Atemu

Atemu, 2 months ago

That whole situation was such an overblown idiotic mess. Kagi has always used indices from companies that do far more unethical things than committing the extreme crime of having a CEO who has stupid opinions on human rights.
I 100% agree with Vlad’s response to this whole thing and anyone who thinks otherwise should question what exactly it is they’re criticising.

I don’t like Brave (super shady IMHO) and certainly not their CEO but I didn’t sign up for a 100% ethically correct search engine, I signed up for a search engine with innovative features and good search results. The only viable alternatives are to use 100% not ethically correct search indices with meh (Google) to bad (Bing, DDG) search results. If you’re going to tell me how Google and M$ are somehow ethical, I’m going to have to laugh at you.

The whole argument amounts to whining about the status quo and bashing the one company that tries anything to change it. The only way to get away from the Google monopoly is alternative indices. Yes those alternatives may not be much more ethical than friggin Google. So what.

Atemu, 2 months ago

Your search results look very different to mine:

https://lemmy.ml/pictrs/image/01eae1b8-2367-4533-a739-a59b944b4946.png

Did you disable Grouped Results?

All the LLM-generated “top 10” listicles are grouped into one large block I can safely ignore. (I could hide them entirely but the visual grouping allows for easy mental filtering, so I haven’t bothered.) Your weird top10 fake site does not show up.

But yes, as the linked article says, Kagi is primarily a proxy for Google with some extra on top. This is, unfortunately, a feature as Google’s index still reigns supreme for general purpose search. It absolutely is bad and getting worse but sadly still the best you can get. Using only non-Google indices would just result in bad search results.
The Google-ness is somewhat mitigated by Kagi-exclusive features such as the LLM garbage grouping.

What Google also cannot do is highlighted in my screenshot: You can customise filtering and ranking.
The first search result is a Reddit thread with some decent discussion because I configured Kagi to prefer Reddit search results. In the case of household appliances, this doesn’t do a whole lot as I have not researched trusted/untrusted sources in this field yet but it’s very noticeable in fields like programming where I have manually ranked sites.

Kagi is not “all about” privacy. It’s a factor, sure but ultimately you still have to trust a U.S. company. Better than “trusting” a known abuser (Google, M$) but without an external audit, I wouldn’t put too much wight into this.
The index ain’t it either as it’s mostly Google though sometimes a bit better.
What really sets it apart is the features. Customised ranking aswell as blocking some sites outright (bye bye pinterest and userbenchmark) are immensely useful. So are filtering garbage results that Google still likes to return.

Atemu, 2 months ago

I personally have not found Kagi’s default search results to be all that impressive

At their worst, they’re as bad as Google’s. For me however, this is a great improvement over using bing/Google proxies which would be the alternative.

maybe if I took the time to customize, I might feel differently.

That’s the killer feature IMHO.

Atemu, 2 months ago

I think you’re underestimating how huge of an undertaking a half-decent search index is, much less a good one.

Atemu, 2 months ago (edited 2 months ago)

Whether this is bad depends on your threat model. Additionally, you must also consider that other search engines are able to easily identify you without you explicitly identifying yourself. If you can’t fool abrahamjuliot.github.io/creepjs/, you certainly can’t fool Google for instance. And that’s even ignoring the immense identifying potential of user behaviour.

Billing supports OpenNode AFAICT which I guess you could funnel your Moneros through but meh.

Edit: Phrasing.

Atemu, 2 months ago

Non-android mobile Linux is not mature enough yet.

Atemu, 2 months ago

By the fact that none of the apps I use day-to-day on my Android phone have viable alternatives on non-Android Linux.

I’d have to run Android inside a container on the mobile Linux which isn’t the best experience and if I need to have Android running anyways, might aswell use regular android.

While it’d be cool to have, I don’t really need a proper freedesktop userspace on my phone if I’m honest.

Android is also simply leagues ahead in mobile UI things.

Atemu, 2 months ago

It wont take years. You’ll be able to hack basic stuff together in a week max.

What takes years of experience is time efficient programming aswell as producing maintainable code.

Atemu, 2 months ago

Exodus shows all permissions the app could use or request. You have denied all of those.

Atemu, 2 months ago

Sorta.

You still need to trust a full Linux kernel and x86 hardware system.

Atemu, 2 months ago

Note that the web clients are all GPLv3: github.com/ProtonMail/WebClients

It’s only the mobile apps of the auxillary services (drive, pass etc.) that are proprietary. And I don’t get why either because it wouldn’t hurt them one bit.

Atemu, 2 months ago

Their concern is obviously solving the dire problem of FOSS maintainers not getting compensated for their work, not getting rich themselves.

Atemu, 2 months ago

It’s clearly a license fee. I don’t see how a license fee stands in conflict with FOSS though. FOSS is Free as in freedom, not free as in gratis.

The godfather of all FLOSS licenses himself (GPL) contains explicit terms to allow license fees too.

Atemu, 2 months ago

restrictions like that aren’t compatible with the FOSS freedoms

They are.

FOSS freedoms are about what you’re allowed to do with the code, not about providing those privieges for free (as in: gratis) to everyone.
It’s whether the freedoms are attainable at all; in proprietary software, the freedoms are not attainable, no matter how much you pay for it. Paying for the privilege of being granted those freedoms does not stand in direct conflict with FOSS IMV as long as it is reasonably possible to attain them.

Where it gets complex is transitive freedoms. If I sell you my FOSS program and grant you all the freedoms that includes the freedom to grant those freedoms to others. Such “licensing proxies” are impossible to forbid without limiting essential freedoms of FOSS.

One possible method that sprung to my mind is to only allow granting the rights on modified copies (“modification” meaning original work atop of the licensed work) or even just the modifications themselves. This would technically restrict an essential freedom but I don’t consider those to be set in stone either.

It would be extremely difficult to implement this in a manner that actually makes the freedoms attainable and there are tons of complexities in this that I’ve glossed over but I don’t see a licensing model that requires monetary payment in exchange for the freedoms as fundamentally wrong or incompatible with the spirit of F(L)OSS.

Atemu, 2 months ago

I see you quoting “Free as in Freedom” but you seem to imply that FOSS also means “Free as in gratis”. That is not true. FOSS does not grant you the freedom of receiving everything for free (gratis).

Atemu, 2 months ago

It’s basically a “free for personal use” license.

Not sure I 100% agree on that.

If there was a license that i.e. required a certain percentage of all revenue that can be attributed to the usage of the software, a for-profit company could utilise it without paying a cent if they used it without generating revenue with it.

Atemu, 2 months ago

That’s the hard part: Who has claims to how much of the license fees. That’s an extremely tough question to answer because it necessitates quantification of code contributions which is far from a solved problem.

Atemu, 2 months ago

Pretty much any?

Headless distros won’t really differ in RAM usage. The only generic OS property that I could relistically see saving significant resources in this regard would be 32bit but that’s… eh.

What’s more important is how you utilize the limited resources. If you have to resort to containers for everything and run 50 instences of postgres, redis etc. because the distro doesn’t ship the software you want to run natively, that won’t work.

For NAS purposes and a few web services though, even containers would likely work just fine.

Atemu, 2 months ago

Just a hunch but I’d look into rtkit. A bad process with realtime priority could starve out others.

Temporarily disable rtkit and log out.

Atemu, 2 months ago

The only important instance I know of would be your audio server (pipewire, pulse) which could also explain why audio continues to work.

how do I disable rtkit? It seems to just start up regardless of what I do.

Masking the service should do it.

Atemu, 2 months ago

Arch is on 5.6.1 as of now: archlinux.org/packages/core/x86_64/xz/

We at Nixpkgs have barely evaded having it go to a channel used by users and we don’t seem to be affected by the backdoor.

Atemu, 2 months ago

We know that sshd is targeted but we don’t know the full extent of the attack yet.

Atemu, 2 months ago

Mine stopped working.

Atemu, 3 months ago

As per btrfs fi df /home, used space is 82.86 GiB, not 83.21 GiB.

That’s just used data. The global used metric likely incorporates metadata etc. too. System aswell as the GlobalReserve are probably accounted as fully used as they’re, well, reserved.

As per btrfs fi du -s /home , used space is 63.11 GiB.

<span style="color:#323232;">     Total   Exclusive  Set shared  Filename
</span><span style="color:#323232;">  63.11GiB    13.64GiB    49.01GiB  /home
</span>

While according to du -hs /home, 64GiB is used.

Likely compression or inline extents. btrfs only reports apparent size to du and friends unfortunately.

Also, maximum space used should be close to 72 GiB as per btrfs fi du -s / and 73 GiB as per du -hs /, if btrfs fi usage includes all subvolumes . ‘/home’ and ‘/’ are on separate subvolumes.

Your home has a lot of shared extents which indicates to me that you have at least one snapshot of it.

You also wrote 13.6GiB of new data to your home since the snapshot. Assuming a similar amount of data was deleted/overwritten since, that would add up to 76GiB. If there’s perhaps one or two more snapshots, that would explain the rest.

Snapshots are “free” only so long as you don’t write or delete any data in the origin.

Atemu, 3 months ago

Size of diff between btrfs subvolume and snapshot is 11GiB

WDYM by “diff”?

Also forgot to mention but if you want to know what’s taking how much space on your btrfs, try btdu. It uses a sampling-based approach and will therefore never be 100% accurate but it should be quite accurate enough after a little bit.

Atemu, 2 months ago

Note that the diff does not necessarily correlate with the amount of data that changed, not how much additional space the snapshot takes.

Atemu, 3 months ago

I don’t see how undervolting would result in power savings on modern CPUs if you’re not up against clock limits as the CPU would simply boost higher.

Atemu, 3 months ago

This is the way. You need to check whether CPU and package are mostly in the highest C-states they can be. If not, you’ve got a task or IO device causing a lot of wasted power.

Atemu, 3 months ago

You don’t use HTTP or SOCKS proxies to proxy internet traffic these days but VPNs. The effect is the same but it’s a shiny new name to market. If you’re talking to a normie (i.e. Google), you’re looking for “a VPN”.

This space is quite crowded as it’s a super simple service to offer and is insanely profitable. You’re basically being resold datacenter bandwidth with a profit margin of at least 90%.

What you’re likely looking for (given the community) is a proxy to pseudonymise your internet traffic such that neither data brokers nor governments can trivially get access to this information.

Given the insane profit margin, there are tonnes of unscrupulous “VPN services” that stab you in the back and double dip; selling your traffic data to the highest bidder. If you want one who doesn’t do that, you must pay and even then you have to be extremely careful in your selection. Unless proven otherwise or very implausible, assume any VPN proxy provider stabs you in the back for even higher profits.

The only exception I know of is ProtonVPN which offers limited free servers. The free tier is effectively a free trial with some limitations, namely that it’s only a handful of countries and that P2P is blocked. I’ve used it for years and IME speed has almost always been absolutely fine.

Whether you trust Proton is up to you to decide. IMV the company does not appear to be in this primarily for enrichment but because they actually care about privacy. They offer quite a wide range of other services that they built from the ground up and largely open sourced. The raison d’être for their free VPN proxies appears to be customer aquisition and I guess it worked on me because I’m now a paying customer of theirs, though primarily for their email services.

Note that they comply with (Swiss) government orders (as any sustainable business must) but I trust them to not sell my data to the highest bidder or governments which is what I care about. If you’re doing shit bad enough that could get someone to convince the Swiss government to go after you, they will not shield you (but also just… please don’t).

Atemu, 3 months ago

Then let’s ship your PC, that’s how containers work, right?

Atemu, 3 months ago (edited 3 months ago)

The reason is software patents and asinine licensing for HEVC. Thank the greedy fucks in suits for that.

Atemu, 3 months ago

AFAIK, this is a Windows-specific option which requires the user to have purchased a license for the Windows HEVC decoder on the windows store.

Atemu, 3 months ago

Cryptomator is made for that exact purpose.

Atemu, 3 months ago

Flash loses memory over many years. I’d use like 3 different mediums and always keep a hash of the key with the key.

Atemu, 3 months ago

The reason given is also great.

Atemu, 3 months ago

They do have an API, but I haven’t found anything written on top of that.

Not 3rd party of course but most of their official clients are FOSS.

How do they ensure zero knowledge if you send them the username and password?

Because you don’t. I haven’t looked into how it works exactly but all your browsers sends is your username and a proof of you having access to the password

Atemu, 3 months ago

At that point, might as well send E2E encrypted mail via GMail.

From a security stand-point: Yes. From a privacy standpoint: Absolutely not.

Atemu, 3 months ago

Doesn’t Proton specifically provide instructions for how to use proton mail via proton vpn (and/or tor, discussed in the article) to provide extra privacy against IP-demanding court orders?

That would be rather short-sighted or disingenuous as they would then simply be forced to log their proxy too.

Atemu, 3 months ago

Oh? When did that happen?

I checked a few other repos and it appears the android app is the only repo where this was done.

Hey @protonprivacy, why were issues disabled on github.com/ProtonMail/proton-mail-android?

Atemu, 3 months ago

I wouldn’t really call the BE service “core” to what they provide. All the truly interesting code is in the clients. The server just an email service that stores the email in an encrypted format and talks their custom API.

An open source ProtonMail back-end won’t help you in any way unless you’re trying to host PM yourself I guess?

Atemu, 3 months ago

There’s a large difference between surrendering massive amounts of highly critical metadata aswell as some data* to a known abuser vs. an entity that prides itself in not abusing your data and which even takes specific technological measures to make it as hard for them as possible (zero access encryption at rest, automatic key discovery).

(* Partial social graph, interaction timestamps, political interests, health, hobby interests and much of that usually even in plain text data form when receiving email; stored in in plain text forever.)

Atemu, 3 months ago

Thanks for the answer :)

Google play appears to be delivering the 4.0.6 (8308) update to me already, is that intended?

Atemu, 3 months ago

Are you spoofing your user-agent or have enabled other fingerprinting “mitigations”?

Atemu, 3 months ago

Just try a default Firefox. Though if you want to use TOR anyways, why not just use TOR browser? It’s the only browser where the starting conditions are reasonably anonymous.

Atemu, 3 months ago

Yeah and that’s great but my point is that I don’t see an obvious way to use it for that in its current implementation. I’m sure you could build it but it’s simply not built yet.

Atemu, 3 months ago

Have you spoofed your country? Check the Aurora Store settings.

Atemu, 3 months ago

Hm, I thought it had something like this but it does have languages but your display language appears to be your local language. Perhaps it different though; worth checking.