How can I check to see if a given Onion Service is still in-use?

To be clear: I'm not asking about just Onion Services bound to port 80. Of course I can just curl it, but that won't tell me if the Onion Service is running something on another port.

I'm trying to find an XMPP server that uses an Onion Service. I found several lists of XMPP servers and their .onion names, but I expect most of these services are offline.

2n3tvihf4n27pqyqdtcqywl33kbjuv2kj3eeq6qvbtud57jwiaextmid.onion
32qywqnlnqzbry42nmotr47ebts3k6lhiwfob6xniosmepz2tsnsx7ad.onion
4colmnerbjz3xtsjmqogehtpbt5upjzef57huilibbq3wfgpsylub7yd.onion
6voaf7iamjpufgwoulypzwwecsm2nu7j5jpgadav2rfqixmpl4d65kid.onion
6w5iasklrbr2kw53zqrsjktgjapvjebxodoki3gjnmvb4dvcbmz7n3qd.onion
7drfpncjeom3svqkyjitif26ezb3xvmtgyhgplcvqa7wwbb4qdbsjead.onion
ae3w7fkzr3elfwsk6mhittjj7e7whme2tumdrhw3dfumy2hsiwomc3yd.onion
chillingguw3yu2rmrkqsog4554egiry6fmy264l5wblyadds3c2lnyd.onion
fzdx522fvinbaqgwxdet45wryluchpplrkkzkry33um5tufkjd3wdaqd.onion
gku6irp4e65ikfkbrdx576zz6biapv37vv2cmklo2qyrtobugwz5iaad.onion
gois4b6fahhrlsieupl56xd6ya226m33abzuv26vgfpuvv44wf6vbdad.onion
j4dhkkxfcsvzvh3p5djkmuehhgd6t6l7wmzih6b4ss744hegwkiae7ad.onion
jabjabdea2eewo3gzfurscj2sjqgddptwumlxi3wur57rzf5itje2rid.onion
jaswtrycaot3jzkr7znje4ebazzvbxtzkyyox67frgvgemwfbzzi6uqd.onion
jeirlvruhz22jqduzixi6li4xyoweytqglwjons4mbuif76fgslg5uad.onion
jukrlvyhgguiedqswc5lehrag2fjunfktouuhi4wozxhb6heyzvshuyd.onion
mrbenqxl345o4u7yaln25ayzz5ut6ab3kteulzqusinjdx6oh7obdlad.onion
nixnet54icmeh25qsmcsereuoareofzevjqjnw3kki6oxxey3jonwwyd.onion
qawb5xl3mxiixobjsw2d45dffngyyacp4yd3wjpmhdrazwvt4ytxvayd.onion
qwikoouqore6hxczat3gwbe2ixjpllh3yuhaecixyenprbn6r54mglqd.onion
qwikxxeiw4kgmml6vjw2bsxtviuwjce735dunai2djhu6q7qbacq73id.onion
razpihro3mgydaiykvxwa44l57opvktqeqfrsg3vvwtmvr2srbkcihyd.onion
rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion
szd7r26dbcrrrn4jthercrdypxfdmzzrysusyjohn4mpv2zbwcgmeqqd.onion
xdkriz6cn2avvcr2vks5lvvtmfojz2ohjzj4fhyuka55mvljeso2ztqd.onion
xiynxwxxpw7olq76uhrbvx2ts3i7jagqnqix7arfbknmleuoiwsmt5yd.onion
xmppccwrohw3lmfap6e3quep2yzx3thewkfhw4vptb5gwgnkttlq2vyd.onion
ynnuxkbbiy5gicdydekpihmpbqd4frruax2mqhpc35xqjxp5ayvrjuqd.onion
yxkc2uu3rlwzzhxf2thtnzd7obsdd76vtv7n34zwald76g5ogbvjbbqd.onion

I don't want to eliminate them just for not running an HTTP server (eg port 80, 443, 8080, etc). Nor do I want to eliminate them for not running on a common XMPP port (5222, 5223, 5269, 5298, 8010). I'm trying to find something that checks if an Onion Service has been used in the past days/weeks without requiring me to test a connection on a given port.

My understanding is that Onion Services will (by default) generate and publish hidden service descriptors (HSDir).

Is there some way I can query the Tor directory of HSDirs to see if a given Onion Service is still active?

The Danes will seek to propose a voluntary detection regime in the CSAM proposal, instead of controversial mandatory detection orders

The Danish Council presidency is backing away from pushing for mandatory detection orders in a legislative proposal that aims to tackle the spread of online Child Sexual Abuse Material (CSAM), the country’s justice minister said on Thursday.

Earlier in their presidency, Denmark had revived a controversial provision in the draft law that would mean online platforms – such as messaging apps – could be served with mandatory CSAM detection orders, including services protected by end-to-end encryption. However opposition from several other EU countries derailed any agreement in the Council.

Today, Danish Justice Minister Peter Hummelgaard told local press that the Council presidency would move away from mandatory detection orders – and instead support CSAM detections remaining voluntary.

The presidency circulated a discussion paper with EU country representatives on Thursday, aiming to gather countries’ views on the updated (softened) proposal in a bid to find a compromise, Euractiv understands.

The Danes are concerned that if no agreement is reached on the proposal even voluntary scanning will not happen once the current legal scheme that enables that runs out in April 2026.

The CSAM proposal – dubbed “chat control” by opponents – has repeatedly failed to achieve support in Council, which has spent years trying and failing to agree its negotiating mandate.

Earlier this month, Germany’s justice minister came out against the plan, with a strong-worded public statement that attacked “unjustified chat monitoring”.

The mandatory detection orders contained in the original Commission proposal have proven to be the biggest sticking point – triggering major privacy and security concerns.

Critics warn that such an approach risks opening the door to mass surveillance of European citizens, as well as pointing out that it would run counter to existing EU laws that seek to ensure data protection and the privacy of communications.

If the Danes manage to find a compromise in Council on a version of the CSAM proposal that strips out mandatory detection orders the draft law could progress towards trilogue negotiations with Parliament, finally moving on from years of deadlock.

So, I recently started to work with Vocaloid, but there is an issue:

• NicoNico Douga won't accept Tutanota emails;

• Youtube... I don't even need to get myself started;

• AmeBlog doesn't support videos apparently (and I suspect AI steals from it);

-SoundCloud tracks you.

ETC:

I don't plan on making people pay for these songs, let them be free; Please, suggest a free website; IF POSSIBLE, suggest one that japanese people know.

Hello, everyone,

I've had my current Samsung Galaxy running Android for about two or three years now. It was an older model then. I am about ready to get a new phone; mine has been put through the ringer.

I was interested in Graphene or Divest, or some of these other open source phone OS. but I dont know much about what they have and what they can do. How reliable are they? Will the manufacturer or the carrier fuck me over? Which phone models are compatible and how expensive are they?

I'm a contractor; not only do I NEED a reliable phone, but I also need a phone that can run certain apps. I've tooled around with game emulation and modding since the DS flashcart days, and I have even recently had Switch accounts banned.

I'm sorry if there was a README but I haven't been able to find any information as to if this was reliable enough to become my primary telephone.

• AtlasOS: https://atlasos.net/
• Amelabs Privacy+: https://docs.amelabs.net/privacy/_plus.html

I use a Windows VM for apps not available on Linux and just want to cut out all the telemetry possible.

AtlasOS is installed as a Ameliorated Playbook and makes a ton of opinionated changes that aren’t privacy or necessarily performance related. Disabling the Windows 11 right click menus in favor of the legacy one, disabling window shadows, changing the wallpaper, etc. Privacy+ looks appealing, I wanna know if anyone has tried both and can tell me differences, like if one or the other improves privacy more.

I'm tired of collecting phones, and frankly I'm a little money strapped and kind of want to coast by on older phones for a while. But I'm wanting to de-google as much as possible.

Of the last few phones I've had, all are working well. Most have been able to be kept relatively up to date with LineageOS, and a couple have /e/os/ versions available for them (one official, one community)

• Essential Phone (Community Build e/os/...not sure if still being updated or not though.)

• Moto One Hyper (No e/os/ build. Sadly not a popular enough phone)

• Moto One 5G Ace (Has an e/os/ build. Currently being used as a DIY game emulator on LineageOS)

• Motorola Edge 2023 (Current Phone. No e/os/ build. It's essentially a canadian variant of the Motorola Edge 40 Neo...which are the only two newest phones to use the Dimensity 7030 chip, making it incompatible with the regular Edge 40 or 40 Pro e/os/ builds.

I'm using /e/os/ on my Essential phone (though not daily driver) to get a feel for the software and the Murena app/account. I'm willing to give up my game emulator to put it on the newer phone if I like it (though it would suck to lose my FFVII and Chrono Trigger playthroughs)

Ideally my Edge 2023 would have a build. But I'm not going to expect a chipset used by only two phones total to garner that much development focus (and rightly so)

Anyone have more long term experience with /e/os/ and Graphene and tell me what Graphene has stronger?

Thanks

cross-posted from: https://lemmy.world/post/37009566

European SMEs have united to direct a strong open letter to urge ministers of EU member states to oppose Chat Control and to defend privacy and a strong European tech industry.

cross-posted from: https://lemmy.world/post/36982928

Tyler Robinson, the suspect of the Charlie Kirk's assassination, almost got away with it all. This is how the FBI really caught him. Support my independent work: / thehatedone

The FBI is telling you that the manhunt for the suspect of Charlie Kirk's assassination was a result of a historic investigation with the use of the most advanced intelligence techniques available to law enforcement.

But the reality will tell you a different story. A story that is now very well reported and reveals how the suspect was actually caught. In what's about to follow, I'll explain to you every detail of the surveillance and intelligence behind the manhunt for Tyler Robinson, the alleged shooter at Utah Valley. In reality, it is not clear whether anything the FBI did actually helped track down the suspect.

The most damning admission of this fact is that after a full day of endless investigation, full 24 hours after Charlie Kirk was shot, the FBI, Kash Patel and local law enforcement were so confused they had “no idea where” the suspect was and they weren’t even sure whether he still was in Utah or not.

By the time the police did finally catch Tyler Robinson, he was so far away from the scene of the shooting that had he simply kept running, he probably would’ve gone away with it. He was arrested 250 miles away, in his parental home in St. George, Utah, whole 33 hours after the shooting.

SOURCES [References available in the transcript: / how-they-really-140361439 ] [0] • Kash Patel discusses investigation into Ch...
[1] https://www.nytimes.com/2025/09/12/us... [2] https://www.nytimes.com/live/2025/09/... [3] https://www.tmz.com/2025/09/13/tyler-... [4] • Chilling Emergency Dispatch Audio Captured...
[5] https://news.sky.com/story/charlie-ki... [6] https://www.nytimes.com/interactive/2... [7] https://archive.is/K6rQw [8] https://archive.today/01VkR [9] https://www.nbcnews.com/news/us-news/... [10] https://archive.today/4BcVY [11] https://www.nytimes.com/2025/09/11/us... [12] https://x.com/UtahDPS/status/19662919... [13] https://www.economist.com/science-and... [14] https://www.technologyreview.com/2025... [15] • Tyler Robinson, suspect in fatal shooting ...
[16] • You Can Run but Not Hide: Improving Gait R...
[17] https://ieeexplore.ieee.org/abstract/... [18] https://arxiv.org/abs/2306.17206 [19] • Suspected Charlie Kirk shooter seen in sur...
[20] https://innovationcenter.msu.edu/who-... [21] https://www.tmz.com/2025/09/13/tyler-... [22] https://x.com/TMZ/status/196627181449... [23] https://marketplace.fedramp.gov/produ... [24] https://arxiv.org/abs/2505.04616 [25] https://arxiv.org/pdf/2310.15946 [26] https://openaccess.thecvf.com/content... [27] • Raw Video: Charlie Kirk shooting suspect a...
[28] https://www.bbc.com/news/articles/c20... [29] https://www.newsweek.com/tyler-robins...

Is it possible to collect data from a large group of people but protect each individual's privacy? In this entry of my series on privacy-enhancing technologies, we'll discuss differential privacy and how it can do just that.

Please rank these methods from best to least

• Invidious
• NewPipe
• YoutubeRevanced
• ytlocal
• Downloading with yt-dlp
• Using user script to play in local player
• Playing in local player (eg mpv )
• Watching in TOR

Feel free to add other methods to the list or group some

cross-posted from: https://piefed.ca/post/232256

cross-posted from: https://programming.dev/post/37648654

Thousands of Flock Safety surveillance cameras captured Virginia travelers with an unblinking eye. Their data was shared and searched around the country millions of times.

Comments

• Reddit.

cross-posted from: https://programming.dev/post/37353326

cross-posted from: https://programming.dev/post/37278389

Optical blur is an inherent property of any lens system and is challenging to model in modern cameras because of their complex optical elements. To tackle this challenge, we introduce a high‑dimensional neural representation of blur—the lens blur field—and a practical method for acquisition.

The lens blur field is a multilayer perceptron (MLP) designed to (1) accurately capture variations of the lens 2‑D point spread function over image‑plane location, focus setting, and optionally depth; and (2) represent these variations parametrically as a single, sensor‑specific function. The representation models the combined effects of defocus, diffraction, aberration, and accounts for sensor features such as pixel color filters and pixel‑specific micro‑lenses.

We provide a first‑of‑its‑kind dataset of 5‑D blur fields—for smartphone cameras, camera bodies equipped with a variety of lenses, etc. Finally, we show that acquired 5‑D blur fields are expressive and accurate enough to reveal, for the first time, differences in optical behavior of smartphone devices of the same make and model.

cross-posted from: https://programming.dev/post/37262246

More than twenty countries have signed on to the nonbinding Pall Mall Process Code of Practice for States since it was launched in April 2025 by the United Kingdom (UK) and France. Its focus is to “tackle the challenges posed by the proliferation and irresponsible use of commercial cyber intrusion capabilities (CCICs).” CCICs encompass a broad array of tools, including spyware—a kind of malicious software that allows “unauthorized remote access to an internet-enabled target device” for surveillance and/or data extraction. One of the pillars of the Code of Practice for States is accountability, under which countries are encouraged to establish or apply national frameworks to regulate the “development, facilitation, purchase, transfer, and use of” spyware.

Establishing new domestic frameworks or even analyzing which existing national or international frameworks apply to spyware-related activity will take significant time, likely years. Meanwhile, new instances of spyware abuses against journalists and other human rights defenders continue. It is therefore not surprising that the Code of Practice for States also recommends measures to incentivize responsible activity, encourage the use of export control and licensing frameworks, and provide support for victims. It is on one such measure for victim support that this report focuses: “procedures for those claiming redress as a result of the irresponsible use of CCICs, including ensuring access to effective judicial or non-judicial remedies.” Specifically, this report explores how existing tort law relating to abnormally dangerous activities in the United States and the UK could provide a ground for bringing cases related to spyware abuses.

Tort law allows individuals to take accountability into their own hands, which is especially important when processes to enact binding obligations on actors involved in developing and selling spyware can take years and there is no guarantee they will be successful. However, tort law differs by country and, within the United States, even by state. This makes research difficult and, at a larger scale, inconsistent. Additionally, litigation is very resource intensive both in terms of money and time and governments are typically shielded from civil liability. It is simply not possible for every victim of a spyware abuse to bring a case against the actor(s) responsible. In that sense, it is not recommended to rely exclusively on tort law for accountability, but to use it as a supplementary measure while continuing to pursue parallel efforts at regulation.

With that framing, this report looks at the possibility of bringing cases under strict liability for abnormally dangerous activities in California and the UK. These two jurisdictions were chosen because of the similarities in their legal systems, the fact that civil cases have been brought in California against spyware developers, and since the UK is one of the countries that launched the Pall Mall Process. The author is not aware of any previous cases brought under this theory of liability with respect to spyware. Given the six-factor definition of abnormally dangerous activities in California, the fact that a court decides whether an activity qualifies, and recent developments regarding jurisdiction over foreign defendants and significant damages awards, it could be possible, although still difficult, to bring a case there under this theory related to spyware harms. The development of the same doctrine in the UK, however, cautions against attempting this novel argument there. For UK plaintiffs, more research is needed on alternative grounds under tort.

cross-posted from: https://programming.dev/post/37194712

Technical Report.

Macrodroid has been a favourite of mine for automating things on my phone. This is no longer the case.

It has been silently updated at some point to become a data mining and leaking nightmare. At the time of writing these lines, this app contains 30 trackers from various third party telemetry services according to the latest Exodus report. This is an extremely high number of trackers and there definitely weren’t that many a few years back. Even most junk free mobile games can’t manage to contain this many. It appears that the owner of the app has sold out and turned it into spyware to sell your data to as many companies as possible.

This is particularly worrying considering the level of access and permissions the app requires to function. If you are using the app still, I’m urging you to reconsider.

Spread the word.

Exodus report

cross-posted from: https://sh.itjust.works/post/45402993

The Ministry of Communication and Information Technology of Nepal has issued an order requiring all social media platforms to be registered in Nepal.

Based on this, the Nepal Telecommunications Authority (NTA) has instructed all network service providers to deactivate 26 platforms, including Signal, Facebook, Instagram, WhatsApp, YouTube, and others.

To lift the ban and operate legally in Nepal, each platform must:

1. Register with the Ministry of Communication and Information Technology.

2. Appoint in Nepal:

   • A Point of Contact
   • A Resident Grievance Handling Officer
   • An Officer responsible for monitoring compliance with self-regulation [1]

3. Submit an application in the prescribed format along with required documents, as per the Directives on Managing the Use of Social Media Networks (2080 B.S.). [2]

Reference:

[1] Notice by the Ministry of Communication and Information Technology on Managing the Social Networking Platform Usage in Nepal

[2] Directives for Managing the Use of Social Networks, 2023

cross-posted from: https://piefed.zip/post/424252

• Invidious
• Youtube