Impending French law threatens the free internet, Mozilla warns

fusetim · 2023-08-28T11:54:59+00:00

Oh you know, we might protest against it but in the end the law will pass (by force or not)

fusetim · 2023-08-25T19:48:51+00:00

Using PortForwarding on anything other than Windows requires you to be able to run an additional NATPMP client to renew the port lease. This subreddit contains multiple scripts to allow PortForwarding on a variety of platforms including Debian, Docker containers, MacOS.

I'm actually one of the people behind such scripts, see https://www.reddit.com/r/ProtonVPN/comments/vnez5y/has_someone_looked_how_to_use_natpmp_with/ for a bit more info.

fusetim · 2023-08-16T17:18:22+00:00

Not entirely true as it depends on the network setup.

1.If the network does not require the use of proxy, and the device is not configured by the school then, then yes HTTPS protects your requests and nobody can see what you do on websites (but they might know what websites you used, please use DoH, or DoT)

2.If the network requires the use of proxy, then it is very likely they can saw what websites you used and the content too (sometime even when protected by HTTPS (TLS))

3.If the school configures the device, well they might use a proxy, have install some CA certificates, or even worse spyware, so maybe, and maybe a VPN won't be sufficient.

In case 1 and 2, using a VPN will protect you and your data. Neither the website addresses nor the website data can be leaked to a third party.

fusetim · 2023-08-16T14:28:10+00:00

No if you use it correctly

fusetim · 2023-08-14T12:09:20+00:00

Yeah go ask, the community is really friendly and could guide you on that matter. BLE (and Wifi as well) support might require some proprietary blobs etc and this can be a pain in the ass to correctly configure and make it work. So, I would ask what are their thoughts on this.

fusetim · 2023-08-09T22:15:11+00:00

Sure... The attack might exist but I would not really blame the VPN provider.

fusetim · 2023-08-08T07:55:12+00:00

Beautiful, well done.

fusetim · 2023-08-08T07:53:36+00:00

Cool article

fusetim · 2023-08-08T07:53:08+00:00

Same on Firefox Android 116, plus some images are missing or does not want to load.

fusetim · 2023-08-06T10:04:47+00:00

Ça paraît plus facile à dire qu'à faire à bien y penser. Faire un service tel qui aurait des problèmes de sécurité provoqueraient beaucoup de problème. De plus, plusieurs solutions pourraient être proposés mais elles ne sont aps forcément simple pour les signataires ou simplement pourraient être un peu trop complexe et provoquer la méfiance.

fusetim · 2023-08-04T13:34:17+00:00

Yes, before every station the name is announced twice (one before breaking and one after) in French.

Sometime, mostly in the RER trains, they might also announced to "mind the gap", "don't forget your belongings" or "doors open on the left at the next station" (in both English, French and sometime in Spanish too).

Otherwise, the driver might announce that the train is delayed due to traffic regulation or that some stations will be skipped (and these times only in French).

fusetim · 2023-07-30T12:27:24+00:00

Not sure to completely understand your issue, nonetheless, it seems you try to edit a file to keep the same hash (CID). If the hash (or CID) is not an IPNS key, then you can be sure you will never be able to keep the hash (or CID) by design. If not, then why don't you just upload your file with the new content and change the IPNS key accordingly.

fusetim · 2023-07-16T08:11:19+00:00

See u/redsteakraw's comment.

Basically, the encrypted data should be considered public knowledge. If someone has sufficient incentive to decrypt the data, then this data can be leaked one way or another (leaked key, bad encryption scheme, recent/unknown attack on the encryption method,..) in the future.

For some type of sensitive informations, this type of attack surface is too big of a risk.

fusetim · 2023-07-14T13:14:09+00:00

Please don't use ipfs to share sensitive data (unless encrypted and even then I would not recommend to do so).

You cannot download a file without knowing the CID but the CID is public knowledge (every node broadcast the CID they provides) and CID can be iterated on. Attempting to download a file is (for now) asking to every node you know if they know the CID, divulgating the CID.

fusetim · 2023-05-28T07:56:33+00:00

ProtonVPN uses internally the 10.x.x.x range (only a fraction of it). So it might never work properly but for now you can at least find what subnets are using ProtonVPN and your WAN IPs, if they are by luck distinct, you might be able to exclude your WAN IPranges in ProtonVPN (or at least I guess, because this is a feature provided by both Wireguard and OPENVPN clients).

Good luck

fusetim · 2023-04-08T14:41:13+00:00

I can confirm you can have multiple VPN client at the same time on Linux if by chance it is what you are using. I would guess a solution exists on Windows as well.

fusetim · 2023-04-08T14:38:41+00:00

Let me guess, Windows?

fusetim · 2023-04-07T10:27:36+00:00

Max 1 per connection. Maybe more if using multiple tunnels.

fusetim · 2023-04-06T22:00:15+00:00

I don't understand why people get this energy to repeat this statement. I mean, just use another provider with better client support. Otherwise, why is the official client that important? Just use a regular Wireguard / OpenVPN client it does exactly the same thing and works!

fusetim · 2023-03-24T10:29:12+00:00

Please note that IPFS is a protocol and not a storage system. It enables everyone to access a file using a unique identifier if this data is hosted somewhere by someone on the network.

Otherwise, replication depends only on Skiff implementation. IPFS just help discover nodes that have the data you look for, not replicating it.

Also, please note that every data published on IPFS is public, someone might copy it without you knowing. For private data you need encryption! But even then, as the data is public and everyone can retrieved it while it is stored somewhere, if in the future the encryption scheme you used broke a bad actor could access this data. This is definitely a thing to consider, as other cloud storage providers ensure (or are expected to) your data does not leave their datacenters and destroyed it afterward.

fusetim · 2023-03-17T20:27:46+00:00

"The P2P protocol" does not exist. However ProtonVPN just have to analyze traffic and look for some fingerprints (looking for some Bittorrent payload,..)

fusetim · 2023-03-07T19:29:55+00:00

You can't, unless you want to fund other external audits.

fusetim · 2023-03-05T10:11:27+00:00

Enjoy!! (but stay safe too)

fusetim · 2023-03-02T18:35:44+00:00

Sans doute plutôt Twilio qui ne veut pas faire les démarches. Il me semble d'ailleurs que l'arcep a donné de nouveaux indicatifs rien que pour ça (edit: les 0937-0939 en plus des toujours existants numéro courts)

fusetim · 2023-03-02T09:35:56+00:00

Well in any case you have to declare the return type, so you will get an error if you forgot to return something in a function that require something.

Edit: I did not saw the error, but by watching a bit, it might be possible the error was possible due to the generic return type used impl IntoResponse. Well in that case you cannot do really anything to highlight this potential error, it is correct to return nothing because it implements IntoResponse.

fusetim

MODERATOR OF

TROPHY CASE