Til. Thanks.

I have never heard of an email provider that will hold your address for you forever, paid or free. This post makes no sense.

Restic is great, and the de-duplication between snapshots is amazingly good. Same content in different files (e.g. tar files of linux systems) take very little space like magic). Backrest is a nice web frontend for it.

Note that you should use some retention features of your provider to manage the risk of ransomware deleting your backups.

I think the strategy used the world-over, is to surveil everyone and build network graphs. You may work extremely hard to secure your device and communications, but the algorithms will build up a dossier on you based on all of the people you associate with who are less capable or motivated. Machine learning is insanely good at filling in missing data in an information rich dataset.

On the other hand, we live in a golden age of private, end-to-end encrypted communications tools. There are literally too many to list here. The problem is our end-points are extremely vulnerable to surveillance now.

Also, the PGP web of trust was a pretty terrible idea for anyone concerned about authoritarian governments. Especially “key parties” that network based on government IDs. They also barely worked in practice anyway. Web-key discovery actually has decent UX, despite being tied to a purchased domain rather than a drivers license. It works fine for people you don’t know, but know by their domain. For people you know, exchanging keys via QR code or verifying keys via some hash out of band has become standard.

I would be terrified of using a bluetooth mesh network in a situation where private, encrypted communications are illegal. That would be literally walking around transmitting your intent. It’s a great idea in a free country though.

In a dystopia, you want to blend in. Something like deltachat has the right idea there - you have to look like boring email on the network. Maybe even layer on stenography -sending boring emails with cat pictures, but your messages are hidden inside them.

Honestly, I would probably go with sneakernet. A microsd card can be hidden very easily, are difficult to detect electronically, transport virtually unlimited text, and be encrypted in-case the mule gets caught to prevent networks being exposed. The latency is just a necessary evil.

Usually these models are trained on past data, and then applied going forward. So whatever bias was in the past data will be used as a predictive variable. There are plenty of facial feature characteristics that correlate with race, and when the model picks those because the past data is racially biased (because of over-policing, lack of opportunity, poverty, etc), they will be in the model. Guaranteed. These models absolutely do not care that correlation != causation. They are correlation machines.

I cant imagine a model being trained like this /not/ end up encoding a bunch of features that correlate with race. It will find the white people, then reward its self as the group does statistically better.

That’s not the biggest disadvantage “if used properly.” Any account you have should get a passkey on every device you own. Each device has it’s own passkey system. If you have an iPhone, yeah, you get an apple passkey, but then if you have a windows laptop, you have a microsoft passkey, a FLOSS system will have it’s own, and so on. You are already on whatever system would contain the passkey and can easily add different ones each time you get a new device.

The biggest issue is that most people use a small number of devices (including many who use 1). Passkeys work best if you have many devices, so if you lose one, you just use another to access your services. If you have 1, you need to use recovery codes (and people don’t save them).

How many good passwords can you memorize? I can maintain 2-3 in my head long term, especially if only used rarely, and you can be phished if you are typing it in. Not tenable for online accounts. The only real comparison with security parity is a password manager + 2fa generated on-device, compared with passkeys. In both cases, you have “strong” password, no re-use, resiliency to fishing, and requires both “something you know and something you have.” I think a password manager is slightly more usable, but I’m not convinced either is a “good” experience yet.

We have had more outages in our corporate tech services in the last month than the last year before that. Between AWS, Azure, and Teams issues, it’s been crazy.

This comment prompted me to look for a picture of it. Nothing I can find, except in the background behind a baby picture of my now-in-university baby when I was apparently debugging the network connection:

There was a time when I had an old desktop packed full of spinning hard drives in my living room under a CRT television! Yes that works, but a NAS in the furnace room that is accessible from “smart TVs” and everyone’s mobile devices is pretty nice. No more fan noise either.

While true, neither backups nor checksums are exclusive to hosting anything.

Mainly just multi-device access.

Yeah, the whole “private banking” history thing the EFF seems to lionize in the article was 100% just for serving lucrative international robber barrons and other criminals. It was never about protecting regular citizens privacy.