😳

Well, I don’t trust squids either, specifically ones that fly…

Yeah, unfortunately iPhones don’t have a option to ask each time a USB cable is plugged in (has to unlock first), which is a feature I love in macOS. You can turn on a feature disabling USB Data after an hour of not unlocking on iOS though, which I do.

Huh, you have a valid point. I haven’t tried it yet, but it probably doesn’t access/unencrypt too much more than the regular lock screen, given thats its just a glorified alarm clock with notifications. Ironically, some of the most private stuff (photos, notes) don’t have CompleteProtection, so that’s a current gaping vulnerability. And yes, if the FBI really wants your data, there are RAM reading tools for iPhone.

Here is a stackexchange thread about AFU/DFU/CP if you didn’t know.

deleted by creator

Buses are not required to have seatbelts because they have a far greater mass than a car, making it harder to, you know, fling people out of a window/into the seat in front of them when a crash occurs, which is what seatbelts are designed to prevent. Oh, and you really think a single bus driver can make 20-30 kids keep their seatbelts on during the ride to school? This is mission control, please come back to Earth.

Yes, it is metamorphical lol. Gorhill is the creator of both uBlock and uBlock Origin. However, he gave the uBlock github repo to another dev, who sold it to adblock plus. Do not download uBlock.

However, he did fork uBlock and continued to develop his own version, now named uBlock Origin. Do download uBlock Origin.

PSA: ublock.org is not related to uBlock Origin.

No, they were working on a solution a while ago, where a website would list what CA it used so you couldn’t get a random CA to issue a cert, but that effort was abandoned iirc.

Kinda ironic. I use CloudFlare’s own VPN (WARP/1.1.1.1) and I still get CAPTCHAs, arguably more than when I used proton.

The latest version of TLS (used in the latest version of HTTPS), 1.3, is very secure. Most websites these days support 1.3/128 bits, making it quite hard to crack. One major weakness of HTTPS is that, if a certificate authority is compromised, the hackers can issue certificates for ANY website, which browsers will accept as secure until the certificates are revoked/expired/CA removed from trusted list in browser. This loophole can also be exploited by nation states (forcing the CA to issue certificates).

If you are doing something really private, use something like Matrix (E2EE mode), Signal, or Telegram (E2EE DM).

TLDR: Modern HTTPS is incredibly secure, except there is a loophole that nation states and hackers can exploit if they compromise/gain control of an approved certificate authority. If you are doing something you really dont want anyone to find out (top secret files), use an encrypted service that does not rely on the TLS/SSL/HTTPS stack.

Oh, there was an effort to solve above loophole, I’m not sure if it got anywhere though.

Edit: the point of my comment is to state that HTTPS encryption isn’t necessarily weak, just the handshaking process has some problems.

Don’t quote me, but I remember someone they were interviewing on NPR say the system wasn’t activated because it was a tsunami warning system, which tells residents to go to higher ground, and in this case going to higher ground would be suicide.

The moon is a fourth the size of Earth. Even if we had the infrastructure and technology (spoiler, we don’t), we can’t even make a tiny tiny tiny tiny dent in the moon, at least in the next hundred years or so. Heck, nuking the moon with every nuke humanity has won’t even make a noticeable dent in the moon!

Nice cut, Memmy.