It’s both. Governments have started subpoenaing the push notification servers for data, instead of targeting individual devices. That little pop-in that says who the message was from, and maybe a little bit of the body of the text? Yeah, the push notification server handled that, and the government has access to that server. So any notification you see on your screen, you can be pretty positive that the government has also seen.

But this is about the notification data being stored in a part of the phone that isn’t encrypted. Signal is (or at least claims to be) E2E encrypted, so it shouldn’t be possible for a warrant to get access to the messages in the app. But since the phone is storing those notifications in a separate area (which isn’t encrypted), the warrant was able to read them.

The point is that there are two different attack vectors, and you should harden your device against both.

No, a machine won’t even contact the pihole if it finds the address in its hosts file. Hosts is step 0 for DNS, so if it finds something there it doesn’t even bother with contacting an external server (like a pihole).

Yeah, rallying against SSL is a weird way to go about it. SSL is one of the biggest and most meaningful changes to come about as a result of the Snowden leaks. The leaks were literally what prompted http to shift towards https instead, because it shined a bright spotlight on how insecure http truly is.

In the short term, it made self-hosting more difficult. But nowadays, with things like nginx and Let’s Encrypt, enabling SSL on your self-hosted site is as simple as selecting a few drop-down boxes, pasting an API key, and automating a cert refresh.

The true “has the potential to gatekeep the entire internet” existential threat is when a company like Meta or Google becomes the authority for things like ID verification or SSO.

Yup, they somehow managed to bundle obvious spyware and bold-faced propaganda into a single app, and somehow plenty of people seem okay with that.

Yes, it includes things like a TOTP manager, text file storage, family sharing, etc… Nothing super groundbreaking, but it’s some quality of life stuff that plenty of people have been happy to pay less than a dollar per month for.

Pretty much this. Cloud storage isn’t perfect, but it sure does make proper 3-2-1 backup hygiene easier. 3 backups, on 2 different mediums, 1 of them off site. Cloud storage accomplishes both the 2 and 1, because it is both a different medium and off site.

The fact that you can automatically sync remotely is a big bonus too, because off-site backups historically have a problem where they fall out of date without active attention. For instance, if you have a tape backup system stored in a warehouse across town, those tapes are only as up-to-date as the last time you took the time to drive across town and update them. But with cloud storage, you can automatically sync your folders to keep things up to date in near real time. Plus, your traditional off-site backup is only as secured from things like natural disasters if you’re willing to travel fairly long distances to make them. Those tapes in a warehouse across town won’t survive if the entire town is hit by a natural disaster like a wildfire or flood.

For instance, maybe I make an update on my laptop, and then want to access it on my phone. Even with SyncThing, my laptop and phone won’t sync with each other unless they’re able to find each other on the same network. If I’m not on a trusted network at the time, (e.g. I’m at work on my employer’s WiFi, or traveling and using hotel WiFi) that makes syncing difficult. But with cloud storage, they can both essentially use that as a relay. My laptop updates the cloud, and then my phone pulls that update. Now both devices are up-to-date without actually needing to discover each other on a trusted network.

Yeah. That really jumped out at me. My very first thought was “Americans have privacy protections?” Since Roe v Wade was overturned, Americans have basically no right to privacy.

I use user tags pretty heavily, and it is amazing how small Lemmy truly is. I recognize a lot of individual users, and the tag even links back ti whatever post/comment I originally used to tag them.

$3M to a single person. The real headline should be that this opens the door for hundreds of thousands of similar lawsuits, which will use this case as precedent.

FUCK CLASS ACTIONS! Those are made to cater to the defendant, by consolidating a ton of independent lawsuits into a single one. It only makes the defendant’s job easier, while the individuals who were directly affected get a few nickels and a “we’re legally obligated to say we’re sorry” letter. Sue them directly, and make them defend every. Single. Individual. Case. You want to really make them hurt? The best way to do that is with a million individual lawsuits, not one big lawsuit.

That’s a shame, because KH2 is pretty widely regarded as the best in the series. If you stopped with Chain of Memories, I wouldn’t blame you. The gameplay for that one is definitely… Uhh… Divisive. But KH2 was when the series really hit its stride.

Probably the part where keeping everything local would allow the driver to easily bypass the device. Splice a few wires, and boom. But if it is doing some off-site verification, they’ll be able to immediately know if the device is disabled. Similarly, they could do things like monitor the car’s location in real time, and have it throw up a red flag if the car is moving but the driver hasn’t performed a test. That would be a sign of tampering.

It also allows them to know if the driver fails the test, which is important for probation/parole reasons, where not drinking is often a condition of release. So if they fail the test, it should automatically alert their supervising officer. Can’t do that if it’s all local.

You’re correct. Pihole works at the DNS level. Since YouTube hosts their ads on the same servers that host their videos, blocking the ads with DNS would also block the videos. Which I guess it technically works to block YT ads, but that’s a little like saying “set a man on fire and he’ll be warm for the rest of his life.”

I agree with you on that. My original point was simply that expecting every single parent to run their own blocking isn’t feasible, nor effective under real world situations.

And a proxy site doesn’t require installing third party software.

I’ve been saying for a while that we should start presenting lawmakers with secure ways to do age verification, instead of relying on lobbyists to do it. Lawmakers will inevitably pass these kinds of things, so at least make sure the groundwork is there for it to be done securely instead of just bitching about it when Meta lobbies to be the third-party age verification system.

Have the government set up a database with every single name, DOB, ID number (SSN, for the Americans), and a password that the individual has set up on the provided site. Then have them use a known hash for each one, essentially turning the password into a salt. And the hashes can be stored in a simple database that determines whether or not someone is old enough.

Next, the device hashes the user’s inputs for name, DOB, ID number, and password. If you want to require an ID, that photo can be verified directly on the device, because even phones are powerful enough to do things like OCR nowadays. Now the device sends that hash directly to the government, and asks “hey, does this hash match someone who is over {age of majority}?” The government’s system automatically responds with a simple yes/no.

Your device can now automatically respond to any age verification checks, so there’s no need for individual sites or apps to ask for your personal info. They can simply ask your device, and your device can respond automatically. The user never even needs to see an “are you over {age}” prompt, because it all happens before the site or service even loads.

It’s essentially the same idea that Tor uses, where routing your traffic through three nodes helps ensure security. The first node (the site, in this case) only gets the verification from your device. The second node (your device) can keep your info entirely on the device, so it never needs to send it to any third party. And the third node (the government) never sees your browsing data. The only device that actually sees both your personal info and your browsing data is your device, which you control. You didn’t need to send a third party any extra data about yourself to verify every individual site or service. Everything about your info stays entirely on your device. And the government didn’t get any of your browsing info, because the device was simply asking if you were old enough to be verified.

For shared devices (like desktops) this could be done on an account level. Same basic concept, except the “is over {age}” flag could be set on the user account. “But my privacy” folks start to rabble about this, (because it usually implies something like a Microsoft account) but I can guarantee Microsoft already knows roughly how old you are. So parents can log in with their verified account to watch porn, and kids will get unverified accounts that redirect them back to a “hey it looks like you’re unverified. If you’re old enough to view this content, here’s how to verify your device” page.

For parents, protecting your kids is now as simple as refusing to verify their devices/accounts and protecting that password (so they can’t just use your info to verify themselves behind your back). Hardware verification can be done securely.

Exactly. There are so many people in this thread who really seem to underestimate how much time and effort it actually takes to keep kids from playing the games their peers are playing. Keeping a teenager from looking at tits is a full time job by itself, which would require all kinds of invasive privacy violations. As the old adage goes, the strictest parents make the sneakiest kids.

but free ones really suck IMO

Kids don’t care. They’ll use whatever is available. Free ones are almost undoubtedly collecting and selling your browsing info too, but kids won’t care about that either. Now your attempts at blocking them have made their browsing less private.

and they aren’t very obfuscated so they can be easily blocked too

And now you’ve fallen into the whack-a-mole trap, which is exactly what most parents don’t have time for.

there are methods to detect VPN traffic so that could be blocked too

Methods available on residential ISP-provided modem/routers? That’s the only “networking gear” that most households have. I think you may be falling for the Average Familiarity trap.

If you wanted to go ballistic you could even set a whitelist of services and everything else gets blocked

Sure, and your kid can just buy a cheap prepaid SIM card to keep under their mattress. Data plans are stupid cheap, and kids are resourceful. Hell, I can walk down to the corner store and buy an entire android phone for like $50. Will it be a good phone? Fuck no. But it’ll get access to the internet. And if a neighbor or nearby business has unprotected WiFi, I don’t even need the prepaid SIM card.

If you’re trying to stop a 14 year old from looking at tits, you’re already in a pitched battle against an opponent who will never run out of determination. My original point was simply that parents don’t have the time or resources to constantly play cat and mouse with whatever kids are using to jork it. There are entire private companies and government departments with hundreds of full time employees who specialize in parental controls, and they still struggle to keep up. Parents who work full time (and who probably aren’t tech literate enough to do anything more than click the “Enable AdGuard” button when setting up their router, if their router even supports AdGuard) simply won’t have the time or resources.

Hah, I typoed. Fixed now. I shouldn’t comment before I’ve had my coffee.

Yup, I’m also squarely in the “good for them, it doesn’t really affect me in the slightest and they deserve to feel safe” boat. But I also have a sneaking suspicion that the guys like us aren’t the ones who would be upset about this. The Venn diagram of “men who wouldn’t get angry about this” and “fucking creeps” is probably close to being two separate circles.