To all Mexicans interested in privacy...

Mexico's gov. is narrowing down on surveillance quite a lot, and we need to talk about it, share opinions, and take actions!

Join c/privacidadmx!

cross-posted from: https://programming.dev/post/44816610

I just finished setting up the hardware infrastructure to start hosting but I cannot find any specific information in the official documentation on how to set up a public Invidious instance. I understand the guide as far as just hosting an instance and watching YouTube through that goes, but how do I, for instance, give it a publicly searchable domain name that - in the best of worlds - is listed on Invidious' website?

I assume there is a better way than to start posting my instance's IP address throughout any forums that I might be active on?

Hi everyone.

I'm new to these kinds of innovative platforms, and I've come across Mastodon and Bluesky in particular. I've realized that both use different but equally free and open-source protocols, so my question is: are there any substantial differences between the two social networks? Should I choose one over the other?

Thanks for your replies, and have a great day.

To the surprise of no one...

cross-posted from: https://discuss.online/post/34598392

FBI Director Kash Patel said Monday that he had opened an investigation into the Signal group text chats that Minnesota residents are using to share information about federal immigration agents’ movements, launching a new front in the Trump administration’s conflict there with potential free speech implications.

Patel said in an interview with conservative podcaster Benny Johnson that he wanted to know whether any Minnesota residents had put federal agents “in harm’s way” with activities such as sharing agents’ license plate numbers and locations.

It is kinda nuts that the alleged warnings of the past were just priming us into thinking it is all ok for them to do.

The issue I'm seeing with any free plans of email providers is that they either require an identifying verification, or don't allow the email to be used for services.

tutamail, for example, states that the free plan is not to be used to signup for services.

protonmail requires verification by email 'to prove you are human'.

Thank you

Privacy for me has been incredibly rewarding, but when talking to people who haven't been introduced to privacy, there are occasionally some moments that make it exhausting. One conversation in particular is one that I've had to go through dozens of times, and it always goes along these lines:

• Alice: Why is your phone in airplane mode? / What's your phone number?
• Bob: I don't have a carrier.
• Alice: But you have a phone.
• Bob: Yes.
• Alice: How do you not have a carrier?
• Bob: Phones can come without a carrier.
• Alice: What do you use it for?
• Bob: Everything you use yours for.
• Alice: How do you talk to people?
• Bob: Messaging apps over Wi-Fi.
• Alice: What if you don't have Wi-Fi?
• Bob: Public Wi-Fi is everywhere. If I don't have Wi-Fi, I likely don't need to get in touch.
• Alice: What about emergencies?
• Bob: I can still contact emergency services.

Each time it happens, it has a unique flavor. One person accused me of lying and then fraud. I know people are just curious and don't mean to be rude, but it makes me die a little inside every time someone asks. I've begun trying to sidestep the conversation entirely:

• Alice: Why is your phone in airplane mode?
• Bob: To save battery.

or:

• Alice: What's your phone number?
• Bob: You can contact me with an app called Signal.

People seem to think that a phone automatically comes with a carrier and that it'll stop working if you don't have one. In reality, I'm saving hundreds of dollars per year while avoiding spam, fraud, breaches, surveillance, and being chronically online. People have a hard time coping with those who do things a little differently.

A couple of weeks ago, I stumbled across this little device: https://www.waveshare.com/sim7600g-h-4g-dongle.htm. According to its documentation, it is able to write SMS, provide mobile internet, and allow making phone calls (which is quite rare). Does anyone have any experience with this device? And if yes, does it just work with Linux applications like gnome-calls (I know that this issue https://gitlab.gnome.org/GNOME/calls/-/issues/680 exists, but it is basically inactive)?

My goal would be to replace my phone entirely. Currently, I only need my phone for Signal as a primary device as well as for basic smartphone stuff, such as SMS, mobile internet, and calls.

Im stuck with an s23 for a while yet. Is it even worth the trouble of trying to use f droid, shutting off google play services and disabling all the other shit on my phone, when at its core its all spyware?

I really wish an alternative existed that wasn't just a prototype or $1000.

Whit some tips for bringing devices when you travel to the US.

Question that I've been mulling over recently: My threat model dictates that I'm more likely to be surveilled by the US government than by the Chinese government. We can also assume that the Chinese government is not going to cooperate with the US government in any investigations of potential activist activity.

Would it not be best, then, to use a Chinese-made phone that, even though we know that information is going to China, we can also assume that any backdoors in the system are unknown to the US Gov?

I'm interested in everyone's take on this.

Do you think it really doesn't train on your data?

I've been using it and it looks good so far, I just ask simple questions and never let the context get too big.

It's good that it doesn't require login, just open and ask something.

How do they use website's domain but google serves it ?

What is the issue with it ?

How to block it ? I found this but it's brave only https://support.brave.app/hc/en-us/articles/8611298579981-What-is-Brave-s-De-AMP-feature

https://browserleaks.com/proxy

For context, in my password manager I had tried formatting some of my entrees so that it would contain the usual username and password, but instead of creating whole new entrees for the security questions for the same account, I just added additional fields in the same entree in order to keep things a little more tidy.

I was not expecting that doing so would result in later being shaken down by Proton to pay even more money just to access the same few bytes of fucking text I had trusted them with. This is sleazy as fuck and I am dropping these idiots entirely.

Hello!

As a handsome local AI enjoyer™ you’ve probably noticed one of the big flaws with LLMs:

It lies. Confidently. ALL THE TIME.

(Technically, it “bullshits” - https://link.springer.com/article/10.1007/s10676-024-09775-5

I’m autistic and extremely allergic to vibes-based tooling, so … I built a thing. Maybe it’s useful to you too.

The thing: llama-conductor

llama-conductor is a router that sits between your frontend (OWUI / SillyTavern / LibreChat / etc) and your backend (llama.cpp + llama-swap, or any OpenAI-compatible endpoint). Local-first (because fuck big AI), but it should talk to anything OpenAI-compatible if you point it there (note: experimental so YMMV).

I tried to make a glass-box that makes the stack behave like a deterministic system, instead of a drunk telling a story about the fish that got away.

TL;DR: “In God we trust. All others must bring data.”

Three examples:

1) KB mechanics that don’t suck (1990s engineering: markdown, JSON, checksums)

You keep “knowledge” as dumb folders on disk. Drop docs (.txt, .md, .pdf) in them. Then:

• >>attach <kb> — attaches a KB folder
• >>summ new — generates SUMM_*.md files with SHA-256 provenance baked in
• `>> moves the original to a sub-folder

Now, when you ask something like:

“yo, what did the Commodore C64 retail for in 1982?”

…it answers from the attached KBs only. If the fact isn’t there, it tells you - explicitly - instead of winging it. Eg:

The provided facts state the Commodore 64 launched at $595 and was reduced to $250, but do not specify a 1982 retail price. The Amiga’s pricing and timeline are also not detailed in the given facts.

Missing information includes the exact 1982 retail price for Commodore’s product line and which specific model(s) were sold then. The answer assumes the C64 is the intended product but cannot confirm this from the facts.

Confidence: medium | Source: Mixed

No vibes. No “well probably…”. Just: here’s what’s in your docs, here’s what’s missing, don't GIGO yourself into stupid.

And when you’re happy with your summaries, you can:

• >>move to vault — promote those SUMMs into Qdrant for the heavy mode.

2) Mentats: proof-or-refusal mode (Vault-only)

Mentats is the “deep think” pipeline against your curated sources. It’s enforced isolation:

• no chat history
• no filesystem KBs
• no Vodka
• Vault-only grounding (Qdrant)

It runs triple-pass (thinker → critic → thinker). It’s slow on purpose. You can audit it. And if the Vault has nothing relevant? It refuses and tells you to go pound sand:

FINAL_ANSWER:
The provided facts do not contain information about the Acorn computer or its 1995 sale price.

Sources: Vault
FACTS_USED: NONE
[ZARDOZ HATH SPOKEN]

Also yes, it writes a mentats_debug.log, because of course it does. Go look at it any time you want.

The flow is basically: Attach KBs → SUMM → Move to Vault → Mentats. No mystery meat. No “trust me bro, embeddings.”

3) Vodka: deterministic memory on a potato budget

Local LLMs have two classic problems: goldfish memory + context bloat that murders your VRAM.

Vodka fixes both without extra model compute. (Yes, I used the power of JSON files to hack the planet instead of buying more VRAM from NVIDIA).

• !! stores facts verbatim (JSON on disk)
• ?? recalls them verbatim (TTL + touch limits so memory doesn’t become landfill)
• CTC (Cut The Crap) hard-caps context (last N messages + char cap) so you don’t get VRAM spikes after 400 messages

So instead of:

“Remember my server is 203.0.113.42” → “Got it!” → [100 msgs later] → “127.0.0.1 🥰”

you get:

!! my server is 203.0.113.42 ?? server ip → 203.0.113.42 (with TTL/touch metadata)

And because context stays bounded: stable KV cache, stable speed, your potato PC stops crying.

There’s more (a lot more) in the README, but I’ve already over-autism’ed this post.

TL;DR:

If you want your local LLM to shut up when it doesn’t know and show receipts when it does, come poke it:

• Primary (Codeberg): https://codeberg.org/BobbyLLM/llama-conductor
• Mirror (GitHub): https://github.com/BobbyLLM/llama-conductor

PS: Sorry about the AI slop image. I can't draw for shit.

PPS: A human with ASD wrote this using Notepad++. If it the formatting is weird, now you know why.

So browsers have started to roll out GPC, or basically browser-based consent. This was explicitly designed to deal with intrusive cookie banners. I've now noticed several websites with the same intrusive banners recognizing that you opted out but begging you to opt back in anyway. These banners are so big as to obscure the majority of the content on the site.

cross-posted from : https://lemmy.zip/post/57521167

Over the past years, repeated investigations have shown that at least 14 EU Member States have deployed spyware against journalists, human rights defenders, lawyers, activists, political opponents, and others.

Despite the findings of the European Parliament’s PEGA Inquiry Committee in 2023, and the push from human rights organisations, the European Commission has so far refused to propose binding legislation to prohibit spyware. Not only that: it has done nothing. Right now, no EU-wide red lines exist against the use of spyware. This means that victims lack effective remedies, authorities face no scrutiny, and commercial spyware vendors continue to operate with near-total impunity, enriching themselves by violating human rights, and even benefiting from European public funding.

Can Android apps use WebRTC, or is WebRTC only available in browsers?

If Android apps can use WebRTC, how can it be blocked per app or system-wide to prevent IP or network leaks?

cross-posted from: https://lemdro.id/post/35049920

The latest update for the popular Nova Launcher app includes Facebook Ads and Google AdMob.

Compare 8.2.4: https://reports.exodus-privacy.eu.org/en/reports/698198/

With 8.1.6: https://reports.exodus-privacy.eu.org/en/reports/673643/

From 2 trackers to 6 trackers. From 30 permissions to 36. And two of the "trackers" are for ad stuff, like Facebook Ads.

I believe the owner also changed. It's no longer Branch, but something called Instabridge Sweden.