You mean "copy the photos you have taken but you not want in your device if you would get checked on your way back out to a server in a hostile country " ?

99.99% if the normal tourists do not have a personal server to store their photos. They use a commercial cloud. By using your personal server, you behave differently from 99.99% of the tourists.

" Why do you keep your images to your personal server and not the cloud? What do you have to hide? "

HI, Thanks for the info (and also thanks to PoVog).

My experience with mqtt is limited. I once set up a ejabberd server to try it out. It works but -as I mainly interested in federated chat- it was not that interesting. There was a lot less traffic and the rooms that exist that had traffic had a big issue with moderation (i.e. spam content). The S/N ratio of the discussions was a lot less then on matrix or other platforms.

I also notice it was missing some features that are do are present in matrix, like the ability to edit messages. From how I understand it, the modulator nature of XMPP is a nice idea but as there is a large diversity on clients and the features they support, it does seems to come down to only the lowest common domininator to really work well.

As I have just set up a pi5 as my new selfhosting-server, I might give it a try again, and see how well the transports (like slidge as mention by PoVog) work.

Concerning the URL issue, as explained, it kind-of looks like a normal side-effect of the principle of server authentication. Alsom your use-case (one server, one client) it not the normal goal why chat-servers are build. Even in a non-federated use, you have multiple clients connecting to it. Cchanging the server hostname will impact all clients, so is probably a very rare scenario. I did see you use synapse. I do not know if you dendrite or conduit have the same behaviour.

perhaps a stupid question, but are there bridges for XMPP ? My impression is that XMPP is as good as empty (I do use it mainly as a federated service). Is there still a lot of active development on the XMPP side of things?

I do not understand your point with ‘you cannot change the URL’. If you use matrix as non-federated and just the only user, what is the problem that you need to change the URL when you need to set up a new server on a new URL? Not being able to change the server at the same URL seems like a logical concequence of authentication, be it for server-to-server communication as for client-to-server communication.

I think I read something about that but I do not know the details.

It fhat is true, that would be good news. Thanks for the info. 👍

deleted by creator

There was an example of an ethical hacker that bought up old email-domain names of police offices, city councils (name of city changed due to Mercer) and so on. He received quit a few mails with quite sensitive data.

I run a small setup on a seperate server segment (2nd router behind my main router) so it is on the internet. I run nextcloud, an dendrite and conduit instance (matrix chat-server servers), a mastodon and go-to-social instance (fediverse), bitwarden (password manager), and others.

If there is a service that you do not want to be publically accessable by everybody but you do want to access from everywhere on the internet yourself, check out client-side TLS (https) certificates. The server does is accessable from the internet put only people who have a TLS certificate on their client signed by you can access it. For services that do not require incoming connections from other machines (e.g. nextcloud, bitwarden, … but no federated services like matrix-chat or the fediverse) that is a very good option to protect your servers.

interesting advice. Thanks!

I do not see that as phone-usage, I’m doing an experiment to see how easy / difficult it is to revert the “i need to know the time, so I grab my phone” reflex back to “I need to know the time, so I look at my wrist”.

I’m currently reading some books on how easy it is to manipulate peoples behaviour using ‘nudging’, this to better understand the social engineering tricks used by hackers.

An chapter in one of these books in how social media use tricks to manupale our behaviour that resemble the tricks used by the gambling industry.

One of the things I find intriging is the size of a smartphones today. If you look at it objectively, they are actually so large that most people would consider it to be annoyting: you have to carry it in a bag, in a pocket of your pants -but you have to take your phone out when you want sit-, or …you carry it in your hands. Have you noticed how many people have their smartphone in their hand when they walk around? But, of course, if you have something in your hand, it is very easy to open it quickly check your notifications; which reinforces the addiction.

So, that’s the thing. People do not find it annoying.

So … as an experiment, I am trying out how easy / difficult it is to break the habbit.

A small sidenote when (or if) I manage to get my garmin vivosmart HR charges, it does rapport activity per week, number of steps and number of floors I went up on foot per day, even without a smartphone app. So that’s at least something :-)

One of the reasons I am looking for a new sportswatch is because I try to reduce my smartphone use and I noticed that I actually took out my smartphone just to check the time.

I have an old garmin vivosmart HR but I do have a problem with the charging cable. Plus I am not able to download the healthstats with my linux ‘daily driver’ laptop.

Perhaps I should just get a cheap regular watch somewhere? 🤔

I don’t. I thought the emoji would have made that clear.

I have been doing cybersecurity awareness lately. We are starting to get over the furst hurdle: make people see the signatures of phishing message. But now we are starting with the 2nd hurdle: make people understand that when they write a genuine post, they should avoid these signatures of phishing, in this case, the “time pressure” argument.

The problem is that the more genuine messages have phising signatures, to more difficult it becomes for people to distinguish a genuine posts from phishing. There is also the risk that you genuine posts will get noted as fake (although that is clearly not the case here :-) )

ah … currently not available :-/

ah. That looks very interesting. And they have a show here in the EU, and it seems to work with gadgetbridge (thx Lambda RX :-))

Thanks!

my daily driver is a ubuntu laptop so I was first thinking about that, but now that you mention a mobile app, …yes. that would be nice too.

thanks for the food for thought :-)

A URL ‘Free up to some-end-date’. ???

Phishing link? 🤔

One of the basic elements of a democracy are three branches. In fact, democracy is an inherent instable system where these three branches must keep eachother in check. A natural concequence thereof is that every one of these three branches has the right to conduct and lead investigations.

That the courts can act proactive or reactive is more a cultural element then a core element of democracy. There are quite some countries where judges are part of the investigative process and can unilateral.

As Brazil, as a number of other countries in Latin America, has been in the situation in the past that both the gouvernement and the parlement are controlled by people with a … euh … not so good reputation on their democratic values, a judicial branch that acts in a more proactive manner should not be that IMHO unexptected.

Here there are two issues: free speech and the judicial system in Brasil. I’ll reply to the later in a different mail.

The freedom of speech is the result of democracy. No democracy, no freedom of speech. It is also inherent part of the democractic process.

On the other hand, it is not the only element of a democracy. and it can also be used against these other elements?

My question to you: can you use a fundamental freedom, granted to you by the fact you line in a democracy, to attack democracy?

Big international companies have no problem to create pseudo “national” versions of services if they can make more money with it.

So there should not be a problem for the social media companies to create versions that meets local legislation.

If you create a product and want to sell it in a certain market, you must also adhere to the laws of that country/region.

Protection of citizens against unjust ruling by a court is a protection-principle of democrary.

Why would you grant such a protection to an organisation aimed to destroy democracy (X/twitter)?

Hi,

Just to put things into perspective.

Well, this example dates from some years ago, before LLMs and ChatGPT. But I agree that the principle is the same. (an that was exactly my point).

If you analyse this. The error the person made was that he assumed an arduino to be like a PC, … while it is not. An arduino is a microcontroller. The difference is that a microcontroller has resources that are limited: pins, hardware interrups, timers, … An addition, pins can be reconfigured for different functions (GPIO, UART, SPI, I2C, PWM, …) Also, a microcontroller of the arduino-class does not run a RTOS, so is coded in “baremetal”. And as there is no operating-system that does resource-management for you, you have to do it the application.

And that was the problem: Although resource-management is responsability of the application-programmer, the arduino environment has largly pushed that off the libraries. The libraries configure the ports in the correct mode, set up timers and interrupts, configure I/O devices, …And in the end, this is where things went wrong. So, in essence, what happened is the programmer made assumption based on the illusion created by the libraries: writing application on arduino is just like using a library on a unix-box. (which is not correct)

That is why I have become carefull to promote tools that make things to easy, that are to good at hiding the complexity of things. Unless they are really dummy-proof after years and decades of use, you have to be very carefull not to create assumptions that are simply not true.

I am not saying LLMs are by definition bad. I am just careful about the assumptions they can create.