sp3ctr4l

Not a VPN, but you may also want to look into I2P.

https://i2pd.website/

https://proprivacy.com/privacy-service/guides/i2p-guide

https://youtube.com/watch?v=FNp0TRDG0BQ

Basically, a p2p protocol for the entire internet.

Its considerably more complicated to set up than most modern VPNs, where nowaday’s its usually as simple as install an app with a GUI, verify some settings and you’re good to go, and i2p is also quite slow…

… but its totally free, and you can torrent over it, and as far as I know, if you’ve set it up properly, it is basically undetectable by ISPs, due to how it uses ‘garlic’ routing: basically, a whole bunch of users net requests are encrypted, anonymized, and then smashed into a big packet… so an ISP would have to untangle all of that for every packet, and afaik, none of them have figured out how.

I2P would obviously be horrible for watching streaming content though, snail speed.

Did… did people not know this?

I mean, I guess this is a study of how widespread it is, but this shouldn’t be news to anyone.

Apps have been doing this for about a decade, either more precisely determining your location when GPS location is on, by checking it against known stationary wifi and bluetooth things that come into range, or even just guessing your location with GPS off via the same thing.

Most people just blindly give every app every permission it asks for, just like most people don’t read ToS.

You can either deny unnecessary permissions for each app, or just have wifi/location/bluetooth off if you’re not actually using them, and/or keep reseting your ‘advertising id’… or just run in airplane mode as a kind of ‘do not disturb’ mode.

Of course… if apps are actually circumventing those above methods of mitigation, permissions management etc, … well then they are malware.

Apparently 19% of the apps use methods that are so explicit that they probably violate the Google Play Store’s TOS, but 86% of them use methods that are basically allowed.

EDIT: Err, 86 - 19 = 67% use ‘allowed’ methods, a total of 86% use any method from their closed source, built in SDKs.

All malware imo, hooray for closed source proprietary software (the sdks built into the apps are closed source), you can totally trust them lol.

Yep.

Its ‘federated’ as long as you ignore a single massive chokepoint controlled by one company that allows them to block/ban/censor users of any part of the system.

So functionally, their ‘federation’ system is actually just a false marketing/propoganda campaign that may also result in crowd sourcing some server costs.

It’s psuedo-federation, along the lines of a psuedo-historian or psuedo-scientist: They pretend to be something they are not, in such a way that makes them seem trustworthy when they are in fact not.

Mhm.

Innovate, Dominate, Stagnate, Enshittify.

Classic tech company lifecycle.

They learned it from Microsoft.

Completely off topic, but I first read that as ‘DNA’, did a double take.

At this point, an announcement that whoever is in charge of all DNA continuing to work just stepped down or got fired… wouldn’t really seem that out of character for this timeline.

The two major third party kernel level anti cheat have publically stated they have supported some level of their anti-cheat working on linux since 2021.

Easy Anti Cheat:

https://www.gamingonlinux.com/2021/09/epic-games-announce-full-easy-anti-cheat-for-linux-including-wine-a-proton/

BattlEye:

https://www.gamingonlinux.com/2021/11/supporting-linux-proton-and-the-steam-deck-with-battleye-is-just-an-email-away/

All the devs/management has to do is actually use/enable this feature that is part of what they’re already paying for.

They’re paying to liscense/use the AC in designed for windows games, these ACs have supported linux via Proton and WINE for almost 4 years now, the game devs just don’t enable this compatability.

As you can see from the articles, with EAC and BattlEye… the process truly seems to be as simple a sending an email or checking a few boxes in a dev toolkit, and EAC/BattlEye does all the hard work, the game devs just need to do some testing and submit logs/error reports, and EAC/BattlEye iron out the rest.

…

Many proprietary or less broadly used anti cheat solutions also work on linux.

Valve Anti Cheat

nProtect Game Guard

PunkBuster

TreyArch Anti Cheat

EQU8

FairFight

… all of these AC systems have at least one, usually multiple, very to moderately prominent games which use them, and are fully supported on linux.

…

There is a ton of prevalent misinformation amongst gamers and devs and management as well, that common anti cheat systems are impossible to support on linux.

This is completely false.

What is happening is game developers either don’t care, or don’t bother to put in a modicum of effort to make their games work with third party systems with features they are already paying for, that do exist, that already support linux… or they are to incompetent to figure out how to make their games fully compatible with said AC SDKs they are already paying for / using / developed in house.

How many times have game developers in the last 5 years released a giant, buggy, unfinished mess?

How many times do we have to learn that making games that are far, far too client side authoritative actually need to have a whole lot of stuff be sandboxed, sanitized, and more server authoritative?

https://areweanticheatyet.com/

Scroll through this and you’ll find examples of almost every major different AC system working on linux in some games, and not working in some other games.

But most people act like its just completely impossible, across the board.

It obviously isn’t.

Many game devs or PR people or AC devs will publically state things that roughly equate to ‘it isn’t possible for our AC system and X game to work together on linux.’

This is again, obviously false, for almost every kind of AC system that exists, there exist fairly popular games that have gotten that AC system fully working.

…

Beyond that, people will say things like ‘all linux users are hackers’ or something to that effect.

Again, this is obviously false.

A cursory look at websites that sell hacks for various games will show you they are all targeted at windows users.

These are actually substantially less likely to work on linux, as Proton and WINE and other translation layers are probably not going to be able to emulate the insane hacky exploits that work on a baremetal windows system.

…

Oh, right. Last point: Many of the most popular sites and communities that sell hacks to windows users … well they defeat kernel level anti cheat systems.

So we arrive at a situation where game devs and gamers blame linux users for cheats linux users can’t use, and because of this, they clamor for and build increasingly invasive AC … that doesn’t even work to stop windows cheaters, but it does make legit linux users unable to play.

… The point of a complex system is what it does, not what it claims to do.

I played through HL Alyx on a baremetal PopOS! system and Valve Index, with no need to compile a kernel from source … in 2022.

I’ve been gaming soley on linux since 2020 or 2021.

Yeah, its definitely ready now, most straggler games are basically massively overproduced and massively MTX exploitative team based shooters using kernel level anti cheat that are designed for children with mom’s credit card.

No, tumblr is terrible in a ‘hyperventilating gaslighting cliques of pretentious elitist malignant narcissists acting like cult leaders and followers’ way.

A cheap, run down, shady motel.

I mean… the specific author shouldn’t matter.

They provided extensive citations.

If you want to check the veracity and accuracy of the author’s writing, go through the citations and evaluate whether or not the author correctly refererenced and charscterized them.

Yeah they do provide extensive citations… but no listed author, no publically listed people on the about page.

I’m gonna go with I hope to god you’re right.

But uh howabout Lawrence Livermore?

Don’t they do uh… nuclear weapons research?

Los Alamos … basically the real life Black Mesa?

Oh dear god.

Between January 14 and February 8, servers belonging to Lawrence Livermore National Laboratory, Los Alamos National Laboratory, Thomas Jefferson National Accelerator Facility, and Fermi Accelerator National Laboratory have been found with Remote Desktop Protocol (RDP) services exposed to the public internet. This grants malicious actors the opportunity to hack into servers hosting sensitive nuclear research data, a golden egg for spy agencies across the globe.

Its FINE, ITS ALL FINE!

Alarmingly, a Department of Energy server allowed anonymous login with write access, raising the risk of hackers uploading malicious code or installing backdoors for persistent network access.

uh um, just a minor hiccup Mr. Musk, it’ll all be patched up… as soon as… hrmm…

However, my investigation reveals that Inventry[.]ai may be one of the AI products in question, with multiple U.S. government IP addresses pointing to its REST API. This indicates a massive flow of government data being sent to the AI company’s servers.

Proof: 8 IP addresses on Amazon’s GovCloud now point to Inventry.ai’s REST API, indicating a massive firehose of data being sent to the AI company’s servers. The IP addresses are: 18.253.166.131, 182.30.117.29, 18.253.153.187, 182.30.154.252, 18.254.229.158, 18.253.160.247, 18.254.175.18, 18.254.191.201

This is a stunning breach of Americans’ privacy that likely breaks multiple federal laws, including the 1974 Privacy Act, the Federal Information Security Management Act, the E-Government Act, and the Computer Fraud and Abuse Act, among others.

You just give the AI direct access to what you want it to make secure, and then it just … does that.

Right?

The Treasury Department’s Office of Inspector General’s Outlook Web login page is now publicly exposed. This allows attackers to attempt brute force password attacks. Once inside, hackers could exploit CVE-2024-21413 to send malicious emails that further compromise government systems. Another Treasury mail server is observed here.

Yeah ok so this is almost certainly the most serious cybersecurity… ‘event’, ever. At least of anything that’s been publicized.

This is somehow even worse than the actual plot of the Manchurian Candidate.

In a sane world, everyone responsible for this would be fleeing out of the country with a Luigi Mangione esque manhunt going on for all of them.

… Its literally an inside job, but seemingly done by accident, and also seemingly done by people who will get away with it and be protected by those in power.

Words fail me at this point.

EDIT: I guess if DOE allows anonymous write access…

… we are all Q now.

Please stop the ride, stop the ride Mr Bones PLEASE.

These changes were implemented around the “Global Financial Crisis”

Don’t fret!

They’re going to undo all those, and make it even worse.

https://www.americanbanker.com/news/gop-floats-credit-union-taxes-repealing-fdic-orderly-liquidation-authority

Undo the orderly liquidation authority from The FDIC, so Wall Street investment banks that go tits up can manage their own bankruptcies, fuck the investors.

Eliminate the OFR that Dodd Frank created to keep tabs on said investment banks.

Defund the FDIC.

Defund the NCUA (FDIC equivalent for credit unions).

Eliminate the CFPB.

A simplified explanation is:

Bazzite itself is immutable, but then on top of that base layer, its a customized version of Fedora, via DistroBox, which itself mostly is mutable, and allows for you to set up other DistroBox instances pretty easily.

Bazzite’s system updater utility updates both the underlying Bazzite core, and all of the DistroBox instances running on top of it.

99.9 % of the time there is no reason to mess with the immutable core bazzite stuff, but the distrobox containers built on top of it? You can do whatever you want.

Also if you do fuck up the Bazzite core, you can fairly easily roll it back and reset it without losing your existing files, without having to re-image the whole SteamDeck.

As far as the non desktop mode, actual SteamDeck mode experience? Seems the same in terms of game performance, but it is easier to add things like DeckyLoader and EmuDeck and what not, as that base Fedora instance comes with a bunch of utilities that help you install and set them up.

EDIT: I am almost certainly not 100% technically correct in some way here, but I think this is generally accurate.

I run bazzite on a deck as well, and the main reason is because I can actually use it as a pc without as much hassle from SteamOS really wanting to be read only.

If I want to set up say, a dev environment, from git sources, and all the required libraries to compile things, bazzite comes with distrobox so it’s not too hard set that up… whereas SteamOS will blow up all of that when it updates, even after you turn read only mode off.

…

That and the AUR sucks, lol.

Drag, Bot, whichever alternate identity is in charge right now, please go see a therapist and ask them to evaluate you for Dissociative Identity Disorder.

Amazing.

I remember 20 years ago when this kind of bullshit would happen upon your tiny community forum board… but it would be Chinese or Russian bot nets.

God help anyone trying to fight off Amazon.