It’s been fine. But I’m a decently well off young white dude who has never had trouble with borders anywhere. But I will still avoid it as much as I can.

Huh?

I’ve used Vim for a decade and I would be offended if it made any noise.

I still recommend it. I’m not fully happy with the situation but for now I consider it my best option.

1. I consider Chromium-based browsers out of the question as they give too much power to Google. This is already showing to be a problem with new APIs and “features” that Google is pushing into the web platform and the bigger the market share gets the more control they have.
2. Web browsers are the biggest attack surface that most people have. Displaying untrusted webpages and running untrusted code is incredibly difficult and vulnerabilities are regularly discovered. I don’t yet know a Firefox fork that I trust enough to reliably respond to security vulnerabilities quickly and correctly.

So for now I am staying with raw Firefox. Not to mention that as a disto-built Firefox I have some insulation from Mozilla’s ToS. But I am very much considering some of the forks, especially the ones that are very light with patches and are mostly configuration tweaks.

Wine will mount your root folder as a Windows drive by default. So if the malware is scanning all connected drives and encrypting/uploading them you still have a problem.

It’s definitely an option. It will do the things that you want (as long as your phone is online, but that is the same for any other solution).

sending Signal messages with it would be less secure

Yes, this is because Beeper converts the Signal protocol to the Matrix protocol and vice versa. In order to do this it needs to access the messages. So it needs to decrypt the messages, then re-encrypt them on the other side. This means that the bridge (in this case operated by Beeper) has access to your messages. This is often referred to as “end-to-bridge” encryption, as it isn’t end-to-end anymore.

This is going to be true of any bridge you use that is hosted by a third party. You are always adding one additional trusted party into your communication.

the recommended bridge instructions sends me over to Beeper, since I don’t have my own server

Yes, to practically operate a bridge you need your own Matrix server. This is because the bridge will create a new Matrix user for every remote participant (every phone number you communicate with in this case). Doing this with regular mechanisms would be difficult (as signup is likely restricted in some ways) and inefficient (as each account would need to be checked for new messages separately). Beeper runs their own homeserver so that they can operate their bridges. However Beeper’s bridges are only available to users on the same homeserver (this is not a protocol limitation, just their choice). So in order to use their bridges you need to make an account with them (which you can, it is free IIUC). Beeper also offers custom clients which have special features for interacting with their bridges (for example making it easier to start a conversation with a new phone number).

The alternative would be to run your own server and bridge (or hire someone to it on your behalf).

Oops, I linked the wrong one and got fooled because the most recent post is actually open again.

!opensignups@lemmy.ml is more active. (Although not bustling either)

Yeah, this is basically how it goes. It depends what country you grew up in. Canada is the same way, almost everyone who grew up in Canada can swim (not necessarily well, but able to manage). This is partly due to the number of lakes that exist near populated areas so swimming is a common passtime and boating accidents are a fairly high cause of accidental death. There are some countries where it is much more rare.

!opensignups@lemmy.world is active enough.

Yeah, public trackers definitely raise your chance of a notice by at least an order of magnitude. New content also tends to be more noisy than old content. I also found a drop by selecting “require encryption” although I can’t imagine why it would help (IIUC most of these scanners just connect to everyone in the swarm, not sniff random internet traffic.

The most likely situation is that the torrent isn’t good. I would also force a recheck of the torrent to double-check that the files on your disk haven’t been corrupted. But if that file is still saying “0 B” remaining (don’t just look at 100% as it may be rounded) after the recheck then I would bet pretty good money on a broken torrent. If this is a public tracker it is fairly common.

However even if it is broken you may be able to play by using a different players. Different apps can skip over different forms of corruption, so you may get lucky.

Nice. There were a few comics that I followed on Twitter due to lack of them posting other places. But it is nice to know that if I find another account that I am actually interested in I will be able to get a feed.

If you don’t need to watch Jeopardy live it is pretty readily available via torrents. Probably in better quality and without ads.

Sports are much harder to find. There are trackers but they are much harder to get into and I can’t attest to the completeness (I’m not really into sports) and watching it live is probably more relevant.

This is my strategy. If I can’t bank on the website I find a new bank.

The main issue is accepting incoming connections. When you are behind a NAT (as most VPNs are for IPv4) you need some solution (such as port-forwarding) to make your torrent client connectable. This causes a number of issues when torrenting.

1. When someone starts a download they will try to connect to the seeders. If the seeders are not connectable this will fail.
2. As a fallback when the seeders notice the leachers they will try to connect to them. If the leacher also isn’t connectable this will also fail.

If neither party is connectable the download can’t happen, so you may fail to get content that you want.

This is extra relevant if you are on private trackers where seeding is tracked, has direct value and is competitive. If you are not connectable every new downloader will immediately connect to the connectable seeders and finish the download before your client even knows that they exist. (reannounces for seeders can be very infrequent, such as hourly, so it will take an average of 30min for you to notice a new seeder and try to connect to them). This makes it very difficult to acquire much upload unless there are very few other seeders.

NAT is evil, all hail IPv6.

It would be nice if there was a shortcut to go “back to previous site”. Because on one hand using back to navigate around map moves is often very convenient, but sometimes I want to go to the site before the map. Having a two-level history with page and site would be super useful.

That isn’t what that document says. It says that they can impersonate you in non-E2EE scenarios. The clients I use warn me when a message isn’t properly encrypted so someone without E2EE keys can’t impersonate someone in an E2EE room.

That being said the general concept is a problem. I would love to see progress where all events from a user are signed by a device key and non-forgable. There is some thinking about this with portable identities (such as MSC2787) where you server is basically just storing and forwarding events but the root of trust is your identity and keys that you control. But none of this will land soon, not for many years.

Probably yes, it depends on your threat model.

If you are using E2EE on a matrix.org account then your message content, attachments (images) and most other traffic isn’t accessible to anyone but the people in the chat. However Matrix isn’t the most private option, it has a number of leaks such as reactions and chat topics (these are being worked on but aren’t close to happening).

For most people Matrix is a very private and secure option and the fact that it is federated is a huge plus. If you want something more secure you are probably looking at Signal (which you don’t want to use and isn’t federated) or Simplex Chat (which doesn’t have multi-device support).

Closed-source software that sends home tons of information about your system without consent. All communication accessible to a VC funded company that has huge pressure to make as much money as possible.

I’ve been doing this from Firefox forever…

But “with audio” is actually a new feature. Previously I was manually sending the audio through my voice channel which worked pretty well but it would be nice to have a separate stream for the streaming audio.

Probably not enough for me to install the spyware though, I’ll keep using Discord via Firefox.

those disks were not spinning for maybe 3 weeks total

This is actually a good thing for longevity. Start up and stopping is the hardest part of a drive’s life. So you will see more failures on a personal PC that you turn off every night than a server drive running 24/7. Laptop drives will typically fare the worst as they may be power cycled many times a day, often fully stop when idle for power saving and get shaken much more than other drives.