Soptik's recent activity

  1. Comment on Austrian government seeks to eliminate internet anonymity, with severe penalties in ~news

    Soptik Link
    HN discussion TheLocal.at DailyMail.co.uk Reddit thread On reddit, u/MoustacheAmbassadeur wrote:

    Users of online forums in Austria will have to provide operators with their true identities or risk fines that could run into the millions

    HN discussion

    TheLocal.at

    DailyMail.co.uk

    Reddit thread

    On reddit, u/MoustacheAmbassadeur wrote:

    I am from austria. This is your typical right wing nazi bullshit. Thats what you get if you vote like an idiot. But on the bright side, this violates too many constitutional laws, austria doesnt has a single constitution rather a ranking system where some laws have the rank of a constitution.

    It wont go through

    4 votes
  2. Comment on Facebook has updated their blog post about storing unencrypted passwords - they found more log files, and there are now millions of Instagram users impacted, not thousands as stated originally in ~tech

    Soptik Link Parent
    I don’t know, access tokens? Ok, I get it, no problem. But passwords? They can be accessed on like one or two places: login form and settings form (for example when changing passwords). If they...

    I don’t know, access tokens? Ok, I get it, no problem. But passwords? They can be accessed on like one or two places: login form and settings form (for example when changing passwords).

    If they logged all server traffic, than yes, it is probably unintentional, especially since I don’t see a way fb could profit from user passwords. (Well, they could sell them, as many people use one password for everything, but fb is hopefully not there yet and I still trust them with this).

    If they set up network-wide logging, than yes, I can believe it. But still. This is enourmous f-up, especially since this probably comes from multiple servers (either that or one instance was collecting the data for a very, very long time - which isn’t much better).

    To me it looks like some a/b testing with additional logging enabled, especially considering the amount of affected instagram accounts.

    1 vote
  3. Comment on Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent in ~tech

    Soptik Link Parent
    Exactly. People trust websites because “It’s on the internet, it’s official!” In our country, several hundred schools uses system (grades, timetable, ...) that is almost impossible to use on...

    Exactly. People trust websites because “It’s on the internet, it’s official!”

    In our country, several hundred schools uses system (grades, timetable, ...) that is almost impossible to use on mobile and has just awful UX. I made unofficial server (did you know that you can turn off certificate pinning on android by replacing a library in apk, thus allowing mitm?) that basically just offers better interface.

    And it blows my mind, why do people trust me? Why do they use some random 3rd party application? Why do they put their school password? I could collect the passwords and log into their account without any problem. I could get their grades, their real name, their address. Why do they trust me?

    Everything is encrypted and I don’t have keys, but most people don’t even know what that means. Or I could just simply lie and collect everything!

    3 votes
  4. Comment on Facebook has updated their blog post about storing unencrypted passwords - they found more log files, and there are now millions of Instagram users impacted, not thousands as stated originally in ~tech

    Soptik Link
    They’re joking right? There is no way someone may accidentally add something like login.php db.insert(request.postData); Do not tell me people so incompetent to overlook this will contain...

    They’re joking right? There is no way someone may accidentally add something like

    login.php
    
    db.insert(request.postData);
    

    Do not tell me people so incompetent to overlook this will contain passwords are employed by facebook. Do not tell me code review didn’t catch this.

    I’m now looking at this more like “Hey, what if we store user passwords somewhere hidden so first whistleblower don’t find this, but we cam still have access to user data in case they use E2E?”. It doesn’t make much sence to my why would they do this, as there isn’t that big gain IMO, but don’t tell me this is just inconpetence. Especially since they did it to Instagram users as well, thus it isn’t some long forgotten line in legacy code.

    5 votes
  5. Comment on Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent in ~tech

    Soptik Link Parent
    That's it, thanks! I think it was his', I think I read one of his comments mentioning this. But maybe I just mixed it up with someone else. Edit: You're right, in the comment he even mentions it...

    That's it, thanks!

    I think it was his', I think I read one of his comments mentioning this. But maybe I just mixed it up with someone else.

    Edit: You're right, in the comment he even mentions it isn't his :-)

    I think I was inspired, for this particular idea, by a manifesto I'd read. It talks about incorporating device-local AI to analyze the user's patterns and formulate personal suggestions, instead of sending the same data to corporate servers where it can be analyzed for ads.

    1 vote
  6. Comment on Former Mozilla exec: Google has sabotaged Firefox for years in ~tech

    Soptik Link Parent
    NewPipe is really great app. It allows me to listen to music in background and create playlists, so it basically replaced spotify for me. And it’s on F-Droid.

    NewPipe is really great app. It allows me to listen to music in background and create playlists, so it basically replaced spotify for me. And it’s on F-Droid.

    1 vote
  7. Comment on Former Mozilla exec: Google has sabotaged Firefox for years in ~tech

    Soptik Link Parent
    Yeah. There was a time that lasted at least two weeks, when I simply could not download anything from Drive. Firefox would end in redirect loop. I tried an empty profile with no extensions, config...

    Yeah. There was a time that lasted at least two weeks, when I simply could not download anything from Drive. Firefox would end in redirect loop. I tried an empty profile with no extensions, config changes, tracking protection. But still, I had to download Chromium, which of course worked flawlessly.

    Google strategy right now seems to be “You’re not using Chrome? Here are minor inconviniences that will break the servives for you so you have to download Chrome for the Web to work properly. Do you see, our browser is better!”

    I don’t know if it was intentional or if they just didn’t test for Firefox and didn’t care about it for several weeks, but it seems way too big bug to be accidental. And why they didn’t repair it for so long, I’d say downloading files from file sharing service is quite important.

    6 votes
  8. Comment on Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent in ~tech

    Soptik Link Parent
    Who posted his vision of this here? I remember a Tilderino sharing his/her website with pretty detailed system which wasn’t that different. He had a part there about the user himself being in...

    Who posted his vision of this here? I remember a Tilderino sharing his/her website with pretty detailed system which wasn’t that different. He had a part there about the user himself being in charge which applications can see which data a communicate with each other.

    It was really interesting, but I didn’t comment or bookmark it.

    1 vote
  9. Previous challenges It's time for another coding challenge! This challenge isn't mine, it's this challenge (year 5, season 3, challenge 3) by ČVUT FIKS. The task is to design a network...

    Previous challenges

    It's time for another coding challenge!

    This challenge isn't mine, it's this challenge (year 5, season 3, challenge 3) by ČVUT FIKS.

    The task is to design a network communication protocol. You're sending large amount of bits over the network. The problem is that network is not perfect and the message sometimes arrives corrupted. Design a network protocol, that will guarantee that the decoded message will be exactly same as the message that was encoded.

    MESSAGE => (encoding) => message corrupted => (decoding) => MESSAGE
    

    Corruption

    Transmitting the message might corrupt it and introduce errors. Each error in a message (there might be more than one error in a single message) will flip all following bits of the message.

    Example:

    011101 => 011|010
    

    (| is place where an error occured).

    There might be more than one error in a message, but there are some rules:

    • Minimum distance between two errors in a single message is k

    • Number of bits between two errors is always odd number

    According to these rules, describe a communication protocol, that will encode a message, and later decode message with errors.

    Bonus

    • Guarantee your protocol will work always - even when errors are as common as possible

    • Try to make the protocol as short as possible.

    7 votes
  10. Comment on Matrix.org data breach in ~comp

    Soptik (edited ) Link
    Here are all issues made by the hacker on matrix github. They are no longer accessible via normal means, but luckily internet archive has a copy. SSH Agent Forwarding 2FA is gud Signing keys in...
    18 votes
  11. Comment on Why vi rocks in ~comp

    Soptik (edited ) Link Parent
    I was learning vim for over a month and I can say, that while I use it while SSHing or editing config files, I’d never use it as IDE. When programming, VS Code is just superiour, easier and more...

    I was learning vim for over a month and I can say, that while I use it while SSHing or editing config files, I’d never use it as IDE. When programming, VS Code is just superiour, easier and more effective - because it was designed to be IDE.

    The thing where vim shines, is editing text.

    I had a class of about 200 properties, some of which were nested into other ones. I had to rewrite the class into scriptable format (with all the properties, data types and hiearchy being easy to parse by other developer). This would take me at least half an hour, and probably more by doing it by hand, with risk of typos and inconsistencies. But I just opened vim, defined like 4 or 5 macros (great thing, learn about it), and in less than 10 minutes, I was done.

    This is why I love vim. Mostly I don’t use it’s full power and it would be faster to use some normal gui editor. But when I do truly need it, it’s awesome.

    6 votes
  12. Comment on Technology is Heroin in ~tech

    Soptik Link Parent
    You have to download the .iso of the linux distribution you want. It’ll be in downloads section. I used Ubuntu as my first linux distribution, but I heard praise on Linux Mint as well, which...

    You have to download the .iso of the linux distribution you want. It’ll be in downloads section.

    I used Ubuntu as my first linux distribution, but I heard praise on Linux Mint as well, which should have more windows-like look.

    Google the name of the linux distribution you want and download the iso.

    Next, you need something to put the iso to your usb. I used Rufus, it’s free and always worked. You’ll find plenty of guides on this. This will erase all data on the usb!

    I used 8GB usb, but you should have no problem with 4GB and maybe even 2GB.

    After you have this, plug usb into your computer and reboot. You should be greeted by new OS menu, asking if you want to install it or if you want to try it. Select that you want to try it, and it should work right away.

    If you boot into windows when you plug in the usb, you’ll need to tell the computer to boot from usb instead. You’ll have to set it up in bios, you should find plenty of guides online.

    Few tips:

    If Linux feels slow, it’s most likely because you’re running it from usb. Linux is generally faster than Windows when installed.

    When you need to install something, use software center/store instead of installing it from the internet. This is one of the main differences to windows that you’ll notice. It’s easy to install and even easier to update your software.

    4 votes
  13. Comment on Do not bump topics from offtopic comments? in ~tildes

    Soptik Link Parent
    That are exactly my thoughts. It isn’t general/important enough to belong to a whole new topic, but it doesn’t quite belong to the old topic either, especially if it develops into deep topic title...

    That are exactly my thoughts. It isn’t general/important enough to belong to a whole new topic, but it doesn’t quite belong to the old topic either, especially if it develops into deep topic title discussion.

    Some kind of whisper comment (possibly applying to whole comment thread) would solve it.

    3 votes
  14. Comment on Do not bump topics from offtopic comments? in ~tildes

    Soptik Link Parent
    The activity sort works by sorting topics by last comment time. I suggest to leave out comments labeled as offtopic (and maybe noise as well). In practice, this would not prevent offtopic...

    The activity sort works by sorting topics by last comment time. I suggest to leave out comments labeled as offtopic (and maybe noise as well).

    In practice, this would not prevent offtopic discussion from bumping the topic, but it would reduce number of users who see the topic bumped. Especially if any comment in offtopic chain is left out from the activity sort.

    2 votes
  15. Comment on Do not bump topics from offtopic comments? in ~tildes

    Soptik Link Parent
    Here is the comment chain. It is about the post itself - for example about the title, or tags - and not about the topic. I’d say it’s anything that would fit more to ~tildes than to the topic itself.

    Here is the comment chain.

    It is about the post itself - for example about the title, or tags - and not about the topic. I’d say it’s anything that would fit more to ~tildes than to the topic itself.

    1 vote
  16. Comment on Do not bump topics from offtopic comments? in ~tildes

    Soptik Link Parent
    We already have comment tags. Everyone whose account is older than about a week gets to use them. People mark comments as exemplary, noise, offtopic, joke, or malice. So the tools are already here.

    We already have comment tags. Everyone whose account is older than about a week gets to use them. People mark comments as exemplary, noise, offtopic, joke, or malice. So the tools are already here.

    3 votes
  17. Should offtopic comments bump up topics? IMO, offtopic discussion is not “real” discussion. Seeing a topic at top with 7 new comments only to discover that all of it is offtopic, meta discussion,...

    Should offtopic comments bump up topics? IMO, offtopic discussion is not “real” discussion. Seeing a topic at top with 7 new comments only to discover that all of it is offtopic, meta discussion, is annoying and disappointing.

    As an example, there is one topic on the front page (don’t want to link it), that was bumped by the biggest offtopic discussion I’ve seen on Tildes so far. The discussion itself is not wrong, and is quite interesting, but it’s not about the post. The comment chain should IMO either be in it’s own topic, or not bump the topic up.

    10 votes
  18. Comment on Differentiating between comments collapsed via noise versus user-actioned & old collapses in ~tildes

    Soptik Link Parent
    When we first tried labels, they were all colored and displayed instantly. It however went horribly wrong and Deimos disabled them for long time until recently they were reenabled with silent...

    When we first tried labels, they were all colored and displayed instantly. It however went horribly wrong and Deimos disabled them for long time until recently they were reenabled with silent casting.

    The problem was that when a label was used on a comment, the comment actually gained a lot of visibility, because big colorful label was on a post, and that generally brings attention to it.

    It ended up with noise and especially joke comments getting much more visibility than other, unlabeled comments.

    6 votes