Hacker News: beefee

New comment by beefee in "Privacy is priceless, but Signal is expensive"

beefee — Thu, 16 Nov 2023 17:32:13 +0000

A service that requires a telephone number simply shouldn't be called an Internet service. It can't be used purely over the Internet.

Telephone numbers are fundamentally incompatible with privacy. Signal's leadership knows this, but they don't appear to care.

New comment by beefee in "Show HN: FlakeHub – Discover and publish Nix flakes"

beefee — Tue, 22 Aug 2023 16:40:09 +0000

Me too. Several teams are trying to land grab by "wrapping" Nix with extra stuff.

But as good as flakes are, they still have big problems. flake.lock size explosion, UI hassles, no cross compiling support.

New comment by beefee in "Proton Pass end-to-end encrypted password manager is here and free for everyone"

beefee — Wed, 28 Jun 2023 16:25:34 +0000

Please put your apps on F-Droid.

New comment by beefee in "Toyota: Car location data and videos of 2M customers exposed for ten years"

beefee — Fri, 12 May 2023 19:06:05 +0000

Owners may want to disable this in hardware rather than relying on a sketchy opt-out mechanism. The relevant part is the "data communications module". It has an LTE modem and a backup battery, so it's able to transmit even if the car battery is disconnected. It requires a little bit of dashboard disassembly to access. You can either remove it or disconnect the LTE and GPS antennas. Toyota has technical documents available for $25 at https://techinfo.toyota.com.

It would be great if there was some website that collected all the detailed instructions for removing the spy devices from different car models.

New comment by beefee in "Ask Wirecutter: Can you recommend a not-smart TV for me?"

beefee — Fri, 07 Apr 2023 18:59:51 +0000

Here are some reasons.

1. Cost. I'd rather not pay for hardware and software I won't use.

2. Environmental impact. Unused and unwanted hardware is waste.

3. Unauthorized users connecting to WiFi. TVs are often in common areas. The settings menus have no authentication. So an unauthorized user might connect the TV to a WiFi network.

4. Automatic WiFi connections. TVs might connect to open or partnered WiFi networks without telling the user. Hard to know without an audit.

5. Accidental WiFi connections. Settings menus might be unintuitive (or deceptive) enough to trick users into joining WiFi networks accidentally.

6. Future data leaks. TVs might be recording data and saving it to internal storage. The next owner of the TV could connect it to a network, and years of stored data would be leaked. Again, hard to know without an audit.

New comment by beefee in "Turnstile: privacy-preserving alternative to CAPTCHA by Cloudflare"

beefee — Wed, 28 Sep 2022 17:40:30 +0000

Will any of this be available on Linux or owner controlled systems?

New comment by beefee in "Twilio incident: What Signal users need to know"

beefee — Mon, 15 Aug 2022 17:37:25 +0000

Please, stop using phone numbers. There is no reliable way to hold a phone number. The messaging protocols are insecure. If your service uses phone numbers or SMS, that means it's not secure or reliable.

New comment by beefee in "Oracle Suspended My Account"

beefee — Tue, 02 Aug 2022 15:04:57 +0000

I was never even able to sign up. "Customer service" just repeats the same thing on a loop.

Tech companies will slowly put themselves out of business with fraud detection algorithms.

New comment by beefee in "Google now deleting health clinic searches from location history automatically"

beefee — Sat, 02 Jul 2022 21:23:10 +0000

I wonder how hard it would be to have my personal residence classified as one of these protected places. Incorporate some kind of business or non-profit, make sure it shows up the right way in Google Maps, then enjoy freedom from Google surveillance.

New comment by beefee in "Feeling uncomfortable when leaving phone at home shouldn't be normal"

beefee — Sun, 08 May 2022 18:37:43 +0000

The loss of pay phones over the last 20 years is a loss to society. We used to have widespread access to cheap and anonymous emergency calling.

New comment by beefee in "Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard"

beefee — Thu, 05 May 2022 16:02:08 +0000

I fear services will force the use of certain devices, like those on the FIDO certified products list [0]. Will there be a way to use open hardware, open firmware, and user-controlled hardware attestation keys? Or will that be considered a fraud/bot risk?

[0] https://fidoalliance.org/certification/fido-certified-produc...

New comment by beefee in "Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard"

beefee — Thu, 05 May 2022 14:53:00 +0000

The services I interact with that support WebAuthn usually only allow you to register one key. Backup and recovery is a confusing puzzle for most of these services.

New comment by beefee in "Newegg has a bit of a scandal on its hands"

beefee — Wed, 16 Feb 2022 08:05:30 +0000

Yes, and there are surveillance companies dedicated to tracking people and the returns they make [0]. Many retailers now demand personal information like ID cards to make returns. If their secret fraud detection algorithms flag you, you can find yourself suddenly unable to make returns.

[0] https://www.theretailequation.com/

New comment by beefee in "Mozilla Rally"

beefee — Mon, 24 Jan 2022 19:34:09 +0000

Mozilla is big tech. They are funded by big tech and they support big tech's censorship ideology.

If they want to actually break with big tech, they can retract and apologize for this pro-censorship advocacy piece: https://blog.mozilla.org/en/mozilla/we-need-more-than-deplat...

New comment by beefee in "Systemd, 10 years later (2020)"

beefee — Sat, 08 Jan 2022 22:05:54 +0000

This is an important document and the best piece of writing I've ever seen on the topic of systemd.

New comment by beefee in "Overview of alternative open source front-ends for popular internet platforms"

beefee — Mon, 20 Dec 2021 05:05:58 +0000

It's best to run it yourself. On NixOS it's a one-liner: "services.invidious.enable = true". Then it will be up at http://127.0.0.1:3000.

Blazing fast and zero annoyances.

New comment by beefee in "Capitol Attack Was Months in the Making on Facebook"

beefee — Tue, 19 Jan 2021 18:33:26 +0000

It's chilling how quickly the tech industry has coalesced around oppressive and biased social media censorship policies. A scant few years ago, the tech industry was a beacon of free expression.

New comment by beefee in "The platforms have acted, raising hard questions about technology and democracy"

beefee — Wed, 13 Jan 2021 23:35:14 +0000

Are there any companies or organizations working to protect Internet freedom?

New comment by beefee in "Getting Started with Brave"

beefee — Mon, 11 Jan 2021 21:08:52 +0000

Here's the telemetry documentation: https://github.com/brave/brave-browser/wiki/P3A

So it's sending some amount of telemetry, but it's not so bad compared to mainstream browsers. A more detailed comparison is available in this report linked by another commenter: https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf

New comment by beefee in "Getting Started with Brave"

beefee — Mon, 11 Jan 2021 20:38:53 +0000

It's a matter of preference and threat models. Brave isn't perfect, and has had some controversy in their business practices. They also have some telemetry and cryptocurrency ads. For non-technical users I still think Brave is the best overall bet, especially on mobile devices. There's a great privacy comparison linked in a different thread.

For more technical people, ungoogled-chromium [1] is probably the cleanest option. It's completely free from ads, telemetry, "pings", "experiments", and the like.

[1] https://github.com/Eloston/ungoogled-chromium