HackerTrans
TopNewTrendsCommentsPastAskShowJobs

vikarti

no profile record

comments

vikarti
·4 months ago·discuss
Why not make it _optional_ but implement on github,etc so any publisher could enable this, no matter how small. But also make it possibel to disable either by support request and small wait or by secondary confirmation or via LONG (months) wait.
vikarti
·5 months ago·discuss
Problem is that A LOT of companies abuse copyright. Examples with known services: - Several years ago I can only buy a lot of ebooks via Kindle Store (they weren't in other places).Actually reading them in Bookfusion (which is my preferred tool) required breaking DRM. - Spotify/Netflix - several years ago they required using their apps/sites only. Now I have to ALSO work around their geoblocks and they don't like this (so...they think I should try very hard to give them more money because they don't want them). There are a lot other services with those problems.

But:Torrent trackers still work same as before. Paid pirate equivalents of Netflix (!) also still work same as before.

Counter example:iTunes Music store/Apple Music and Steam - still works, it looks like Apple and Valme still want my money so they get it.
vikarti
·9 months ago·discuss
They pay _for service_ of just press play and view
vikarti
·9 months ago·discuss
> Most music is sold without digital restrictions

Thanks to Apple

>many video games are also sold without digital restrictions

Thanks to GoG and (to a lesser extent) Steam
vikarti
·9 months ago·discuss
Potential issue: what EXACTLY DRM is? Is "you can only read this book/view this video on tivoized device which have it's own cellular connection to mothership and no USB/Ethernet/WiFi" counts as DRM for this purposes? What about "you can only buy this book at some obscure store which have it's own obscure reader which only work on specific versions of specific OS"? What if said OS is out-of-date? What about "you can buy only from specific store, store provides you reader app als specifically allows you to gift reader and books to friends,etc but reader app is personalized and will tell your name on start up"?(btw,I did buy some books protected this way in 00s)
vikarti
·10 months ago·discuss
Sometimes I wish I'm able to knew things like this in discussion: - is person legally adult(not necessary due to being of age, emancipation is also ok, people who do emancipation usually more...adult) - how much education person really have? (it's _usually_ pointless to discuss anything related to science with children from middle school)
vikarti
·10 months ago·discuss
Possible option(will it BE Option?): EU:Here is my phone. Yes, it's working. It's chinese one with Huawei's Harmony OS, photos are great. or it's Russian one, I really like Pushkin so decided to get their model. Russia: Here is my phone. Yes,it's google pixel with GrapheneOS (it's more secure - Mother Russia is danger so everyone must be vigilant! I banking app via RuStore). USA: Here is my phone. I really like French. it's phone with with stock e/OS Point is - if it's impossible NOT to be observed - you (for now) still have choice which security service will observe you. $NOT_YOUR_COUNTRY_OR_ALLIANCE security services/police is unlikely to arrest $CITIZENS_OF_YOUR_COUNTRY_OR_ALLIANCE without $NOT_YOUR_COUNTRY_OR_ALLIANCEtroops be here FIRST (and you will knew it). Only potential threat is that $NOT_YOUR_COUNTRY_OR_ALLIANCE could try to be interoperable with each other
vikarti
·10 months ago·discuss
Scroogled, by Cory Doctorow comes to mind.
vikarti
·last year·discuss
Regulations sometimes matter. Stupid "security" rules sometimes matter too.
vikarti
·2 years ago·discuss
China or Russia also have "interesting" data protection / "let's protect children" laws. Some of they also formulated in same way as GDPR so VPN doesn't help. Why should they be ignored? (other than "but it's DIFFERENT thing, EU is good ones")
vikarti
·2 years ago·discuss
He is in Russia? Did he tried to run his own server _over vpn_? I did encounter a lot of strange issues with network connectivity if one of nodes is in Russia (especially on non-datacenter connection).TSPU could cause a lot of issues (to protect children from terrorists -:)). First thing to check is making _relilable_ encrypted VPN and checking via it.
vikarti
·2 years ago·discuss
Created encrypted room on matrix.org with my matrix.org user Invited my account from my self-hosted homeserver. Chat works.
vikarti
·2 years ago·discuss
Not only. Example: Chrome on Android did change some time ago so if CA is in System store (which means it got here from manufacturer or from user which does have root access) - such CA MUST use Certificate Transparency. This rule doesn't apply if CA is in User store (installable by regular user) - https://httptoolkit.com/blog/chrome-android-certificate-tran...

Another example: Yandex Browser ONLY trust Russian NUC certs if they are in public CT logs,not otherwise (https://habr.com/ru/companies/yandex/articles/667300/ - text is in Russian) (as far as I understood, NOT trusting this CA al all is not option for them or their users, and if user is using chrome/firefox and needs access to sites which use this CA - CA will be just be installed manually so Yandex's solution is more secure, thanks to CTs).
vikarti
·2 years ago·discuss
A LOT of minor fuck ups which demonstrates Entrust is (likely) not malicious, they just stupid and don't care how to do things correctly. How long until they fuck up something serious?

This reminds me about discussion about Russian Goverment's NUC Root CA (not trusted by default in Chrome/Firefox, Trusted by Yandex Browser only with some additional verifications to prevent abuse by goverment). Discussion was not about why this cert was necessary in first place, it was about it's creation violating Russian laws and procedures AND violate a lot of technical rules. A lot of people just said - this cert is necessary and it's clear who made it so why we should look to "minor details"? (Links - in Russian https://habr.com/ru/articles/666520/ / https://habr.com/ru/articles/708970/ )
vikarti
·2 years ago·discuss
This looks related to some other problem: - There is Alice's server which provide service X - There are clients like Bob who needs this service. - There is Mallory who thinks clients doesn't need such service. Mallory have significant resources (more than Alice or Bob). - Mallory thinks it's ok to block access to Alice' server IF it's known that it's Alice's server and not some random site. Mallory sometimes also thinks it's ok to block if protocol is unknown.

This problem solved by XRay in all of it's versions. It could be possible (if overkill) to use mostly same methods to authenticate correct user and provide eir access.