/tech/ - Technology

So apparently big publishers want to kill the internet archive again.

They accuse I.A. of having done a copywrong by lending out books. I won't bore you with the legal technicalities because i think it's just a pretext for publishers trying to kill a library because it's a cartel that wants a monopoly.

I think the lessons here are if you pay these people money, they're going to use it to attack nice things like the Internet Archive, and "copy-right" is nothing but a heinous weapon.

People who build archives to preserve the memory of the past are like really rare flowers, it's an incomprehensible act of barbarism to try to burn down their archives.

https://blog.archive.org/2023/03/25/the-fight-continues/

Hexbear and Lemmygrad are now federated

Does anyone use Windows 10 Ameliorated/AME edition?

https://ameliorated.info/

so i'm motivated to planing to create a archive for threads and websites. thread and web writings that are important enough, have quality, and or can be used to counter western media and history naratives.

the archive i want to create for the threads is different from things like internet archive or things like that because i want to actually save all the file that is uploaded unlike regular archive where not every file and many that are uploaded in the thread were not saved in the archive.

if i can i want to make a website for this but i do not have any experience about creating website and coding nor can i do it. i also have special-ed mental that make me unable to learn coding like normal people so its hard.

my main plan is to use httrack and use every file format list from wikipedia and other websites, then copy that list to httrack file format selection thing

i want help from every people here, so if you can please send something

I'll start with a few examples:

>Proprietary Software can be secure
This is a slight of hand. In theory proprietary Software can of course be secure, but in praxis there is no way for you to find out which proprietary software is or isn't secure. So from the perspective of the user proprietary software can't be considered secure because there's no reliable way to tell.

>Proprietary Software is harder to hack because the source-code isn't open
This is a security by obscurity fallacy, that for some inexplicable reason is still in circulation. Exploitable software bugs are usually found by examining the behavior of executable binaries not the source code.

>Open source is secure
Not by default, there is no automatic security-magic in publishing code on git-hub/lab. However open-sourcing code means that it can be subjected to broad public scrutiny and hence it becomes possible for the users to know which software is or isn't secure.

>Security and privacy are not the same
This fallacy is widely parroted even by the security community. You, the human is a part of your computer security, without privacy, attackers can potentially learn enough about you to figure out psychological hacks to compromise your computer security by tricking you.

>Unbreakable cryptography
This is usually wrong in praxis because it doesn't factor in that most people will give up their cypher-key after the "low-tech-biological-deciphering-algorithm" broke their pinky-finger. Cryptography can only be considered secure if the encrypted-data-vault is obfuscated as random bits on a storage medium so that the existence of the encrypted data can be denied.

New attack on privacy is taking on a hole new dimension.

https://invidious.protokolla.fi/watch?v=BAiQnq6h6ao
https://www.youtube.com/watch?v=wKegmu0V75s
TLTW:The US congress has proposed a law that would require rc-drone pilots to broadcast the location of their rc-drone and their own location.

Never mind the drone stuff, this would be a precedent of mandating a tracking beacon that broadcasts your location. Such a mandate so far only exists for convicted criminals that have to wear a tracking ankle-monitor.

I think this is so egregious, that surveillance has to be re-categorized as a form of attack or assault. We ought to grant people a right to self-defense to preserve their privacy, analogous to the right to self defense against physical attacks. People should be granted the right to use very assertive measures to protect their privacy. (Going beyond the current passive defense of privacy)

Obviously privacy means the absence of surveillance

So the EU wants to introduce software regulations (Cyber Resilience Act) that is probably going to harm FOSS pretty badly.

The politically stated goal is improving software security. However it's not likely going to achieve this, they are introducing costly security certification. Which to me appears more like a scheme to pay somebody to take responsibility, rather than actually improving engineering quality. It might also have a psychological factor like a secular version of asking a priest to bless your technology. And it kinda looks like a anti-competitive regulatory burden that favors large firms over smaller ones. It is unclear to me whether or not there is malicious intent behind this or not.

This process might make sense for large corporate software monopoly dinosaurs that still do proprietary release dumps. This legislation will probably give an unfair advantage to those business models. The irony here is of course that proprietary software lacks the openness that would allow for public code auditing, which is a vital part of modern software security. Proprietary trust me bro security/obscurity is low quality and a bit anachronistic at this point. The net-effect of favoring this could be decreased software security.

If you listen to the FOSS advocates they want to have exemptions for open-source so the C.R.A. would not undermine FOSS projects. This is reasonable because at least it wouldn't make anything worse. The security praxis of infrastructure relevant FOSS project has improved a lot in recent years and is comparably decent atm.

What would actually improve software security in the FOSS world is more code audits, you could have an EU wide census about which software is commercially deployed and then prioritize funding security-bug-bounty programs that specifically target these. This scheme is effective because the cyber-espionage-agencies do exactly that for their weaponized software exploit acquisitions. I don't understand why they wouldn't copy what already works.

I think that if they don't fix this it will lead to walling FOSS out of the EU, with the resulting brain-drain from FOSS projects looking for regulatory environments that aren't hostile.

more detailed information here:
https://news.apache.org/foundation/entry/save-open-sourcePost too long. Click here to view the full text.

FOSS will give Tesla a run for its money. It works with many newish (2018 onwards) cars. The hardware costs $1k versus $10k+ for Tesla autopilot.
https://github.com/commaai/openpilot/wiki

I made a wiki about unretarding technology and society. What do you think? https://www.tastyfish.cz/lrs/main.html

Discuss