That you should never use the same password for more than one site, especially some random Chinese eshop. I don’t get why people refuse to use password managers, ffs…

I’m also pretty sure the camera does use some ML algorithms in processing of the pictures, so it is an AI by today standarts.

Looks like I’ll finally get a reason to cut off another website I hate using, but never found the willpower to get rid off.

Good

Ever since I played watchdogs and shadowrun, I wanted to work in cybersecurity, especially as a Red Teamer, which is literally Shadowrun - you run complex ops that have to break in, and steal stuff from largre banks without anyone but the management knowing about the test, with almost nothing being off-limits, as long as it doesn’t cause some kind of damage.

Five years later, I do work as a Red Team Lead. Hpwever, our company was just scrambling to start doing RT since thats the buzzword now, and while we did have amazing pentesters, unfortunately pentesting and Red Teaming requires vastly different skills. Ypu never need to avoid EDRs, write malware with obscure low-level winapi, or even know what kind of IoC ajd detections will a command you run create, when you are doing a pentest.

But since no one knew better, and I love learning and researching new stuff, while also having Red Teaming romabticized, my interrest in it eventually led to me getting a Lead position for the barely scrambling team.

Mind you, I was barely out of being a junipr, with only three years of part time pentesting experience. It was NOT a good idea.

I quickly found out that RT is waaay harder and requires the best of the best from cybersec and maleare development. We didnt have that. Also, turns out that I love to learn now stuff and take on a challenge, but being a Lead also means you are drowning in paperwork and discussions with client, while also everyone from the team doesn’t know what to do and turns to me about what should we do. Which I didn’t know, and barely managed to keep learning it on my own. Our conpany didnt want to give us much time for learning outside of delivery, I was only working parttime, and I was slowly realizing that we don’t have almost any of the skills we need.

We were doing kind of a good job, most of our engagement turned out pretty well, but it was atrocious.

Turns out, I’m not good at managing and planning projects, or leading people. I’m better just as a line member.

This is actually a great question, in the context of the Fediverse.

Usually, every social network or forum has in their ELUA that anything you post is theirs, and you can’t do anything about i.e Reddit using your data to train AIs.

Hlwever, here, we’re on private instances of regular people. We can make our own rules, can’t we? If an instance would say that anything you post is copyrighted by the author, i.e by CC, would it be enforcable if someone would decide to scrape (or repost) the content for profit?

This has to be illegal, right? It’s blatant manipulation.

Depends, assuming a fresh install, can you even create account on win11 without internet access? Last i checked, it wont let you start with local account and requires MS account.

Another one came to my mind - ROBLOX_OOF.mp3 by hbomberguy.

It’s really a wild ride. As traditional with his videos, it starts with a pretty innocent investigation into one of sounds popular on the internet, and then gets into a mindboggling rabbit hole about Tommy Tallarico, the guy behind Video Games Live, and how he accidentally discovered what an insane text-book example of pathological lier he is. It’s funny, and really absurd - I’d recommend it to everyone, because it’s really interesting insight into how bad can it get with pathological liers. It’s a roller coaster, and a really fascinating one. And I also learned that Guiness World Record is a scam and literally only an advertisement business, which I never realised before.

It’s a shame, I really liked Video Games Live, the live recordings of it’s shows are great. Assuming you skip the ego-trip monologues he interupts the concert with.

Down the Rabbit Hole for EVE Online is absolutely amazing. I’ve played the game here and there for quite a long time, and it’s one of my favourite experiences, that is however really hard to put into words.

That game is weird. I still can’t explain why it’s one of the best games I’ve played, but I always keep returning to it and love consuming content about it from time to time. And this document is amazing in explaining how extremely unique and cool the game is in it’s metagame and the stories it generates. The game has it’s problems, but I still think it’s one of the most unique lifestyles in gaming, that nothing ever comes close to. It’s the only MMORPG that’s actually literally roleplay, that basically forces you to roleplay without you even realizing it. Sure, you may not speak in character, but the fleet doctrines, logistics, corp organization, propaganda, corp-politics and everything around it people do - that’s literally roleplaying.

Another one would be B-Movie: Lust & Sound in West-Berlin 1979-1989. This document is really really hard for me to watch, because it’s a subculture that was always really important to me, to the point where I help with event promotions and DJ at local 80s goth/synthpop events and it’s my main hobby. But, since I’m now in my 20s, I’ve missed it. The way internet transformed music subcultures is terrible, especially so the alternative ones, but music consumption in general - sure, it’s really amazing to have every almbum ever in the palm of your hand, but there’s just so many that I don’t know any. If I talk to anyone who started with music with the one MC tape, and each new relleas was something hard to get that you actually treassured, I really envy their relationship with music. And that’s something that’s almost impossible to build in this day and age.

The fact that I’ll never get to experience the scene as it was in the 80s is one of the saddest things for me, and this documentary shows it in really genuine and amazing way.

And then there’s The Social Dillema, about the dangers of social networks. A word of warning from people who worked at large social network companies and left because the way they exploit users got too much for them, and now they are trying to spread the word. I really recommend this for everyone, it’s eye openning and really terrifying. It was one of the first impulses that got me heavy into privacy, and it everyone should see it at least once.

I work in gamedev and its really baffling how rare is for someone to read the docs. I’ve already solved so many issues by just reading through the related docs and discovering a feature that does exactly the thing we’ve been trying to solve with a workaround, or had a overcomplicated process for doing, while it could have been a single function/API call.

Read the docs people! You probably have a lot of downtime while waiting for stuff to build/compile, and just rabdomly (or systematically) scrolling through the reference or docs of the library/tool your working with, even when not looking for something specific, may save you a lot of time in the long run. Knowing what are your tools capable off is well worth the effort.

This is definitely possible, since you can actually controll cars (at least some models) via a (non-public, but the capability is there) API. Two security researchers at defcon were able to find a way how to control a vehicle remotely, even including things like stopping or turning, and eventually made an exploit that could be used remotely to any car of the same model. So, if they wanted to, they were able to stop or turn the wheel of IIRC hundreds of thousands of cars around the world instantly, since the cars are connected to the network through GSM, so you don’t even need to be anywhere near them.

It’s been a few years since I saw the video, but IIRC the vehicle controls are on a separate board that should not be reachable from the other smart vehicle system. However, they were able to reverse engineer a way how to abuse framework update mechanism as a bridge, and use it to patch the framework to get it under their control. And then they discovered that they could actually trigger the update remotely.

if you’re an atheist you can’t just willingly choose to believe

I wouldn’t really agree with this. As a programmer, I was always sceptical and an atheist, but I never had problems with believing into something obviously not true, such as when LARPing or TTRPGs. And when I once got into a rabbit hole of mysticism in high-school, one of the movements I read about was advocating for doing “paradigm shifts”, forcing yourself to believe into a specific religion, like truly believe, so you can try it out in practice and see whether you get something out of it or not and should move on. And since that felt like a fun experiment, I tried it with various dogmas or religions, and once you get over the inherent jugement and feeling pretty stupid chanting, drawing circles and burning incense in your room (which may take a while), you may get to point where you slowly convince yourself to believe. That is, if you are serious about it. And it’s also pretty fun.

But of course, it’s not for everyone.

Being a programmer, I was always just as baffled about religion, mysticism, and various esoteric stuff, because it just didn’t make logical sense, and it was hard to take people who are into it seriously.

tldr: Was sceptical, gave it a try just for fun and to see what’s the fuss, found out it’s net-positive as long as you don’t take it too seriously, let it define your whole personality, or use it as an excuse to be a dick. It’s basicaly just like playing solo TTRPGs, and it feels great once you get rid of your jugement.

Then, during high-school, I’ve stumbled upon the Psychonaut Field Manual, which is a nicely written guide about chaos magic. And I read into it, because the presentation seemed fun, and most importantly - it was the first book where the introduction and first few pages convinced me, that it makes sense and could, in a limited fashion, actually work.

What convinced me was looking at mysticism as something akin to “hacking your own mind” - by using symbols, rituals, meditation and whatnot, you convince your unconscious mind to push you slightly more towards doing what you need. And that sounded like something interesting, especially since I just finished reading the Art of Game Design, which had a few great chapters focused on the subconscious and how to work with it when being creative. Of course I still don’t believe that you can affect any external factor of your life through it, but now something like “I do a ritual to finish this exam”, and my subconscious may just give me a little nudge to study more, since that’s what it’s convinced we really want.

So I went into the rabbit hole of modern mysticism, and eventually discovered more about the whole movement of Chaos Magic, with authors like Phil Hine. And their reasoning has won me over - their main point is that all mysticism is the same - learning symbols and doing rituals, so you can convince your subconsciousness. And the flavor or dogma you attach to it doesn’t matter, so just do whatever you want. Want to do Wicca? Suit yourself. Christianity and angels? If it works for you. Invoke Spongebob with pentagram out of pizza, or go with Lovecraftian Old Gods? Why not, the only important thing is that you do really believe in it, because otherwise you probably won’t convince your subconscious.

And that’s why they work with something I find really interresting - they call it paradigm shifts, where you hop around various systems, dogmas and religions, immersing yourself into their rabbit hole and honestly giving it a try, to see if that’s what works for you. And that sounded like fun, letting go of the prejudice about religion or esoteric bullshit, and just trying it out for myself, log what results I have, and have fun learning about it.

There’s another point that won me over for chaos magic - one of their core principles is, that every mysticism was so full of themself and took it too seriously, that they’ve forgotten how to have fun. And having fun while doing it is important.

And so I throughout next few years went into the rabbit hole of Wicca, Golden Dawn, Enochian, and probably bunch more I don’t really remember, just trying to take it seriously and see for myself how does it work for me. The hardest part was getting rid of feeling absolutely stupid when you sit in your room with candles, incense, and memorize various bullshit, but it was still pretty fun.

To get to the point - Wicca is one of the only systems I’ve tried that is also a Religion, and works with deities. And I’ve enjoyed this system more than the others, which were more focused on occultism and abstract concepts, because it basically meant you got an imaginary friend. The small daily rituals, that are celebrating nature while also being appreciated by said imaginary friend were fun little games, that made my day pretty much universally better, just like it turned a simple walk through nature as something wonderful - because I started paying more attention to what is around me.

As long as you don’t take it too seriously, don’t let it control your life, don’t talk about it with others that are not interrested, or use it as an excuse to be a dick to anyone, and just enjoy adding a little bit of magic and fantasy into your daily life, I don’t think there’s anything wrong with that. It’s a net-positive change, and not too different than just playing a game of TTRPGs.

I’ve since forgotten about it and don’t really do anything in regards to religion or mysticism, but I still fondly remember the few years I’ve tried, and it has definitely changed my point of view on a lot of things in life. I’d recommend to everyone here to give it a try and see for yourself - you don’t have to tell anyone, it’s a fun rabbit hole to explore (if that’s something you find interresting), and most importantly - you can decide it’s not for you and forget about it at any moment.

You actually don’t need a Youtube Account, unless you are a paying subscriber to some creators!

Check out FreeTube, it’s a desktop app similar to NewPipe on Android, that allows you to subscribe to creators while still not requiring an account, and without ads.

As for Android, I don’t know what phone you have, but if you’re ever buying a new one, I highly recommend just getting a (paradoxically) Google Pixel and installing GrapheneOS. An older Pixel is OK, just check which versions are still supported and for how long on the Graphene website. And the installation is super easy, and can actually be done in a browser without any issues, and takes like 15 minutes.

I’ve recently switched to Graphene and it’s amazing. I have a separate profile for apps that refuse to work without Google Services, so they are contained, and additionally Graphene sandboxes the google play services, so they can’t do anything you won’t let them, in contrast to any other Android phone where Google Services can basically do whatever they want without any way to limit it.

I also run Mullvad VPN on my phone all the time, but I don’t think that it’s neccessary.

Exactly! AdNauseam is my inspiration, unfortunately I dont use it right now because it doesnt work with my setup, due to Mullavad in combination with PiHole being too good at their job, so it cant really click on the adds even if it wanted to.

It would ideally require a solution that uses its own DNS server, so you can keep on using PiHole, and prefferably avoids living in your browser so you can keep it locked down for privacy.

One of the projects I have in mind is to explore some kind of “offensive privacy”, where the focus would not be on not being trackable, but on your computer spewing random bullshit and behavior into the algorithm to confuse it, and have it learning on behavior that’s not really true, but only generated. This will enable you to kind of fight back and if done by enough users even reduce the effectivness of ML algorithms, since they would be learning bullshit. Unfortunately, the scale required to effectively affect the learning process of ML models would be enormous, so it’s not really feasible, but I think it’s still better than just “staying hidden”.

With the advances in AI, creating a tool like that, that would simulate several random user behaviors on your IP/fingerprint, shouldn’t really be that hard.

And as an added bonus - if it clicks on adverts, it’s costing someone money. Fuck corporations.

The biggest problem i have with my data being collected, analyzed and used is in the fact that it will almost certainly be used to teach a ML model about how to better manipulate with people like me - the people that are privacy conscious and are trying as much as possible to reduce their fingerprint.

That data is invaluable, and if there does exist a way how to target even people like that, which there probably does since we’re only humans after all, the ML model will eventually figure it out. And they have literally billions of people to experiment and learn on.

Now, we already know from a few leaked studies made by Facebook that they cab already pretty well manipulate people into mostly whatever they choose. Take a hypothetical situation where you get a crazy out-of-touch billionaire, who decides to buy a large social network company, and then decides “Hey, I really want this candidate to win. Tune up the algorithms!”.

And the ML models will get a clear goal, that has been already proven to just work pretty well at influencing user behavior. And any data you give them, it helps the model to fine tune into influencing people like you . Which would also be really hard to prove, because ML models are by definition black boxes that are really hard to reverse engineer, and proving that it was trained to do this is AFAIK almost impossible.

I don’t want no part in that. Thankfully, all the large social networks have CEOs that are reasonable and would never try something like that, right?

And one more thing - you may not think that data about your behavior are of interest to anyone right now. But look at China and their Social Credit. And imagine how would have I.e holocaust turned out, if the government had access to all the data, opinions and profiles of people that are being collected now.

Oh, you mentioned you sympathize with the Jews three years ago in a private message? Well, let’s hope the country you live in never ends up in a situation where that could be a huge problem for you or your family.

So, every time any site is offering a “personalized, curated list” for you (I.e the google search result, or YouTube recommended videos), assume you are potentionally being manipulated, and avoid the site altogether- because there’s no other way how to prevent it. The ML model knows that you know, and is already trying to figure out how to manipulate people that are taking care not to be. And if there is a way, it will figure it out with some success.

Bishop. Goes well with out snake Ripley.

Nerve Damage, a game that was I think made on a random gamejam, and the whole premise is to make a game that’s actively trying to be as uncomfortable as possible to play, while also getting you into the flow and actually makes you enjoy it.

Unfortunately, I didn’t find how to play it, and it didn’t release as far as I know. I’ve heard about it on some kind of GDC presentation about Innovative/Obscure game design.

While that actually means that someone has indeed heard of, I’ve never met anyone else who got to play it. Or heard about it.

You are right I shouldn’t have equaled bitcoin with the rest of the crypto ecosystem. While most crypto is utter scam, it’s true that there have been some slight advances here and there, and there are coins that may be actually useful for some cases, mostly Monero and I suppose Ethereum. I’d still say that crypto has done more harm than good in the world, and I say that as someone who’s really focused at privacy, care about it a lot and have invested significant amount of time and effort into staying as private as possible.

But it’s great that Ethereum managed to solve most of the issues with Bitcoin - unless I’m mistaken, it’s not really used for investment speculation, and if it managed to keep the energy requirements low, that’s good. But last time I remember researching about blockchain (it was few months, so feel free to correct me), isn’t it running into serious issues with ledger size, that makes it infeasible for long-term (decades) of use, without sacrificing some of it’s guarantees? Which is one of the main issues with blockchain tech in general, that I don’t think has been solved so far.