• 83 Post
  • 303 Comment
Joined 2Y ago
cake
Cake day: Apr 18, 2019

help-circle
rss

DNSSEC validation is done by the resolver, not the end device.

It depends on your actual setup. If you operate your own network, DNSSEC validation will probably happen on your local DNS resolver (usually on your router). But also your forwarding/stub resolvers running on your own machine could (should?!) validate DNSSEC signatures… i’m not sure what the default is on most systems, though.


Two pieces of advice:

  • never buy hardware online, except from a vendor you know and trust (don’t browse amazon/ebay because it’s full of shit)
  • never buy hardware less than 1-3 years old, because firmware/drivers are not mature yet, but hardware has great chances of having major issues soon (wild estimate: i’d say 75% of models are entire shit that will end up in the trash in the next 3 years, but the 25% who stood the test of time likely will survive another decade)

There’s a lot of good, reliable vendors for second-hand hardware. If your friend wants to make an “ethical” purchase, i’d recommend something like minifree.org. Those are solid second-hand hardware pre-loaded with libreboot, a cool project to replace proprietary UEFI/BIOS blobs. They are sold directly from people running the libreboot project as a means to support that effort. There’s a few other vendors providing equivalent services, i just cited this one because i saw it in the news yesterday.


Amazon fighting hate? You mean when they distribute for profit all forms you can think of of reactionary propaganda? Or when they exploit people in their warehouses? Or when they sell facial recognition software to ICE to track undocumented people across the USA? Or when they want to colonize Mars because they don’t want to fix problems on earth with their fortune, but reproduce capitalism racism and cis-hetero patriarchy elsewhere? Were you just trolling, maybe?


Honest question: do you have good radical resources on “free speech” vs “free hate”? Not so long ago “free speech” was interpreted as freedom to challenge systems of oppression through speech and that used to be a foundational basis of revolutionary antiracist/antisexist/anticapitalist movements to advertise for free speech because if the State gets to decide what you can say, and they’re the ones promoting and benefiting from all systems of domination, then we’re fucked.

Of course, the “right to free speech” was very rarely interpreted in favor of anti-domination movements and that gave many political trials. I’m in favor of strong moderation myself and apply strict no-reactionary policies on the spaces i moderate, but i find it strange on a political forum like this one to see “free speech” equated with reactionary views. If the State controls what you can think and say, it’s not nazis that are gonna have a bad time (see Don’t ask, don’t tell, Mccarthyism, etc…)


Hi, where’s the source for gab? I hate nazis but if they have developed a good piece of software i’d be tempted to fork it. Usually it goes the other way around with nazis forking lemmy/postmill/mastodon… I don’t think that website is “open source” at all, even less so “free software”. It’s just a centralized platform like any other spurring proto-fascist disinformation. I’ll pass :)

In the french speaking world we have mediaslibres.org, a simple planet taking RSS feeds from all autonomous news website. It’s the only source of information i find reliable because it’s moderated by non-profit communities and all information comes “from the ground” not from ivory towers. I dont know yet of an english speaking equivalent.


How could anti-racism be racist? Sure you can have resentment and preconceived ideas about a person based on their skin color, but racism is far more than this. First because there’s cultural racism, too. Second, because racism is a structural oppression which distirbutes power and resources unequally: there is not a single place on Earth to my knowledge where white people are victims of structural racism.


The problem is not polarization. The opposite of polarization is universal thought control. The problem is fascism and that Reddit communities are very reactionary and keep on pushing an alt-right agenda.


On an individual basis, why not. But fascism cannot be combatted with kind words.


Of course Brave is bad. But if Google isn’t crypto-fascist, i don’t know what is. They are an integral part of the military industrial complex and are very cozy with governments worldwide. They are also working on the “technopolice” and promoting AI with all of its shortcomings and biases. About search results, specifically, they are based on a secret ranking sauce privileging bad-quality content… i don’t know about english language result, but whatever political topic you lookup for, neo-fascist conspiracy websites (égalité et réconciliation, fdesouche…) are always in the top5 results. How could you defend them?

DuckDuckGo is just a meta-engine and stores little information. Whatever appears in Bing (and maybe others) is what will appear in DuckDuckGo.


I’m sorry what CAPTCHA? If that’s a registration time CAPTCHA you could probably run your own lemmy server, disable registrations and let admins create accounts manually for users? (since you appear to have an existing community where you could request accounts)


I’ve wondered more than once: why would “fediverse” only designate the ActivityPub ecosystem? The word does not convey this meaning, and there’s a growing numbers of gateways between ActivityPub and other federated platforms (eg. XMPP).


For me kolektiva.media is the best. Lots of documentaries/movies and radical series on there.


Are you suggesting only white people are racist and bigoted? I have no idea where you reside, but here in France, racism and bigotry is not just a white thing. It used to be more so a few decades back when there was a stronger revolutionary antiracist movement.

Also, i didn’t downvote because i agree with your sentiment that whiteness is hard to dismantle, but i should still point out that your comment is an essentialist bigoted argument. Sure it’s aimed at white people so it’s not racist: anti-white resentment is a thing, but there is no structural racism against white people.

However, essentialist constructs is precisely what we’re trying to dismantle in the cis-hetero patriarchal, white-supremacist capitalist society. I agree to struggle by any means necessary, but producing new identity boxes to stuff people in by force is not struggling against oppression, it’s in fact very much reinforcing oppression.

We need more radical politics. Let’s go to the roots of oppression. Goodthinking liberal “who’s more oppressed” game of identity politics is not intersectionality, as intersectionality is precisely about recognizing that oppression is neither a binary nor a linear measure, but rather an intricate chaos of interfering factors.

Intersectionality is acknowledging that whatever oppresses you and me right now, only by struggling together we can dismantle all systems of domination. Or put another way:

if you have come here to help me, you are wasting your time. But if you have come because your liberation is bound up with mine, then let us work together. (Lilla Watson)

Please try to assume good faith from the original poster next time. It’s ok to ask tough questions, but don’t automatically assume bad faith from someone asking questions themself.

Greetings from a fellow (white) enby!


  1. Why would echo chambers be bad? Why are commenters lecturing tech-savvy teens for their echo chambers on Facebook/Reddit, and not bourgeois people when they organize a “rally” (at least that’s the word in French)? Why is it bad for people to meet with people they feel comfortable with? Dismantling echo chambers means imposing a single, unified dominant ideology on everyone and preventing any form of counter-culture from emerging. That’s a very authoritarian stance, to say the least.

  2. Except in specific circumstances where everyone is open to debate, publicly debating bigoted views that are not based on facts risks to trigger a chain-reaction of confirmation bias : “Some other people are advocating for white supremacy, they’re being downvoted and debated, so it must be true that the’re victim of a global black-jewish conspiracy and i should join the secret white resistance”. Of course it’s possible to engage in education with people holding bigoted views, but organized disinformation campaigns from the alt-right are an entirely different species.


Oh, don’t worry we have plenty of hatred of the rich and the powerful available ;) ;)

More seriously, i’m always open to answer good-faith questions, even when they’re framed from a very reactionary perspective. But many you have to draw the line because what appears to be good-faith questions is in fact a psyops led by an actual neofascist group trying to infiltrate public forums (entryism).


For context: SNI is a header in the TLS session which indicates which service you intend to communicate with on the other side. Why? Usually, you reach a reverse proxy and firewall) terminating the TLS connection on the publicly-routable IP of the remote server, and from there follow a route on a local network unencrypted.

However, in some situations it’s not very practical for your architecture, and you have a single public IP for many services/servers each with their own domain names and TLS keys, so you need to be able to route the TLS traffic to its intended destination. That’s why your browser sends a “SNI” header indicating it would like to reach “foobar.com”, and that header is not encrypted because it’s meaningful before the TLS connection is terminated.

Lately, there’s been a push for encrypted SNI. The idea is by establishing an encrypted session with the reverse proxy specifically for SNI-based proxying, that header can be concealed to its intended destination without being readable by any person-in-the-middle on the network.


If you’re looking for an anti-tampering mechanism, DNSSEC signatures is what you’re looking for. DNS Over HTTPS establishes a “reasonably-secure” [1] connection to the DNS resolver. Not accounting for [1], that resolver (Cloudflare or other) can still lie to you consciously, or propagate unconsciously a malicious answer it received, because recursive resolution (i believe) still has no standard for secure transport: DNS over TLS is slowly getting traction, but it’s far from deployed on every primary nameserver.

[1] HTTPS is somewhat-secure because it’s an effective defense against script kiddies and malicious ISPs. However, it’s a very weak threat model where dozens of actors (the Certificate Authorities) can impersonate (almost) any server. And they do just that. It’s crazy how many CAs over the years have been caught misbehaving, often with little consequence except in the most egregious cases where Mozilla/Google pushed for their revocation as part of BrowserCA.


Most solid piece of advice. Especially if you have limited resources (< 2GB RAM || < 2 CPU cores || > 100ms latency), disabling JS will make your navigation so much smoother! Gitea and Lemmy are the only two sites i really need JS to use at the moment, though.


For those who have ignored the news for the past 2 years, Hong Kong is now under control from the chinese government/law. See also Hong Kong National Security Law on wikipedia…


It’s not just any reddit-like website. Although it has a focus on privacy (like lemmy.ml and raddle.me), what distinguishes ramble.pw from others is it’s run and operated by fascist sympathizers on principles of so-called “free speech”. In the first days/weeks of ramble.pw i took a look on there to see how that would turn out. The admin made it very clear they were 100% open to nazis, fascists and other hate groups, as long as they were not forced by law to remove it.

Free speech is something we may wish to defend (or not) but does not exist in practice. When your speech disturbs the people in power/privilege, then it is removed, and you face the consequences. Free speech has rarely protected anarchists, communists, feminists, queer and anti-colonization activists. In the United States, antimilitarist propaganda was illegal during WWI; here in France, there were entire laws (les lois scélérates) dedicated to making it illegal to promote anarchism. More recently, Jean-Marc Rouillan was condemned to a prison sentence for refusing to serve State propaganda about Daech on the radio, while artists and militants who denounce police crimes are often taken to courts for insulting police and country. So the Nation-States who promote free speech are in fact profoundly opposed to free speech in their foundations. “Free speech” is then used as a magic formula when dominant speech is under attack, but can never be invoked when minority speech is repressed.

Personally, i’m in favor of “free speech” in the sense that institutions of power should not have a say in what is legal to think/say, because that will always be used against minority struggles to shut them down. However as an individual claiming to offer nazis a space to organize and advertise their views in the name of free speech is at the very least delusional, if not outright manipulative. To be honest, i’d even be tempted to flag this article so we can get it removed from the lemmy.ml homepage. Not gonna do it though because we have a conversation here. But how do you all folks feel to have a link to a nazi website on our homepage?

Mandatory XKCD:

About free speech


It’s based on postmill, developed by anarchist comrades from the raddle.me community. There was a lot of drama involving ramble.me which is an actual PRO-FASCIST postmill instance, including the postmill devs considering stopping everything because of that. Just imagine, you’re writing a piece of software for friends & comrades to find a space, just for it to be used by nazis? Wow…

On the centralized side of things, yes it’s centralized, no it’s not proprietary nor bullshit. It’s centralized because it’s intended to be a small, closed-off community. I’m on there too and been advocating for federation with other news aggregator, but given the history between raddle and lemmy (with early days lemmy having heavy hand on censoring critiques of chinese government, and raddle devs being happy to ban marxist-leninists and other authoritarians on sight) that didn’t gather a lot of support.

I sometimes laugh in my bed, thinking that marxists are building a federated network while anarchists are building a centralized one. It’s funny, the differences between theory and practice? (For those who don’t understand, those respective philosophies/ideologies advocate the exact opposite, where marxist-leninists promote so-called democratic centralism, and anarchists promote federation of autonomous communes).


Fellow anarchists, organize!

Sorry for the clickbait title i’m just checking out on you all. How are you doing? How’s summer coming along? …












Free-software (alternative to) Itch?

I love the cool DIY vibes on itch, but it’s troubling how much commercial closed-source tech you see on there. Also itch itself is not a free-software platform. They encourage gamedevs to share their games, but themselves don’t share their software… just as hypocrit as evil Github! …


Yet despite all the unprecedented recent events, 2020 and 2021 also feel very familiar to some of us. The mood has been similar to that of Anonymous’ highs in 2010, 2011 and 2012. Instead of groups like LulzSec, we have people like Keyser Soze and groups like APT-69420. Documents and source code s…


Yet despite all the unprecedented recent events, 2020 and 2021 also feel very familiar to some of us. The mood has been similar to that of Anonymous’ highs in 2010, 2011 and 2012. Instead of groups like LulzSec, we have people like Keyser Soze and groups like APT-69420. Documents and source code s…


Yet despite all the unprecedented recent events, 2020 and 2021 also feel very familiar to some of us. The mood has been similar to that of Anonymous’ highs in 2010, 2011 and 2012. Instead of groups like LulzSec, we have people like Keyser Soze and groups like APT-69420. Documents and source code s…


Yet despite all the unprecedented recent events, 2020 and 2021 also feel very familiar to some of us. The mood has been similar to that of Anonymous’ highs in 2010, 2011 and 2012. Instead of groups like LulzSec, we have people like Keyser Soze and groups like APT-69420. Documents and source code s…


In a recent tweet, Hyppönen mentioned that the software company removed one of his tweets that linked to an old copy of Acrobat Reader for MS-DOS. This software, hosted on WinWorld, came out more than 27-years ago, shortly after the PDF was invented…


In a recent tweet, Hyppönen mentioned that the software company removed one of his tweets that linked to an old copy of Acrobat Reader for MS-DOS. This software, hosted on WinWorld, came out more than 27-years ago, shortly after the PDF was invented…


In a recent tweet, Hyppönen mentioned that the software company removed one of his tweets that linked to an old copy of Acrobat Reader for MS-DOS. This software, hosted on WinWorld, came out more than 27-years ago, shortly after the PDF was invented…