HackerTrans
TopNewTrendsCommentsPastAskShowJobs

5f3cfa1a

no profile record

comments

5f3cfa1a
·8 miesięcy temu·discuss
I think it's patchwork & has changed over time. When I was at high school one of my friends who was homeschooled competed with me on our academic team. His older (and far more athletically gifted brother ;-)) lettered in several varsity sports. But now that state's athletic association explicitly says no to homeschool students.
5f3cfa1a
·8 miesięcy temu·discuss
This comment made me curious so I did some research. Of the sports offered by my local school district (in the top 30 for enrollment in the country), I can find an alternative for homeschoolers that offer competitive opportunities for every sport but bowling and football.

Of the others, there are either homeschool alternatives that are explicitly secular or at least not overtly religious, or there are competitive clubs. All the schools have track & field, but there is a large homeschool league. And the district has a few schools with pools and a few more with swim teams that practice at the city pools, but the local swim club is the one turning out the Olympians – but even then, it also seems to have plenty of offerings for kids who won't set a world butterfly record. Football, I imagine, is just so popular that the private/public schools take all the players.
5f3cfa1a
·8 miesięcy temu·discuss
Grade retention ('holding kids back') has additionally dropped significantly since the average HNer has gone to school. I remember going to school where one of my peers went to sixth grade with his brother two years older than him. But now, we give out social promotions.

That might've worked if we funded schools & gave students who fell behind significant interventions & 1x1 attention, but that's not what happened. One of my friends has a very bright and talented fifth grader in a class with multiple students who can barely read or write. Guess who gets the most attention from educators? Which group the teachers structure the class for?
5f3cfa1a
·8 miesięcy temu·discuss
Of these, most are easily handled. I am in a midsized city and there are plenty of groups that offer music, robotics & engineering, speech & drama, etc. focused towards homeschooled students. That, plus the rise in homeschool "pods"/co-ops means socialization and activities are very available to students & parents who want them.

Sports might be the challenge. Many US states have athletic associations that handle most K-12 sports, and they require enrollment in an accredited member school. I am aware of several homeschool specific athletic associations in my area, but all are targeted towards religious homeschoolers. Not certain what secular alternatives would exist, but soccer is very popular & there are plenty of competitive academies that operate outside the school ecosystem.
5f3cfa1a
·8 miesięcy temu·discuss
https://nusenu.github.io/OrNetStats/ should give you a feel for the overall size & relative homogeneity of the current Tor network.
5f3cfa1a
·9 miesięcy temu·discuss
Fuel depletion is _not that risky_ is an interesting take. But hey, it won Chapecoense its first and only Copa Sudamericana, so maybe it isn't that bad after all?

https://en.wikipedia.org/wiki/LaMia_Flight_2933
5f3cfa1a
·10 miesięcy temu·discuss
If the theory is that PIF's involvement is the video game equivalent of sportswashing, this is pretty much exactly what we should expect – the Saudi's expected return on their investment is improved perception and more opportunities to exercise soft power, with less concern around financial returns.
5f3cfa1a
·10 miesięcy temu·discuss
Awesome, exactly what I wanted to learn. Thanks!
5f3cfa1a
·10 miesięcy temu·discuss
> Hmmm this is a preemptive lawsuit from Morgan and Morgan for clarity, which seems to be in bad form

Not a lawyer, but to bring a lawsuit in the US you typically have to show that you've suffered a real injury that the court can remedy. How can Morgan and Morgan establish standing here?
5f3cfa1a
·10 miesięcy temu·discuss
> sure, threat model matters. no protection is 100%, but more is better.

You can't just say "threat model matters" and then treat security as an absolute gradient (poset?). That means you don't have a real threat model.

> using my own hosted proxy means that my identity is out in public. it's not even hidden. no need to even seize payment records. anyone can look up the ip address and eventually figure out who owns the server.

Bold claim – you've gotta show your work for this one.

> there is no threat model where your own hosted proxy could ever provide better protection than any VPN.

"no threat model [em-bee can imagine]", maybe :)

Here's one for you: how do you know your VPN provider doesn't log usage? You SSHed in and looked at /etc/syslog lately? Went to their hosting provider and opened door 641A?[0]

You sell a VPN and accept US cash? You are interacting with the US financial system and are open to all sorts of laws and enforcement levers that get to be pulled against the company that sold you that service & pinky swore they didn't log.

How sure are you about that "no log" claim if your VPN provider had a visit from a friendly FinCEN CI and some HSI folks who explained what a "US nexus" is?

All this said, I don't necessarily disagree with you: my personal threat model is that bigger fish exist than me, and a paid VPN provider fits the risks I take. Yours might be the same. But I don't see how you reasoned your way there.

[0]https://en.wikipedia.org/wiki/Room_641A
5f3cfa1a
·10 miesięcy temu·discuss
Again, lazy!

Yes: if you have half of a billion dollars in BTC, sure – you're a victim to the wrench, be it private or public. If you're a terrorist mastermind, you're likely going to Gitmo and will be placed in several stress positions by mean people until you say what they want to hear.

Extreme high-value targets always have been, and always will be, vulnerable to directed attacks. But these improvements are deeply significant for everyone who is not a high-value target – like me, and (possibly) you!

In my lifetime, the government has gone from "the feds can get a warrant to record me speaking, in my own voice, to anyone I dial over my phone" to "oh, he's using (e2e encrypted platform) – that's a massive amount more work if we can even break it". That means the spectrum of people who can be targeted is significantly lower than it used to be.

Spec-fiction example: consider what the NSA could do today, with whisper.cpp & no e2e encrypted calls.
5f3cfa1a
·10 miesięcy temu·discuss
I hate this comic because it is profoundly lazy, and I hate it when people hand-wave away meaningful security advances with it.

Hitting people with wrenches leaves marks that can be shown to the media and truth & reconciliation commissions. Wetwork and black-bagging dissidents leaves records: training, operational, evidence after the fact. And it hardly scales – no matter what the powers at be want you to think, I think history shows there are more Hugh Thompsons than Oskar Dirlewangers, even if it takes a few years to recognize what they've done.

If we improve security enough that our adversaries are _forced_ to break out the wrenches, that's a very meaningful improvement!
5f3cfa1a
·10 miesięcy temu·discuss
There are dozens of us, dozens[0], who love that damn form factor!

[0] https://youtu.be/lKie-vgUGdI
5f3cfa1a
·10 miesięcy temu·discuss
> a DYI VPN may hide my home IP but it does not hide my identity unless the server i route through is not owned by me.

Again, threat model matters – hide your identity from whom?

You certainly won't hide it from someone who can seize payment records. You will struggle to hide it from someone who has control of enough of the internet to correlate data across sites, like Google or Cloudflare. But if you're looking to be pseudonymous in the face of a single site, or a small set of sites that don't conspire to unmask users? It might work just fine.

(unless as you rightly note they block your hosting service's ASN;-))
5f3cfa1a
·10 miesięcy temu·discuss
I suspect every single VPN, including the ones who claim to not log, maintains or exposes enough information for a dedicated adversary to make a convincing case if they want. I give a little extra credit to Mullvad simply because I can put cash in the mail, but even then if a significant adversary wants to know you are connecting, they will.

> Domestically, I wouldnt be surprised if all of this data from US owned VPNs is shipped to the NSA or other groups and analyzed. After the Snowden reveals its hard to really see this stuff as conspiracy anymore.

Even the "friendly" international ones aren't in the clear. Sweden isn't in FVEY, but they're in Fourteen Eyes. And we know from the XKeyscore leaks that the NSA hoovers up metadata like there's no tomorrow. I'd bet my house that anyone who connects to a commercial VPN or _especially_ to Tor lights up like a Christmas tree on the NSAs board – so they might not know for sure what you're doing, but they know you are possibly doing something.

Apple's Private Relay is probably the best chance to actually blend in, but estimates are 1-2% usage for "average users" and 3-5% for Wikimedia editors who I'd assume to have a technical slant. That's an order of magnitude too low for a crowd to exist to blend into, and with two friendly US entities on both sides of the privacy equation, I wouldn't rely on it to stand up against significant scrutiny.

> The only practical use case I can think of is torrents where the legal and political will to subpoena a vpn provider is low, so its this weird loophole where you can torrent but your ISP will never be informed. For now I suppose until the IP holders think the legal fees are worth it or get a law passed to sidestep subpeonas.

My analysis tends towards this: there's a gradient of behavior that is "tolerated" at each step. If you want to torrent, a cheap VPN is tolerated and your crimes will be overlooked... because it's far better to catch serious criminals through that VPN. If you want to buy LSD from a dark web site, Tor lets your crimes be overlooked, because the big fish are the sellers. If you want to commit a significant crime, TLAs know everything about you already and the DEA/HSI/FBI/USPIS/IRS-CI or your local equivalents are ready to parallel construct your ass to the wall when you become noticeable enough.

But maybe I'm not as pessimistic as you – the vast majority of people aren't at the far end of the spectrum, so if you want to infringe copyrights, $60 to Mullvad for a year is what you want.
5f3cfa1a
·10 miesięcy temu·discuss
The answer is always "maybe" until you bring your threat model to the table.

I use a VPN to watch IPTV & download torrents without my ISP sending me nasty letters. Mullvad is great for that.

I would trust it in conjunction with Tor to protect me from low-level crimes. I wouldn't run trust either it or Tor, alone or in combination, to run a marketplace the DEA would become interested in.

If your threat model is obscuring your home IP to hide your IP from above board HTTPS sites, a DIY VPN probably is great. If it's to do low level crime, a cheap VPN is probably enough. Anything else, good luck.