subscriptions, app downloads, music downloads, movie downloads, TV show downloads, Apple ID, IDFA, Random Unique ID, UUID, IMEI, Hardware serial number, SIM serial number, phone number, telemetry, cookies, Nearby WiFi MAC, Siri request history, Web sign-in, songs played, play and pause times, playlists, engagement and library.

    Literally all of this is what Google does. The only thing Apple does differently is hinder 3rd party apps to a greater degree, whereas Google is more permissive. But to be fair, Google has been improving the Privacy features of Android with each version.

    https://tosdr.org/en/service/158





  • It’s not odd at all. It’s well known this is actually the truth. Ask any video editor in the professional field. You can search the Internet yourself. Better yet, do a test run with ffmpeg, the software that does encoding and decoding. It’s available to download by anyone as it’s open source.

    Hardware accelerated processing is faster because it takes shortcuts. It’s handled by the dedicated hardware found in GPUs. By default, there are parameters out of your control that you cannot change allowing hardware accelerated video to be faster. These are defined at the firmware level of the GPU. This comes at the cost of quality and file size (larger) for faster processing and less power consumption. If quality is your concern, you never use a GPU. No matter which one you use (AMD AMF, Intel QSV or Nvidia NVENC/DEC/CUDA), you’re going to end up with a video that appears more blocky or grainy at the same bitrate. These are called “artifacts” and make videos look bad.

    Software processing uses the CPU entirely. You have granular control over the entire process. There are preset parameters programmed if you don’t define them, but every single one of them can be overridden. Because it’s inherently limited by the power of your CPU, it’s slower and consumes more power.

    I can go a lot more in depth but I’m choosing to stop here because this can comment can get absurdly long.


  • Think outside the box. Get a previous generation. Pixel 8 was about to be released. To move inventory, Google discounted the 7 series by like 30-40%. I got the 256GB 7 Pro for $600. Without the sale, $600 is the same price as the 128GB 7. I got a top of the range flagship phone for the cost of a midrange. My mom did something similar with a Samsung phone. She got an S20 when the S22 released. Huge discount when Verizon offered it for $449.




  • You always will. Welcome to the Internet. The difference is whether or not you’ve taken steps to secure your stuff. You need to understand what this malware is looking for. It’s explicitly looking for unsecured services. Such as WordPress, SQL, etc. There are inexperienced users out there that inadvertently expose themselves. I see this type of probing at work and at home. Don’t overly stress it. My home server has been running for a decade without issues. Just keep it updated and read before you make any changes if you don’t fully understand the implications.

    My home based server is behind a pfsense firewall. Runs Arch. Everything is in a non-root docker container. SELinux is enforced. All domains are routed through Cloudflare. Some use Cloudflare Zero Trust.


  • Oh my. You’re doing it wrong. Exposing the unencrypted connection without the proper security measures is putting yourself at risk. Regardless of how strong you set the password, the connection can still be abused in all manner of ways. If you read the jellyfin documentation, you’d see the developers clearly state you should never do this. You need to put Jellyfin behind server software. Specifically a reverse proxy. I use NGINX. You can setup your connection to be secure this way. You can now also use Cloudflare if you have cache turned off. And if you really wanna go the extra mile, route it behind a VPN. Though this makes it harder for those you share it with or some devices that don’t support VPN.

    Please revise your connection. If you need help, feel free to reach out.


  • Office doesn’t have native Linux binaries. You either have to use a VM or Wine. You’ll find most people recommend a VM. There are Office web apps, but they’re not as robust as the Windows native offerings. Microsoft doesn’t really want to offer Office on Linux. Stick with Windows for the remainder of your education. Once you’ve finished, you can sink time into learning Linux.


  • Exactly.

    If my device is compatible, does it automatically have access to Google Play and branding?

    No. Access isn’t automatic. Google Play is a service operated by Google. Achieving compatibility is a prerequisite for obtaining access to the Google Play software and branding. After a device is qualified as an Android-compatible device, the device manufacturer should complete the contact form included in licensing Google Mobile Services to seek access to Google Play. We’ll be in contact if we can help you.

    https://source.android.com/docs/setup/about/faqs

    Google services are entirely missing from Android open source. The Google Play package is what contains the entirety of Google’s services.

    Not sure if anyone remembers but back when cyanogenMod was the go-to, early versions had Google services included. Google sent a cease and desist notice and said it was a license violation. You cannot distribute it as part of the OS by default. The next release of cyanogenMod had it removed. Users had to flash the package if they wanted it.



  • Jellyfin gives you 100% control. You’re responsible for setting up remote access. Which actually isn’t that hard. Several IT and network admins of the community (myself included) hand out documentation on how to do this. Without completely ruining your security.

    With Plex, some of the application communication is routed through their network. It requires an active internet connection and you must create an account with them. They have third party analytics embedded, use tracking pixels, beacons and device fingerprinting. Whatever personal data you have supplied is used to serve ads. This being their promoted content that isn’t part of your library.


  • icedterminal@lemmy.worldtoLinux@lemmy.mlGamedev and linux
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    The Feedback Hub was introduced to fix this gap in user reports for Windows. Microsoft does actively monitor this. They respond when necessary, merge topics, deny or approve bugs/suggestions, etc. For their software, such as Terminal or VS Code, you can use GitHub issues.

    Keep in mind, like most companies, Microsoft has guidelines on what employees can say when responding to any user feedback. This is why we typically see a lot of copy and paste. When it is more than that, wording is selective and you may not get more than one or two responses in total.

    I know of at least one employee on Reddit who participates every so often. https://www.reddit.com/user/jenmsft/



  • Eh. Adobe puts more effort into making it harder or tedious.

    With the introduction of Creative Cloud, the notorious “amtlib.dll” that houses Adobe licensing, was bundled into the respective applications binary (exe). It didn’t stop pirates. In 24 hours they found the licensing mechanism and patched it.

    You could create a CC account, install the desktop manager, install any app(s) you wanted, then crack them. When an update arrived, you could simply update the app(s) and apply the crack again.

    Occasionally the licensing mechanism would update and an updated crack would be needed. As usual, pirates had this worked out the day of or a day later.

    Adobe would later patch the desktop manager and break functionality to update software if it wasn’t genuine. People could still get the latest versions by uninstalling and reinstalling through the desktop manager. Since it would retain user settings by default.

    Later, a mechanism was built into each application that would throw a warning message that the application isn’t genuine. For example, Photoshop would soft lock and the genuine check would display with the only option to close. This too was eventually patched out by pirates.

    The latest attempt from Adobe now forces users to input and have a credit or debit card saved before activating a trial. This removed the ability for users to easily install software anonymously.


  • I’m finding it hard to believe this statement.

    System wide DNS over TLS (DoT) as it’s called “Private DNS” was introduced in Android 9. Which was released in 2018. I’d genuinely like to know what Android device today ships with 8 or older, or, ships with 9 and later but has it intentionally removed. If you’re still using an Android device running 8… Why?? It has not received security updates since 2021 and is officially unsupported.

    iOS devices can import certificates to enable system wide DoT. This was introduced in iOS 14. Which was released in 2020. Given how Apple has a 7 year track record for device support, the oldest Apple device to get 14 was the iPhone 6. Which shipped with iOS 9 on release.


  • Lol. You have to understand the context here. This is just translations. Actual code has many, many more eyes on it. An entire university was banned from submitting code to Linux, because of two dumbasses. They found and fixed genuine bugs. Built up lots of trust. Then violated that trust with actual use-after-free bugs submitted intentionally.

    The submitted “patches” to the development branch was to prove it’s easy to get exploits into high profile open source projects. They ultimately proved the contrary. Making their “research” bunk. The code they submitted never made it past the development testing phase.