Hacker News: RandomGerm4n

New comment by RandomGerm4n in "reCAPTCHA Mobile Verification Is Bringing the Play Integrity API to Desktops"

RandomGerm4n — Fri, 15 May 2026 11:20:46 +0000

> I, for one, like streaming apps enough that I don't want to go back to locked-down, expensive DVD players. The alternative to DRM isn't "no DRM", it's "no content".

That statement is simply not true. The demand for streaming services would still be there. There would simply be even more illegal alternatives than there already are, so companies would still be forced to offer movies and TV shows via streaming. They only have the choice between offering DRM-free content and making money, or making no money while people watch it anyway.

New comment by RandomGerm4n in "reCAPTCHA Mobile Verification Is Bringing the Play Integrity API to Desktops"

RandomGerm4n — Fri, 15 May 2026 09:57:06 +0000

But that would only be possible for large companies. If I'm just tinkering with my own Linux distribution for fun, Google won't even bother responding to my request.

New comment by RandomGerm4n in "reCAPTCHA Mobile Verification Is Bringing the Play Integrity API to Desktops"

RandomGerm4n — Fri, 15 May 2026 09:16:21 +0000

The intention behind it doesn't matter at all. In the end, it just means that only a few major operating systems are allowed, and the market is divided up among the established manufacturers. Anyone new to the market faces a major problem right off the bat, and trying to build something yourself doesn't work either.

New comment by RandomGerm4n in "Mullvad exit IPs are surprisingly identifying"

RandomGerm4n — Fri, 15 May 2026 05:23:50 +0000

In many countries, a VPN provider can be significantly more trustworthy than an ISP. In Germany, for example, you can have your home searched simply for insulting a politician. The ISP will then immediately hand over the data to the authorities, which most VPN providers do not do. The same goes for torrents. If some random law firm sends a letter to Telekom saying, “Hey, your customer downloaded a movie please give us his data,” they’ll do it right away. Mullvad, ProtonVPN, or even dubious VPN providers like NordVPN don’t do that.

New comment by RandomGerm4n in "Hackers breach JDownloader's website to serve malware-laced downloads"

RandomGerm4n — Sun, 10 May 2026 07:10:07 +0000

Not all plugins are open source. Some of them are included in the jdclosed dependency which is just a blob. The developers claim this is to prevent sites from patching them. However this approach is not compatible with the GPL and the developers have simply been ignoring this for years.

New comment by RandomGerm4n in "Google broke reCAPTCHA for de-googled Android users"

RandomGerm4n — Sat, 09 May 2026 15:32:24 +0000

The AusweisApp is Open Source and available on Windows, Linux and even FreeBSD too. You just need some NFC Scanner that works via USB and then you can use it without a mobile device. https://www.ausweisapp.bund.de/open-source-software

New comment by RandomGerm4n in "Hackers breach JDownloader's website to serve malware-laced downloads"

RandomGerm4n — Fri, 08 May 2026 14:53:22 +0000

There are still warez sites that upload content in RAR archives, which are then split into individual parts. A download manager can then download them all one after another instead of having to do it manually. There are also hosting sites with weird CAPTCHAs or various waiting times.

New comment by RandomGerm4n in "Hackers breach JDownloader's website to serve malware-laced downloads"

RandomGerm4n — Fri, 08 May 2026 13:43:54 +0000

I wish there was finally a decent alternative to this junk. JDownloader pretends to be GPL, but parts of it are closed source. Plus, the Windows installer on the official site is a gamble, and you can only find a clean installer in the forum. The developers claim it’s "just adware", but since it’s a web-based installer, different things are offered depending on your IP address. Some of these install themselves even if you decline them, and some also contain real malware. It was actually to be expected that they wouldn't secure their website properly and that someone else would end up spreading malware as a result. The only reason to still use this software is that it works with every obscure filehoster out there. Alternatives like pyload are much less effective at bypassing all the security measures these sites put in place to block download managers. It also lets you download videos from streaming sites that other tools like yt-dlp refuse to support.

New comment by RandomGerm4n in "Dirty Frag: Universal Linux LPE"

RandomGerm4n — Fri, 08 May 2026 07:14:25 +0000

Perhaps we should consider designing distributions to be more tailored to specific purposes. Since no one needs the affected module on a desktop computer, distributions designed for that purpose should no longer include it by default. If this approach were consistently followed, significantly fewer systems would be vulnerable to such exploits. For most users a system with a kernel as minimalistic as the Android GKI kernel combined with sensible SELinux policies, would likely be sufficient.

New comment by RandomGerm4n in "Windows API is Successful Cross-Platform API (2024)"

RandomGerm4n — Sun, 03 May 2026 12:52:05 +0000

EOL doesn't mean you can't install or use it anymore. It simply means you shouldn't use it anymore because security updates are no longer available. You face the same problem with Windows software that is no longer updated. The only difference is that no one tells you it's no longer supported.

New comment by RandomGerm4n in "Windows API is Successful Cross-Platform API (2024)"

RandomGerm4n — Sun, 03 May 2026 11:09:10 +0000

You can also simply use Flatpak with the Freedesktop Runtime. It runs everywhere regardless of the distribution. For games Steam offers something similar with the Steam Runtimes. You simply develop for that one container and the software will still be running in 20 years. Even though, of course, making software proprietary isn’t best practice. If you make everything open source from the start the various Linux distributions and users can adapt it themselves for their distribution and eventually modernize it as well.

New comment by RandomGerm4n in "This Month in Ladybird – April 2026"

RandomGerm4n — Sun, 03 May 2026 08:38:53 +0000

There would still be piracy sites. So their choice would be between everyone watching it for free or offering their service without drm.

New comment by RandomGerm4n in "Copy Fail"

RandomGerm4n — Thu, 30 Apr 2026 13:37:32 +0000

That would only work if the user had access to a binary that they wanted to run as root. Ideally this shouldn’t happen at all for most users. There is almost never a legitimate reason to run any program as root unless for example it is a service that absolutely requires it. In Fedora based distributions SELinux also prevents systemd from running any binaries or scripts that the user has access to as root. Removing setuid binaries and strictly limiting features like user namespaces through SELinux would make Linux significantly more secure. It’s absolutely ridiculous that even an outdated Android smartphone is more secure than the average Linux distribution these days.

New comment by RandomGerm4n in "Copy Fail"

RandomGerm4n — Thu, 30 Apr 2026 10:06:09 +0000

That is why we should get rid of setuid binaries. GrapheneOS does not use them and was therefore not affected. On the desktop there is also a project called Secureblue based on Fedora Atomic that is moving in a similar direction and has already eliminated a large number though not all setuid binaries. As an alternative to sudo, su, and pkexec there is for example run0, which is available in distributions using systemd. Since systemd 259 there is now also the --empower parameter which like sudo elevates the privileges of the regular user. Essentially any distribution could start removing sudo and create an alias so that users don’t have to adjust immediately.

New comment by RandomGerm4n in "Show HN: Adblock-rust Manager – Firefox extension to enable the Brave ad blocker"

RandomGerm4n — Wed, 29 Apr 2026 14:35:51 +0000

I’m a Firefox user myself but there are some very valid arguments against it on Android as well. Firefox on Android is significantly more vulnerable to exploits, lacks internal sandboxing and doesn’t properly isolate tabs from each other.

New comment by RandomGerm4n in "Show HN: Adblock-rust Manager – Firefox extension to enable the Brave ad blocker"

RandomGerm4n — Wed, 29 Apr 2026 14:23:02 +0000

One thing doesn't rule out the other. Just because a browser has a built-in adblocker doesn't mean you can't replace it with another one if it's not working well. Every browser should have at least a basic adblocker enabled by default. Anything else is a major security risk. In the context of web browsers ads are the main entry point for malware. Either through exploits delivered via ad banners or by tricking users into downloading something. Many search engines such as Google display fake search results that lead to infected versions of otherwise secure software. Additionally some sites offering downloads have ads disguised as download buttons that lead to something else. A browser manufacturer should try to protect its users from such things.

New comment by RandomGerm4n in "Show HN: Adblock-rust Manager – Firefox extension to enable the Brave ad blocker"

RandomGerm4n — Wed, 29 Apr 2026 13:53:12 +0000

Can this extension effectively block ads on YouTube? When I manually enabled the Rust ad blocker in about:config and added filter lists there, ads still appeared on YouTube and some porn sites. While uBlock Origin blocks everything.

New comment by RandomGerm4n in "Waymo says can't avoid bike lanes because riders want to be dropped off in them"

RandomGerm4n — Mon, 27 Apr 2026 08:00:25 +0000

This statement should be grounds for immediately banning Waymo from operating. If a driver says they can’t follow traffic rules they should lose their driver’s license until they’ve proven they’re fit to drive again. I can’t think of any reason why it should be any different for autonomous systems. If they can’t follow traffic rules they shouldn’t be allowed to drive.

New comment by RandomGerm4n in "Turtle WoW classic server announces shutdown after Blizzard wins injunction"

RandomGerm4n — Mon, 20 Apr 2026 15:52:46 +0000

Only a very small percentage of players purchase microtransactions. In addition Turtle doesn't have any payment information because the transaction went through a third-party service. So Blizzard would have to take legal action against that service first. Also the server itself is not “piracy.” The server is based on VMaNGOS which is open source and contains no Blizzard code. VMaNGOS can be downloaded legally from GitHub. Turtle WoW created its own content for the server some of which runs on the server side and some on the client side. The only thing that is actually "piracy" is the distribution of the game client (which they unfortunately did) as it belongs to Blizzard.

New comment by RandomGerm4n in "Turtle WoW classic server announces shutdown after Blizzard wins injunction"

RandomGerm4n — Mon, 20 Apr 2026 07:29:32 +0000

There is no customer list. The only thing Blizzard could do is ban anyone using the same IP address as someone on Turtle WoW. However since NAT is widespread in many countries and many people don’t have their own IPv4 address this would result in an extremely high number of false positives. Not to mention that multiple people could be sharing the same internet connection. Besides there’s no reason to do that. Someone who also plays on the official server is paying for a subscription. Banning that person now would just mean less revenue for Blizzard.