• 0 Posts
  • 31 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle


  • None of the high end chips were made in Chinese fabs, and the device barely qualifies as a “laptop” besides the form factor. For some bizarre reason they used a USB5744 USB 3.2 5Gb/s hub chip, which tells me the following:

    • Their CPU doesn’t even have multiple USB3 interfaces
    • Their CPU doesn’t even have a single 10GB/s USB interface, which has been standard for may years
    • They don’t really care about using local parts only, because they have alternative products like the GL3590

    Unless We get better close up tear down photos, this devices primary purpose is propaganda


  • There is a UFS-II specification and even a PCIe version specifically for micro SD cards. It was all planned out, and it would have been trivial to tell consumers: “Yo need card with more contacts as shown in picture”. But no, the biggest manufacturer of flash storage is samsung, and they decided they’d rather sell higher storage capacity phones as a premium. Easy to do when you’re the second biggest manufacturer of of phones and apple already paved the way.








  • Thanks for the heads up, my setup is indeed 6-12 months old. My thoughts on the linked list:

    • uBlock origin is the #1 recommended plugin, and can make some other plugins redundent, see below
    • Decentraleyes only helps only for some scripts/sites and may be fingerprintable. Considering that it targets major CDNs and it’s widespread use, I still think it’s benefits outweigh the possible downside, especially if used in conjunction with a good VPN, so its optional but I’d keep it.
    • Privacy Badger used to be unique in that it creates a custom blocking list based on your behavior. There was some security and privacy vulnerability with this method, so it’s no longer done. It depends now solely on a pre-trained list just like uBlock origin, offers no additional features and should be removed.
    • Cookie extensions may give you a false sense of privacy as they do nothing for IP tracking or other vectors. However they do patch one area, and are useful if used correctly and together with other methods.
    • noscript is technically covered by uBlock origin as well, but the UI is far superior and you’ll be using that a lot.
    • Canvas Blocker was an optional plugin to begin with, and starting Firefox 120 the FPP (Fingerprint Protection) can subtly randomize canvas, hopefully with less problems. You should be using this build in feature instead of the plugin.
    • Font Fingerprint Defender is the one plugin that broke tracking on fingerprint.com, combined with VPN IP change, despite javascript being enabled. If you care about privacy, and not anonymity, you should still be using this.

  • Edit: Crossed out slightly out of date recommendations, see comments.


    Do not confuse privacy with anonymity. Your goal is not to defend against governments or other entities with limitless resourced, but against profit oriented companies. By reducing the amount of data you leak and obfuscating what is left, your data becomes progressively worthless as you improve your setup. This is a good thing, because companies will focus their limited resources on areas with a higher profit margin.

    Given your description, I think the network side of IT security is pretty much top notch, firmly in the top 0.1% if not 0.01% of users. However most of the tracking happens at the browser level, so it alone does not protect you that much.

    Firefox is a solid base, but it is optimized to not break any websites, rather then providing maximum privacy. You can try to tweak settings manually, but I’d rather recommend you to use LibreWolf on PC and Mull on Android. Both are pre-configure, hardened versions of Firefox, that also have proprietary Mozilla features like “Pocket” and some telemetry removed form the source. A standard install has basically no downsides, 99.9% of sites work normally and privacy is quite good.

    Librewolf has ublock origin pre-installed and pre-configured with sane defaults. I’d recommend the following additional addons:

    • Decentraleyes: Local CDC cache to reduce third party requests. Improves privacy, performance and doesn’t break anything. No configuration needed.
    • Privacy Badger: Prevents some interactive features (disqus comment section, embedded youtube player, etc) from loading until explicitly confirmed with a mouse click. Also prevents some tracking in the background, but that might eb covered by ublock already.
    • Cookie AutoDelete + I still don’t care about cookies: This combo silently suppresses all cookie pop-ups, allows them for the session and cleans up afterwards. This is different then disabling all cookies, and does not brake websites then rely on them while providing all privacy benefits.
    • Disable WebRTC: WebRTC can leak your IP address, but disabling it breaks eg. real-time video calls. This plugin is a simple toggle, only turn it on when you need to.

    If you are willing to do some fine tuning or accept broken sites, consider also:

    • noscript: Most privacy leaks happen because of Javascript, but disabling it basically makes the modern web unusable. noscript offers a middle ground to enable/disable javascript on a domain-by-domain basis. Can be annoying at times, but arguably the best way to defend yourself.
    • Canvas Blocker: WebGL powers most of the advanced visuals, and can read out a lot of data that is used for fingerprinting. This plugin can randomized requested data to protect you, but it also brakes sites in weird and unexpected ways. It’s powerful, but I rarely use it these days.

    And finally consider some obfuscation techniques to throw of the remaining trackers. Right now I only use one, and highly recommend it because of its effectiveness:

    • Font Fingerprint Defender: Using javascript, websites can read out the list of installed fonts on your device. Some programs install fonts in the background when opening a document with missing fonts, so this list is highly unique for each user and effective for tracking. The plugin throws is some noise, and causes automatic systems to detect you as a new unique user each time.

    All of this throws off the vast majority of trackers, and puts you in the top 0.1% of users. Yes, this also makes you kinda “unique”, because websites may notice the effort you put in to defend yourself. Bad idea if you try to hide from the government, you should be using TOR for that anyway, but great to signal companies that you are not worth the squeeze.

    Keep your head up bro. The situation is not as terrible as it may seem, but companies want you to believe that, so that you don’t even try.





  • itsmect@monero.towntoMemes@lemmy.mlLols
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    The more the better for security, the upper practical limit is golds inflation rate, the lower practical limit is the percentage of coins that become lost or inaccessible. That puts the viable range to 1.5-0.2%, roughly. To be clear, I’m not worried about bitcoins current rate, but rather that it will drop further and further.


  • itsmect@monero.towntoMemes@lemmy.mlLols
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    You are clearly knowledgeable about the things you’re talking and made a conscious decision. It seems like we agree that there is some risk, but you consider it insignificant while I it’s quite substantial. Only time will tell whose right.

    Monero’s inflation is not a percentage, but rather a fixed 0.6XMR per block. This mean as the supply grows, the inflation percentage will slowly go down, so there’s no exponential losses like with fiat inflation. Currently the 0.6XMR/block work out to 0.9% of the mcap, in the year 2100 it will be down to 0.5%: https://moneroj.net/tail_emission/ (<- great site btw, it has a few BTC diagrams as well). The tail emission was chosen so that it works out to be less inflation then gold, but high enough to have a decent security budget.


  • itsmect@monero.towntoMemes@lemmy.mlLols
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Bitcoins current budget is sufficient at about 1.6% (= 8B USD) annually. After next halfing it will be about 0.8%, similar to Monero’s budget. In 2032 it will be about 0.2%. If Bitcoins price doesn’t increase, the budget would only be 1B USD; if it does increase, a 4T mcap would be secured by still only secured by 8B. Either way, the more time passes, the easier Bitcoin becomes to attack. How much longer do you think bitcoin will last?

    The (original) selling point of crypto is that it can’t be manipulated, even by nations with practically unlimited power and funds. Side chains sacrifice some of the immutability for other aspects and are a at best workaround instead of solution. So far there is little evidence to show that transaction fees will one day make up for the loss in block rewards.

    The primary competitor to Monero is not Bitcoin, but gold, whose inflation sits at about 1.5%. Proponents of tail emission have long left bitcoin, and rather contribute to a project which aligns with their views. The remaining crowd will therefore be biased, don’t take their word as gospel.


  • itsmect@monero.towntoMemes@lemmy.mlLols
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    The security budget is total fiat denominated miner reward of the entire network. The higher it is, the the more resistant bitcoin becomes to 51% attacks.

    As you know, each halfing decreases the block reward, which is currently the largest part of the total miner reward. In order keep a steady security budget, the price and market cap has to double each time as well. But remember, the security budget stays constant, so an ever increasing amount is secured by a relatively lower share.

    Transaction fees make up the remaining tiny share, and I honestly don’t see it growing much. Because the higher this fee becomes, the more people will find ways to avoid it, and just keep it on exchanges, custodial solution or lightning. This reduces the decentralization , the primary feature of bitcoin, and thereby reduces it value proposition.

    All this can be side-stepped by having holders pay a small, program-ably guaranteed fee proportional to their holdings, which is then paid out to miners. Yes, this is similar to inflation, but as long as it is lower than fiat inflation I can be worth the trade off. Considering how cult like bitcoin holder are, I don’t think this is a change they are willing to make, at least not before it’s too late.