I learned it as well from this video. Some mouse movements seem to make the image patterns go away, in many cases even when you deleted cookies. I am not sure, if the site can decide to use a "higher security" captcha, which enforces clicking, though.
Google writes "i am not a robot", but actually means "i am not a simple piece of automated code, but a full featured webbrowser used with a mouse with realistic movement patterns". Probably some more advanced plugin for systems like selenium would do better than a robot arm, but a simple "curl" script won't fool google. That's the point. Their image puzzles are very repetative as well and a good machine learning algorithm should beat them soon. Its really about collecting some behaviour patterns inside the browser, not about robots.
Someone (i.e. a auto company) can create an open software, release a signed version and take the resposiblity (to a defined degree). If they don't, nobody actually needs to software, as you cannot use it without driving yourself, or your car is driving illegally.
If you now use this software, the liability is clear. When you start modifying it, it becomes interesting. Because either you have the full liability for the selfdriving part yourself (which probably means some accreditation to take liability, i.e. by having a reinsurance), or falling back to manual driving liability, which means you cannot legally do something you aren't allowed when driving without autopilot. The point is, that the accreditation is important, as the self driving part may harm other people, not just you. So you should really know what you're doing, why and have someone watching you. Another question is, are you only liable for things resulting from your modifications or for everything which happens with a modified version? Who can decide, if your part, another part or the whole package caused the accident?
This said, the open source is a great idea, while the normal person should not be allowed to run a system with (big?) modifications.
Another interesting consideration: Is a signed source enough? What if the accident happens because of a compiler bug? Does the compiler need a certification for building car firmware or does the firmware builder need to assert, that he checked the binary to have no bugs, which aren't visible from the source?
> Virtual machines are not a generic solution. Most people on this planet don't know or want to know what a virtual machine is. Also, machine that runs a virtual machine could be a target, not a VM itself. There is no attack vector.
It isn't like your windows actively attracts malware. you need to install it. If your browser is used inside a vm, the host isn't endangerd (modulo vm jailbreak bugs, but which malware really tries this?)
Microsoft creates a new gui, others copy it. Google creates a GUI, others copy it.
Have a look at kde for a prime example. Ugly Keramik GUI? Windows XP clone. Current too flat plasma design? Win 10... BUT kde has alternative themes. And that's important. GNOME copies from Android and iOS. Checkbox? Probably to small to hit on android. So we use a switch. On android you may slide it (who does it anyway?), on the pc its just stupid. The problem is, that the useless trend continues. Scrollbars? Make them tiny. Switch instead of checkbox? Hey, when it shows "off" in its middle, it doesn't mean moving the switch to off will set it to off. But to on. The indicator? Switching from gray to blue color. Erm... we know this concept... from checkboxes.
Of course. Trust is important, but you have little chance to actually build trust, except interpreting such signs. A long ToS tells, that they are more willing to cooperate with your enemies and avoid the problem, that you could sue them for not respecting your rights. And a ToS with clauses when they are allowed to monitor traffic are telling you, that they have the means to monitor traffic, while others state, that they do not have such tools prepared (meaning an admin would need to script some tcpdump himself, if they really need to get you). And sometimes you see an polical mission. Have a look at lavabit and how Levinson rather closed his company than handing out the TLS key. This is the spirit, you're looking for.
1) There are possiblities around this. Changing ports, using tcp instead of udp, and even some proprietary solutions, faking https and so on. 2) You do not neccesarily need to use openvpn. But if your provider doesn't offer openvpn, its no serious provider.
As a general rule: The shorter the better. If it says "we log nothing. Never.", you're pretty safe, because only law applies and they do not reserve further rights. If it says "we reserve the right to monitor, if we suspect abuse...", its up to them to define abuse and reasons why they might suspect it.
Other red flags are untrue claims (most secure of the world, unbreakable, stops ALL tracking (so? spyware, fingerprinting, etc.?)), technical incompetence (telling the connection after their exit node would be encrypted), scaremongering like "YOU ARE LIVING IN [your providers city], AND EVERYBODY CAN ACCESS YOUR DATA WITHOUT OUR VPN", free vpns (there is no such thing as a free lunch) and other things, which are too good to be true.
Looking at the android app is now another sign, which can help you to rate the vpn, even when you're not using android.
I guess no sane thief would sue anyway... but don't overdo it, they might finally think you're gone too far and have done more damage to them... not that they won't get into trouble, but when you do stupid things like "trying to destroy their life", it will probably backfire.
yandex seems to cover the web like most other search engines do. Maybe you encounter some russian censorship, but on the other hand russia doesn't care much about stuff like dmca notes *hinthinthint*
Results are quite good and seem to be a bit better than duckduckgo sometimes. Uses more fancy javascript, but has more fancy features as well and the same promise of no data collection.
For example i cannot upgrade to android 7, because Xposed is not ported yet and the developers writes, it gets more and more complicated to port it with each release. The Xprivacy (Xposed module) developer sounds similiar unmotivated. And without such stuff, you're xposed (pun intended) to the world of shitty apps, which transmit private stuff like your IMEI to their companies. The problem is, google has no open development process, where the ROM and mod developers could follow each commit and adapt their software, but releases a big bunch of changes with each release and until the custom ROMs adapted, there is already the next release out.
Your argument is about security, not what's permitted. You do not KNOW, if there is a keylogger, so you cannot be secure, if you're paranoid (possibly for a reason). But this does not mean, that the keylogger is legal, either. Indeed it isn't as you have the expectation of privacy when using a computer, where you were not warned, that your actions are monitored to the level of logging passwords.
Slashdot Mirror
I learned it as well from this video. Some mouse movements seem to make the image patterns go away, in many cases even when you deleted cookies. I am not sure, if the site can decide to use a "higher security" captcha, which enforces clicking, though.
Google writes "i am not a robot", but actually means "i am not a simple piece of automated code, but a full featured webbrowser used with a mouse with realistic movement patterns". Probably some more advanced plugin for systems like selenium would do better than a robot arm, but a simple "curl" script won't fool google. That's the point. Their image puzzles are very repetative as well and a good machine learning algorithm should beat them soon. Its really about collecting some behaviour patterns inside the browser, not about robots.
Hmmmm, brainzapping *drools* *ZAP* *ouch!* *ZAPouchZAPouchZAPZAPZAP*
It is about who declares to take responsiblity.
Someone (i.e. a auto company) can create an open software, release a signed version and take the resposiblity (to a defined degree). If they don't, nobody actually needs to software, as you cannot use it without driving yourself, or your car is driving illegally.
If you now use this software, the liability is clear. When you start modifying it, it becomes interesting. Because either you have the full liability for the selfdriving part yourself (which probably means some accreditation to take liability, i.e. by having a reinsurance), or falling back to manual driving liability, which means you cannot legally do something you aren't allowed when driving without autopilot.
The point is, that the accreditation is important, as the self driving part may harm other people, not just you. So you should really know what you're doing, why and have someone watching you.
Another question is, are you only liable for things resulting from your modifications or for everything which happens with a modified version? Who can decide, if your part, another part or the whole package caused the accident?
This said, the open source is a great idea, while the normal person should not be allowed to run a system with (big?) modifications.
Another interesting consideration: Is a signed source enough? What if the accident happens because of a compiler bug? Does the compiler need a certification for building car firmware or does the firmware builder need to assert, that he checked the binary to have no bugs, which aren't visible from the source?
no text
just stop visiting such sites. They do not deserve your visit.
you're new here, aren't you?
> Virtual machines are not a generic solution. Most people on this planet don't know or want to know what a virtual machine is. Also, machine that runs a virtual machine could be a target, not a VM itself.
There is no attack vector.
It isn't like your windows actively attracts malware. you need to install it. If your browser is used inside a vm, the host isn't endangerd (modulo vm jailbreak bugs, but which malware really tries this?)
And most people need antivirus, because brain 1.0 is not internet ready, yet.
Microsoft creates a new gui, others copy it. Google creates a GUI, others copy it.
Have a look at kde for a prime example. Ugly Keramik GUI? Windows XP clone. Current too flat plasma design? Win 10 ... ... we know this concept ... from checkboxes.
BUT kde has alternative themes. And that's important.
GNOME copies from Android and iOS. Checkbox? Probably to small to hit on android. So we use a switch. On android you may slide it (who does it anyway?), on the pc its just stupid.
The problem is, that the useless trend continues. Scrollbars? Make them tiny. Switch instead of checkbox? Hey, when it shows "off" in its middle, it doesn't mean moving the switch to off will set it to off. But to on. The indicator? Switching from gray to blue color. Erm
yep, because it was "paypal or amazon payments". But amazon payments are free for amazon. I guess.
amazon should mediate between the reseller and the customer. Why should it be the resellers risk, what payment methods the marketplace offers?
Of course. Trust is important, but you have little chance to actually build trust, except interpreting such signs. A long ToS tells, that they are more willing to cooperate with your enemies and avoid the problem, that you could sue them for not respecting your rights. And a ToS with clauses when they are allowed to monitor traffic are telling you, that they have the means to monitor traffic, while others state, that they do not have such tools prepared (meaning an admin would need to script some tcpdump himself, if they really need to get you).
And sometimes you see an polical mission. Have a look at lavabit and how Levinson rather closed his company than handing out the TLS key. This is the spirit, you're looking for.
20k is easy to hear for young people. Try 40k.
two things:
1) There are possiblities around this. Changing ports, using tcp instead of udp, and even some proprietary solutions, faking https and so on.
2) You do not neccesarily need to use openvpn. But if your provider doesn't offer openvpn, its no serious provider.
As a general rule: The shorter the better. If it says "we log nothing. Never.", you're pretty safe, because only law applies and they do not reserve further rights. If it says "we reserve the right to monitor, if we suspect abuse ...", its up to them to define abuse and reasons why they might suspect it.
Other red flags are untrue claims (most secure of the world, unbreakable, stops ALL tracking (so? spyware, fingerprinting, etc.?)), technical incompetence (telling the connection after their exit node would be encrypted), scaremongering like "YOU ARE LIVING IN [your providers city], AND EVERYBODY CAN ACCESS YOUR DATA WITHOUT OUR VPN", free vpns (there is no such thing as a free lunch) and other things, which are too good to be true.
Looking at the android app is now another sign, which can help you to rate the vpn, even when you're not using android.
Your mind does less operations per second.
I guess no sane thief would sue anyway ... but don't overdo it, they might finally think you're gone too far and have done more damage to them ... not that they won't get into trouble, but when you do stupid things like "trying to destroy their life", it will probably backfire.
yandex seems to cover the web like most other search engines do. Maybe you encounter some russian censorship, but on the other hand russia doesn't care much about stuff like dmca notes *hinthinthint*
I found qwant in my referer logs as well, because it got me visitors ;-).
But i have the hang to type "!g search term" in these search engines (which i use via urlbar shortcut anyway).
From the quality:
- Google
- Bing/Yandex
- qwant
- duckduckgo
For some terms ddg before qwant. Yandex and Bing are very good alternatives when google finds only the seo spam sites or big companies.
https://www.qwant.com/
Results are quite good and seem to be a bit better than duckduckgo sometimes. Uses more fancy javascript, but has more fancy features as well and the same promise of no data collection.
For example i cannot upgrade to android 7, because Xposed is not ported yet and the developers writes, it gets more and more complicated to port it with each release. The Xprivacy (Xposed module) developer sounds similiar unmotivated. And without such stuff, you're xposed (pun intended) to the world of shitty apps, which transmit private stuff like your IMEI to their companies.
The problem is, google has no open development process, where the ROM and mod developers could follow each commit and adapt their software, but releases a big bunch of changes with each release and until the custom ROMs adapted, there is already the next release out.
in a few million years, the table will be full again. And then nobody expected it, again.
Yep, take precautions. Write down your seldom used passphrases (and put the paper somewhere, where nobody finds it, not under your mousepad)
Your argument is about security, not what's permitted. You do not KNOW, if there is a keylogger, so you cannot be secure, if you're paranoid (possibly for a reason).
But this does not mean, that the keylogger is legal, either. Indeed it isn't as you have the expectation of privacy when using a computer, where you were not warned, that your actions are monitored to the level of logging passwords.