• 1 Post
  • 204 Comments
Joined 1 year ago
cake
Cake day: July 30th, 2023

help-circle
  • I assume the problem is hardware. Matt’s hardware didn’t work well with LM, therefore Matt thinks LM sucks… I do wish there was better hardware support but it’s the reason apple went with 1 product = 1 OS = 1 general set of hardware. Sure not every iPhone has the same hardware, but that’s why they have the model numbers, and it’s so much easier to test 200 model mixes than 2,000,000 (Android). Windows gets all the debug info sent directly to them like the others but they also have a huge stack of hardware they can use or they can buy it to test.



  • Just something to keep in mind for those not in the security space. When a security company does an audit, its generally a checklist of commercial and custom security software along with a couple people poking around looking for more manual harder to find stuff. But there’s a reason companies like Mullvad have a bug bounty program… Just because cure53 didn’t find it, it doesn’t mean some bored hacker won’t…

    Absolutely better than nothing though.




  • Do a lot of reading. Get a cyber informations systems basics overview on your own self-teaching before you try to understand it all.

    Stay away from session and matrix. Signal, Nostr, SimpleX (nvm if you use Apple products) and the like are okay, but they are all hobbyist influencable products besides Signal which gets fat government grants and just happens to use the same encryption standards as all other huge name E2EE tools.

    Stuff is fun to learn on, but get a good VPN (debates about… mullvad, ivpn, cryptostorm seem okay). here’s something fun for you and free: https://www.thc.org/segfault/


  • Then maybe you’re okay.

    A number of people can see your IP, people will chime in and add to ane remove from this list:

    Can’t see it:

    • Random people you personal message with
    • Random people you chat with in rooms

    CAN see it:

    • Server admins
    • People you share (send/rcv files with) // this may have been fixed
    • People who send you links and you click them, but this isn’t specific to Matrix, it’s a tale as old as time.
    • You voice call with someone (may have been fixed)

    Some info may be wrong. But having someone’s IP in the days of routers and all filtered ports means little, unless you piss off someone who knows some low level customer support person @ your ISP to pay to get your account info. Or you’re dealing drugs in which case use TAILS and stop fucking with technologies you don’t know the specifics of.

    If they knock you offline and you can’t access anything at all, unplug your router AND MODEM (most importantly your modem) for an hour. Go touch grass for an hour. Widdle a wee branch. Plus your boxes back in and you’ll be bright as new.

    @[email protected] this isn’t meant to be a dig at you, although last time you didn’t care to correct or learn if I recall,but often times you leave out the “if so,” “possibly, what and XYZ?'” and it ends up spreading misinformation because you didn’t know enough or care enough to type enough.

    I love Matrix but we need to be open about what the fish is before skinning it…

    https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0

    https://blog.erethon.com/blog/2022/07/13/what-a-malicious-matrix-homeserver-admin-can-do/

    https://www.reddit.com/r/PrivacyGuides/comments/q7qsty/is_matrix_still_a_metadata_disaster/


  • Synnr@sopuli.xyztoMoneroExperiences with AnonExch?
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    5 months ago

    To be honestly I didn’t even know they had aggregated pools, but I will 100% look into it. Where did you find the aggregared swao on the main exchange page?

    We operate with two pools of addresses for BTC deposits and transfers - mixed and aggregated. In a mixed pool all received and sent transactions are mixed together and there is no way to discover how many people are behind certain addresses and traceability is extremely difficult, which is very good for privacy but bad for risk scoring. In the aggregated pool all transactions we receive from users are collected on a known single address which is also used to send payments, what will clearly show you have interacted with our exchange and it’s good for interacting with other major exchanges to avoid any risks of frozen funds.

    These are cons and pros of each pool:

    Aggregated pool (bc1qu2dq8w8lv8v3l7lr2c5tvx3yltv22r3nhkx7w0)

    Pros:

    No risks of being frozen at major exchanges due to low risk score given by chain analysis platform

    Chain analysis platforms will know you have interacted with an exchange and won’t increase a risk score of your sending addresses

    Can be useful when someone asks you for a source of funds

    Cons:

    Reduced privacy

    I had X,XXX eaten by a swap before so now I only use BXYZ to XMR. I wish I knew about this for some trades. Wonder if it’s limited to pseudononymous currencies. wish I knew where to find it and more info.

    All options I see are flat rate and dynamic rate. Maybe you have to contact them about it.


  • Synnr@sopuli.xyztoMoneroExperiences with AnonExch?
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    5 months ago

    Not sure about anonexch. Exch.cx is great for whatever to XMR. 5% fee though. Do NOT use them to trade XMR to a pseudononymous crypto like BTC at anywhere that checks KYC or availability of dirty address (Trocador hsd a checjer on their site fwiw) as there’s like an 85% chance you’ll have to do KYC and explain to get it back.Unless you’re using Trocador and are at or under their guarantee, then they will just send the funds back to the original address, no questions asked, provided you have access to it.


  • Synnr@sopuli.xyztoPrivacy@lemmy.mlDrones trespassing in my property
    link
    fedilink
    arrow-up
    6
    arrow-down
    11
    ·
    edit-2
    5 months ago

    Just to confirm the obvious. Downvotes are expected but OP you should read this.

    They are close enough to see that they are quad copters, and they make a buzzing noise, correct?

    There have been a lot of UAP flaps where the objects (not quad copter looking) will fly low over the countryside, just above the tree-lines to much higher. They usually make no noise aside from reports of static or screeching or electronic interference.

    Unlikely to be the case but if so, report to your countries MUFON type department and get as much evidence (video with sound, drawings, time and date, etc) as you can.

    There is something else out there, whether it’s military black projects mapping areas or what have you, and it needs to be documented.

    If it is for sure quad copter drones, you can get a device to blast the 2.4Ghz spectrum for a short time and make them ‘phone home’ and the operators will stop flying them over your property once they realize something wrong keeps happening when they do. Legality varies.

    Many tutorials available to DIY. You can also buy them pre-built, just more expensive.



  • Synnr@sopuli.xyztoMoneroAll majesticbank scams & lies.
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    5 months ago

    I dunno. They started out with different owners. It’s still fully manual (buy prepaid visa, get it in 24 hours, maybe.)

    They once advertised cards that would not be detected as prepaid. Surprise, company I bought it for wouldn’t accept a prepaid card, no refund just “sorry for luck maybe try another site?”

    Edit I had allark and majesticbank confused.


  • That does go a long way towards explaining why there are so many Bluetooth vulnerabilities, thanks for the info. Looking at the list of Bluetooth protocols wiki page gives me a headache. Surely there is a better standard, and I see things like HaLow, ZigBee, Z-Wave and other custom protocols, but it seems like there should be a very cleanly well-documented alternative to do the basics that everyone expects BT to do. This, coming from a total noob, speaking completely out of my anus. I just know that as a BT user, it’s a crapshoot whether there will be major audio delay, and pause/play actually worked, that’s if pairing works in the first place. But if something did come along I wonder if there would even be adoption among consumer devices.


  • Yes, but setting the environment variables before running setup. The following two coded env vars will set your btcpay server to automatically also run a tor hidden service. Once XMR is configured (only one wallet per server at the moment) you should be able to access the hidden service and pay without issue.

    Run btcpay-setup.sh with the right parameters

    Set the custom domain you chose to use

    export BTCPAY_HOST=“btcpay.EXAMPLE.com

    Use Bitcoin on mainnet

    export NBITCOIN_NETWORK=“mainnet”

    Enable Bitcoin support

    export BTCPAYGEN_CRYPTO1=“btc”

    Enable Monero support

    export BTCPAYGEN_CRYPTO2="xmr"
    

    opt-add-tor enables Tor support for the UI and Bitcoin node

    export BTCPAYGEN_ADDITIONAL_FRAGMENTS="opt-save-storage-xs;opt-add-tor"