I know free vpns usually are not good, but right now I am not in a position to pay for a vpn. I found Privado VPN and it doesn't keep logs and is based in Switzerland. It has a data limit for free users, but do you think its safe for torrenting?
Can't talk for the free tier, but my Usenet account comes bundled with a paid Privado account, and that's working ok so far. The connections have been reliable, fast, and low latency.
My main issue has been that it doesn't support port forwarding. Also, some GeoIP services locate many of their servers in the Netherlands, instead of where Privado says they are. Idk who's right, but it's definitely a problem if you want to pick a specific location.
I thought I was going to use Authentik for this purpose but it just seems to redirect to an otherwise Internet accessible page. I'm looking for a way to remotely access my home network at a site like remote.mywebsite.com. I have Nginx proxy forwarding with SSL working appropriately, so I need an internal service that receives...
I just set up a Vouch-Proxy for this yesterday. It uses the nginx auth_request directive to authenticate users with an SSO server, and then stores the token in a domain-wide cookie, so you're logged in across all subdomains. Works pretty well so far, you don't even notice it when you're logged in to your SSO provider.
But you do have to tell the proxy where you want to redirect a request somehow, either by subdomain (illegal.yourdomain.com) or port (yourdomain.com:8787) or path (yourdomain.com/illegal). I'm not sure if it works with raw IPs as hosts, but you can add additional restrictions like only allowing local client IPs.
In my special case I'm using the local Synology SSO server, and I have to spin up an additional nginx server because the built-in one doesn't support auth_request.
I have been pro privacy and anti data harvesting for many years now, however it is becoming increasingly more difficult staying off some platforms. Mostly Meta....
It can be a bit annoying sometimes, but there are solutions for almost anything, like alternative clients and frontends. I also think it's important to remember that this is not an all-or-nothing situation. Every little bit of privacy you can preserve helps, even if you still have to use their services sometimes.
If your example is mostly about chat then Beeper might be a good option for you. The messages on FB and IG would still go through Meta, but at least you don't have to install their apps.
If you have an always-on-and-connected device then you can self-host their bridges. It preserves e2ee because messages are de- and reencrypted on your device, and it's relatively easy to set up.
It's hard to overstate what a nothing-burger this article really is! Let me break it down:
Signal got $3 million from the Open Technology Fund at some point in its development
Some anonymous source alleges that the OTF's ultimate goal is to promote US foreign interests
The current chairman of the board Katherine Maher worked at the National Democratic Institute and Wikipedia before
The same anonymous source says she was recruited because of connections to the OTF
She has at some point voiced the opinion that a completely free internet without regulation just reproduces existing power structures, and that balancing regulation and 1st amendment rights is a tough problem
Signal doesn't have reproducible builds on iOS (it absolutely does on Android btw)
Some people feel like Signal chats come up more often than they should in court cases and media reports
That's it, that's the whole story. That's the reason why the Telegram guy of all people thinks you should be careful, and better use his chat service instead, and the Twitter guy agrees.
I mean, reproducible builds on iOS would be nice, but that platform has much bigger problems from a privacy/security/sovereignty/freedom standpoint anyway. And the rest is just nothing turned up to 11.
Yea, it's pretty easy if you already have a server. All you need to do is run a docker container, and change the identity.sync.tokenserver.uri setting in about:config. On mobile you have to enable the debug mode by going to "Settings > About Firefox" and tapping the Firefox logo a few times, then go to the new "Sync Debug" settings entry.
The container above only runs the sync-server though, you still have to log into a Mozilla account to use it. There is a replacement that includes the whole stack, but I haven't tried that one yet.
I think some of the arguments are quite flawed. Bitcoin itself has most of the properties it is said to have, but it lives in a world that doesn't and so some only really apply if you manage to stay inside the system. Like, your Signal chats are private as long as you don't copy-paste them to Facebook.
Regarding self-custody/decentralization and using custodial services: The problem here is not that those properties don't apply to Bitcoin, but that some people just choose to give away control over their wallets or not use Bitcoin itself for certain transactions. Can't blame that on the currency, unless you think it can't be done any other way.
Regarding privacy: I don't think any serious "Bitcoiner" advertises Bitcoin as private. The message has always been that it's "pseudonymous", that you have to take extra steps in order to make it anonymous, and that it's transparent instead of private by design.
Regarding transparency/inclusion: These paragraphs actually argue about privacy again. One is trying to spin the existing transparency into a negative, which is a valid opinion but not something "Bitcoiners" are wrong about. The other circles back to the idea of staying inside the system. Bitcoin transactions are inclusive, but ofc you can still get into trouble if you have to fear external repercussions and can't stay anonymous.
I have a collection of about ~110 4K Blu-Ray movies that I've ripped and I want to take the time to compress and store them for use on a future Jellyfin server....
Best tip I can give is to use a tool that's made for this task, like Tdarr/FileFlows/Unmanic. They take care of all the complicated issues like encoders, ffmpeg parameters and parallel processing on multiple nodes, so you only have to handle the things you actually care about.
I've been running Gluetun for a few months now, and just the other day discovered that you can use it to seamlessly proxy Twitch streams (using it as http proxy for ttv lol pro), so they load via countries that Twitch doesn't show ads for. Setting it up was ridiculously easy, and now I have neither ads nor endless loading anymore. The whole thing was a really nice surprise!
Such a simple solution for the cookie banner issue. But it prevented websites from tricking users into allowing them to gather their data, so it had to go.
Does cloud providers share the IP addresses and the alloted users to these big corps and defect the whole purpose of a privacy frontend? Are there any service (FOSS) that could randomise my servers IP?...
Yes. It makes it much harder to build a profile about you though, because you're not logged in and they don't know if those views come from you or someone else using your server. Even if you're the only one, the website doesn't know that.
The EU's Data Protection Board (EDPB) has told large online platforms they should not offer users a binary choice between paying for a service and consenting to their personal data being used to provide targeted advertising....
From what I understand the GDPR says you have to give users a real choice about the usage of their data, without any unreasonable negative repercussions. Having to pay money (at least as much as they are asking for) is such an unacceptable repercussion, no matter how FB might phrase it.
They are allowed to take money or show ads for access, but they can't couple that decision with the one about the user's data usage.
That part is not allowed according to the GDPR afaik, the decision about your personal data cannot be artificially linked to something else. They can absolutely show ads, but without using your data.
I know 100℅ of the world top 500 supercomputers use linux, and around 65℅ of world servers. I want more info like this to help me campaign towards GNU/Linux use. Thanks.
Afaik the stated reasons for moving back were pure BS, or at least blown out of proportion. It mainly came down to the people in charge being very "friendly" with M$. Munich got a new major, he publicly called software-freedom "idiological nonsense", asked a consulting firm that partners with and sells M$ products to analyse the situation, and everyone was shocked when they recommended M$.
I'm German and seems 'we' rely more on file hosters than torrenting. There are lots of tv series and movies with both the original audio track and the dubbed one on sites like funxd, serienjunkies, serienfans... They mostly redirect to a filecrypt.cc folder and then I get a DLC file to download the parts from turbobit or...
If you don't want to pay for an account anywhere (VPN/Usenet/Debrid/...), then you might want to try out Torrent + I2P. I haven't used it myself, but from what I know it's a slower but completely provider-less alternative to VPNs for anonymization, and Torrents are free ofc.
That being said, you'll have a much easier time if you pay for a seedbox for example. It's just a small server in a datacenter somewhere, that happens to be better connected and more private than your typical home internet connection, and that you can use however you like.
Most indexers let you search for free on their website, but grabbing download links and using their API with *arr apps is limited (e.g. 10 downloads and 100 API queries per day) unless you pay for VIP access (usually about $10/year/indexer). So you can try out a few, maybe pay for one or two that give you good results, and keep using the rest within the limits of free accounts.
You mainly depend on the fact that the providers don't keep logs and don't have to disclose your info. It's not 100% safe, but nothing really is. The risk of misconfigurating your VPN and accidentally leaking your IP is very real as well for example.
The juristiction where the provider operates, and the logging/disclosure requirements are very important! ISPs are often required to keep logs, VPN/Seedbox/Hosting providers usually are not. I'm not a lawyer and so on, but I could also imagine that logs from some VPN showing your IP was used to download/upload something are not as good as evidence as a mandatory (and probably somehow checked/verified) logs of an ISP are.
Another thing are provider incentives. If you're running a general purpose hosting business you probably don't want any shady stuff on your servers, and so you're pretty happy to comply with any reasonable information request in that direction. As a VPN/Seedbox provider your business depends on people feeling safe and private on your servers, so you'll do everything in your power to fight these requests, and there is a lot that can be done to fight them. And ofc if they do as they say and don't keep logs then they don't even have the requested information.
You operate it behind a VPN and the seedbox is just a means to get a 24/7 running Linux machine
I don't think you need Seedbox + VPN. You can do that of course, but just one is usually enough. The important bit is that other torrent clients don't see your personal home IP address, and the provider that does know your IP doesn't have the obligation or incentive to disclose it. But if you want the extra protection you could search for VPN/Seedbox providers that accept crypto as payment, and chain multile VPNs or VPNs and a Seedbox, so none of them have the full picture. I think that's pretty overkill though, and probably hell to set up and maintain. At that point you should probably go with Tor or I2P instead, because that's basically how they operate (onion/garlic routing).
seedbox is just a means to get a 24/7 running Linux machine
They usually have very beefy connections, far better than what you get for your home internet, especially when it comes to uploads (asymmetric subscriber lines etc.).
I'm no expert on the topic, but I've also never heard of a case where a seedbox user was sued because of torrenting. As far as I can tell the seedbox providers only ever get takedown requests, they never have to hand over user data or logs. I believe that's mostly because of the jurisdictions they operate in, but some also have restrictions like blocking public trackers.
There are probably a bunch of things that contribute to this. Seedbox providers fighting against information requests, their logs not being as valuable in court, law firms not knowing whether the IP they'd get would even lead to an address (as opposed to IPs of providers they know to be cooperative), the fact that you only downloaded from the seedbox and never uploaded anything yourself, and so on. Torrenting lawsuits are already pretty weak, and adding all this uncertainty probably makes it not worth the effort.
The video is probably factually correct, but very disingenuous with its interpretations and conclusions imo.
Of course Mozilla and Firefox have their own share of problems and bad decisions, and they are pretty well known and talked about from what I've seen, but equating it to Google and Chrome is just pure cynicism. Mozilla having to earn money somehow (1% donations!) and Google trying to maximize profits at all costs is not the same thing, even if it might look similar sometimes.
I'd prefer to get a VPN to avoid the risk of my internet getting shut down, but I'm not aware of what the options for Linux are. I figured this would be a good place to ask.
Streaming services did it the other way around. We had one platform for almost everything, and then the studios created their own to get more of the subscription money.
I think the ban was a little too harsh, but removing that comment was the right decision.
I also see a few problems with your "your highness" comparison:
"Your highness" is an official title, not a personal designation. Its proper usage depends heavily on the context, e.g. the perceived social rank and status, how well people know each other, if it's a formal or informal conversation, and so on. Pronouns have none of that, you just use the one people identify as and that's it.
It implies that people just pick whatever term they can come up with to mess with others or to mock them. People don't choose a pronoun lightly, they usually think about it a lot and it's an important personal decision. They also usually pick one of the common pronouns, so it's really not hard to just use it.
Making quick logical comparisons regarding social norms is a very tricky thing in my experience. There are many things going on that we aren't fully aware of all of the time, and getting it wrong can hurt people badly.
Self hosting their bridges is really simple, if you have a device to run the Docker containers on. That way you don't have to give them your logins, all they get to see are encrypted Matrix messages.
I started using their Signal and WhatsApp bridges today, probably one of the easiest setups I ever did. You just run a Docker container for every bridge, and login to your Signal/WhatsApp account by chatting in the app with the Matrix bot it creates.
Literally takes like 5 minutes if you've used Docker before, and you don't need a domain or forwarded ports or anything.
It seems like the FOSS community is continuing to grow, and FOSS apps keep getting better (Immich reallh blew my mind recently), which is a big win 😎 but there are still many apps I use that I would kill for an open source alternative. I am curious what you guys think? Are there any apps you'd love alternatives for?
Yup. It looks promising and I've tried it a few times, but it still has a long way to go before it can replace Notion for me. Also, self-hosting it is a complete mess right now, definitely not ready for everyday use.
What is this "closed source experience" you are talking about? How would making the client open source hinder that in any way, especially when their stated goal is to earn money with premium features instead of the app itself?!
Imo being open source is a VERY big deal for an e2e encrypted chat client! I don't really care whether most of their stack is open if the app I'm actually using to type and encrypt my messages is not. This makes the whole thing look like a trick, pretending to be open when key parts are not.
The thing is, we are talking about the Beeper service here. Yes Matrix is good, yes Beeper bridges are good, but a closed source Beeper app is bad. That's what the criticism is about, and it doesn't help if you deflect that by arguing about all the other things they are doing or that no one is forced to install it.
You're definitely right that people are a bit too doom-and-gloom about it, Beeper did do a lot of good over the last few years!
But I also find it a bit odd that they talk so much about the importance of open source in messaging, and then release a closed source client without at least adressing the topic. Add the fact that they've been aquired by another company on the same day, and it starts to smell like another instance of openwashing.
the connecting with a majority of people using the same closed source platform
The platform is open, including the part that connects to other closed source platforms. It's just Matrix and open source bridges after all. And making the client app closed souce doesn't help with any of that.
I'm sorry if I'm a bit pedantic about this, but it seems like you're describing an upside to closed source software that's just not there.
Nothing about what you just wrote has anything to do with closed source software though. You could just as well say that closed source helps them predict the future or draw shinier unicorns. It doesn't!
Maybe you mean tightly coupled, stripped-down, preconfigured or vertically integrated, but you can do that just as well with open source software. No one is forcing them to make a general purpose chat app or offer the ability to choose a different server. It's just a matter of being able to see, verify and modify the code.
differentiate above the competition [...] charging for it
This is the only thing that comes close imo. But they stated specifically that they don't want to make money with the chat app itself, so it doesn't really work as a justification. They could easily offer server-side premium features or create a closed source premium-only version or extension, it's no reason to make the base app closed source.
security theatre
They don't have to do that, and they don't afaik. Matrix itself can do proper e2ee just fine, and Beeper is pretty open about the fact that bridges hosted by them have to break e2ee to translate between platforms. They'd only need theater if their closed source app actually has some bad code in it, which is kind of my point.
Expanding to selling some user metadata, or sniffing the bridges, would be an extra
Again: Their Matrix server and bridges are open source right now, and it wouldn't stop them from doing what you're describing.
Recently stumbled upon this note-taking app called SiYuan, but it honestly looks a bit too good to be true(?). Has anyone here used it or got any experience with it? Trying to replace Obsidian is a difficult task, and I've been through almost all note-taking apps there are out there, however this one looks fairly similar....
Are comments no longer visible for anyone else using the youtube frontends? I can no longer see comments with either invidious, piped, or viewtube, and I've tried several instances of each. With invidious there's just nothing there below the video description. With viewtube I get an error message. And with piped I see...
It's a knownissue and should be fixed in the most recent version of Piped (and probably everything that depends on NewPipe). I updated mine yesterday and it looks like all video comments work again.
Guide: Setup authentication for the default Synology reverse proxy ( codeberg.org )
Hey everyone,...
is Privado VPN good?
I know free vpns usually are not good, but right now I am not in a position to pay for a vpn. I found Privado VPN and it doesn't keep logs and is based in Switzerland. It has a data limit for free users, but do you think its safe for torrenting?
Looking for a collaborative notes app
Hi all, I need your expertise please :)...
Secure portal between Internet and internal services
I thought I was going to use Authentik for this purpose but it just seems to redirect to an otherwise Internet accessible page. I'm looking for a way to remotely access my home network at a site like remote.mywebsite.com. I have Nginx proxy forwarding with SSL working appropriately, so I need an internal service that receives...
What is the cost of privacy?
I have been pro privacy and anti data harvesting for many years now, however it is becoming increasingly more difficult staying off some platforms. Mostly Meta....
Telegram founder and CEO alledges signal has backdoors, they don't provide reproduceible builds, etc.
Here's what he said in a post on his telegram channel:...
Do you use Firefox Sync? Why or why not? ( sh.itjust.works )
Here is what 6 decommissioned servers looks like. My Jellyfin will be very happy ( lemmy.world )
6 servers were decomissioned, Iwas able to only get the disks, RAM, CPUs and Network Card....
The Bitcoiners were wrong: a blog post about privacy and bitcoin, and how they failed to design a cash alternative ( unfathom.ing )
Is it possible to safely torrent without a VPN?
Funds are limited at the moment and i'd rather not have a monthly subscription to worry about....
[Request] Any Guides to FFMPEG, Transcoding, Codecs, and Metadata?
I have a collection of about ~110 4K Blu-Ray movies that I've ripped and I want to take the time to compress and store them for use on a future Jellyfin server....
Gluetun: The Little VPN Client That Could
cross-posted from: https://lemmy.dbzer0.com/post/19035305...
Which communication protocol or open standard in software do you wish was more common or used more?
Whether you're really passionate about RPC, MQTT, Matrix or wayland, tell us more about the protocols or open standards you have strong opinions on!
[Question] If I selfhost a privacy frontend on cloud, wouldn't the original service get my server IP and track back to me?
Does cloud providers share the IP addresses and the alloted users to these big corps and defect the whole purpose of a privacy frontend? Are there any service (FOSS) that could randomise my servers IP?...
EU tells Meta it can't paywall privacy ( www.theregister.com )
The EU's Data Protection Board (EDPB) has told large online platforms they should not offer users a binary choice between paying for a service and consenting to their personal data being used to provide targeted advertising....
looking for examples of countries whose governments, school system,health system, wjatever, use mostly GNU/Linux
I know 100℅ of the world top 500 supercomputers use linux, and around 65℅ of world servers. I want more info like this to help me campaign towards GNU/Linux use. Thanks.
Which *arr for file hosters?
I'm German and seems 'we' rely more on file hosters than torrenting. There are lots of tv series and movies with both the original audio track and the dubbed one on sites like funxd, serienjunkies, serienfans... They mostly redirect to a filecrypt.cc folder and then I get a DLC file to download the parts from turbobit or...
[YT] How Mozilla Ruined Firefox ( www.youtube.com )
Actually pretty good video....
What VPN should I get for Linux?
I'd prefer to get a VPN to avoid the risk of my internet getting shut down, but I'm not aware of what the options for Linux are. I figured this would be a good place to ask.
Dunkey's Guide to Streaming Services ( youtu.be )
the best answer yet to "why pirate movies"
These mods on their power-trips really need to stop
I just got banned from linux@lemmy.ml, which seems to be the biggest Linux community out there....
Beeper is joining Automattic ( blog.beeper.com )
Automattic has added Beeper to their project roster that includes Wordpress, WooCommerce, Penpot and more....
Beeper Self Hosting ( github.com )
Is anybody self hosting Beeper bridges?...
What apps would you love to have open-source alternatives for?
It seems like the FOSS community is continuing to grow, and FOSS apps keep getting better (Immich reallh blew my mind recently), which is a big win 😎 but there are still many apps I use that I would kill for an open source alternative. I am curious what you guys think? Are there any apps you'd love alternatives for?
Beeper is now available, no waitlist! ( blog.beeper.com )
Note-taking app that looks too good to be true? - Siyuan
Recently stumbled upon this note-taking app called SiYuan, but it honestly looks a bit too good to be true(?). Has anyone here used it or got any experience with it? Trying to replace Obsidian is a difficult task, and I've been through almost all note-taking apps there are out there, however this one looks fairly similar....
Comments no longer visible with youtube frontends?
Are comments no longer visible for anyone else using the youtube frontends? I can no longer see comments with either invidious, piped, or viewtube, and I've tried several instances of each. With invidious there's just nothing there below the video description. With viewtube I get an error message. And with piped I see...