HackerTrans
トップ新着トレンドコメント過去質問紹介求人

throwaway67114

no profile record

コメント

throwaway67114
·5 年前·議論
Source?
throwaway67114
·5 年前·議論
At least on android, most whatsapp data is stored in a folder named whatsapp, which can be accessed by any app with storage permission. So you can see all sent/received images and videos in photo viewer apps etc. Signal stores them in a place which at least in Android 11 can't be accessed by other apps.
throwaway67114
·5 年前·議論
Try it with Ublock Origin. It works best with FF.

https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-b...
throwaway67114
·5 年前·議論
Firefox has at least 2 tree style add-ons right now.
throwaway67114
·5 年前·議論
Enjoy

https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
throwaway67114
·5 年前·議論
How did you get started?
throwaway67114
·5 年前·議論
Or cripple projects that remove that telemetry (see Vscodium which cannot use remote extensions and the new default LSP named Pylance, because Microsoft forbids it).

Edit: vscode also has some proprietary debuggers.

https://github.com/VSCodium/vscodium/blob/master/DOCS.md#pro...
throwaway67114
·5 年前·議論
Quoted from article [1] on how someone 'hacked' some Brazil politicians:

"A hacker with little technical skill and no specialized equipment could, it turned out, do quite a bit of damage with access to someone's voicemail. Delgatti, for instance, figured out he could use this VoIP spoofing technique to target Telegram accounts. At the time, when a Telegram user wanted to attach their account to a new device, they had the option of requesting a verification code via an automated voice call from Telegram. Delgatti realized that he could spoof a victim's phone to request that code. Then, if Telegram's automated voice call didn't get through—because Delgatti initiated the hack late at night while his victim slept, or kept the line busy by calling his victim at the same time—the code would be sent to the person's voicemail. He could then spoof the target's phone once again to gain access to their voicemail, retrieve the verification code, and then add the victim's Telegram to his own device. After that, he could download their entire chat history from the cloud."

[1] https://www.wired.com/story/brazil-hacker-bolsonaro-car-wash...

I think the least everyone who wanna continue using telegram must do is enable 'two-step verification' in Telegram settings.

Or use Signal. Or Wire if you don't wanna expose phone number. But Wire stores metadata.

Edit: Yeah WA is e2e by default. But if you or your friend has enabled backing up chats to Google account, everything will be backed up in plain/weak encryption. Also at least in android, WhatsApp automatically stores all received/sent pics, videos etc in a folder named WhatsApp which is available to any app with storage permission.
throwaway67114
·5 年前·議論
And that secret chat only works on mobile and only for 1 on 1 conversations.
throwaway67114
·5 年前·議論
Mathematician's Delight by W. W. Sawyer seems a good book.
throwaway67114
·5 年前·議論
// Let's say a user encrypts a file outside of Dropbox, using a program of the user's choice, then she transfers the encrypted blob to Dropbox //

Most people won't encrypt before transfer to Dropbox.

Even if they do, all security usually relies on a password set by the user. Normal users are known to set easy to crack passwords.

So two unusual things need to happen for things to be secure.

The security of Magic Wormhole doesn't rely on the relay server, as explained elsewhere in this thread.
throwaway67114
·5 年前·議論
Why the downvotes. A mobile operator named Jio did this in India.
throwaway67114
·5 年前·議論
I really liked Fleabag. Maisel seemed too pretentious, watched only 2 or 3 episodes. Maybe should try again.
throwaway67114
·5 年前·議論
Doesn't zip software such as 7zip support splitting of compressed files into as many pieces as you like and then rejoin them when you want?
throwaway67114
·5 年前·議論
Edit: sorry made some blunder. You are Brian, just saw on your profile.
throwaway67114
·5 年前·議論
The only thing end to end encrypted in Telegram is 1 on 1 mobile chats and calls, and you have to explicitly enable it.
throwaway67114
·5 年前·議論
croc probably shouldn't be used if you want security:

[1] https://news.ycombinator.com/item?id=27054885

[2] https://twitter.com/Sc00bzT/status/1396199915638992896

Magic Wormhole has a good implementation in Go, which is compatible with the original Python implementation (croc is not compatible with magic wormhole). It has windows binary and binaries for most of the popular OS.

https://github.com/psanford/wormhole-william

Binaries: https://github.com/psanford/wormhole-william/releases

There's GUI: https://github.com/Jacalz/wormhole-gui

Android app too: https://github.com/psanford/wormhole-william-mobile

Support for resuming transfers is planned I think.