Depends on how repressive.

Often your main method of staying safe is appearing harmless.

You can find dedicated Mastodon and lemmy hosts more receptive to VPN users.

Anonymous use is hard due to stuff like timing attacks and writing style recognition, etc, especially if you post publicly. You want to mimic another style, for example. And create plausible deniability around timings (like say scheduled posts)

Brain: 0%

Could be that you loaded an incomplete set the second time…? 🤷

Could be a UEFI bug in the VM itself;

https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Using_your_own_keys

Could also be that you didn’t sign your boot image since that command seems to load the secure boot signing key into the UEFI firmware, if you cleared other signing keys then potentially no code can load. You would have to load the keys for whatever UEFI firmware vendor is used (presumably that made by the VM software maker) or sign it yourself, etc.

I run a cryptography forum, I know what it is.

Why use this for a hash?

Why would that be used for hashes? Don’t see the point

Big mlem

It’s a Stargate Universe plot, even

You need any type of review and scoring mechanism to show the source of reviews.

Most of those things would only be possible by hiding them in a system update

It’s possible but complicated.

Since apps have access to the TPM API they can encrypt their own data in such a way that only the app’s own authorized processes can retrieve the decryption key from the TPM chip

There’s measures they could use in theory, but if you switch keyboard app away from Google’s and set private text mode, enable screenshot protection, etc, then you should be good.

Surprise trinary!

For sites you visit occasionally, it’s better to enable tab isolation (use the containers feature) and then enable JS only for that domain (note the difference between allowing JS from that domain in any tab, vs only allowing that tab with that domain to use JS, you should do the latter)

https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/

If you’re switching to a different browser you may as well use the same browser but a second clean profile and use private tabs so it doesn’t retain history. Using private tabs in your main browser profile does also help but isn’t perfect because there’s still some metadata leaks occasionally.

Using a different browser could ironically make you easier to track - how unique you are is the main signal used to track you (user agent, OS, language, etc), and going for an even more rare config will help their tracking even if you delete session cookies. Especially if they have a tracker across multiple domains you visit from different browsers from the same IP, with similar device fingerprinting results across browsers. That’s a strong signal those sessions are linked. You want to NOT stand out to maintain your privacy.

deleted by creator

Telegram has been under fire from the start, lol. 'we have math PhDs" 🤷

There’s also a big difference between published specifications and threat models for the encryption which professionals can investigate in the code delivered to users, versus no published security information at all with pure reverse engineering as the only option

Apple at least has public specifications. Experts can dig into it and compare against the specs, which is far easier than digging into that kind of code blindly. The spec describes what it does when and why, so you don’t have to figure that out through reverse engineering, instead you can focus on looking for discrepancies

Proper open source with deterministic builds would be even better, but we aren’t getting that out of Apple. Specs is the next best thing.

BTW, plugging our cryptography community: !crypto@infosec.pub

Looks like the same dev from reddit

https://www.reddit.com/r/crypto/comments/1iumxl3/how_far_can_i_push_closesource_code_towards_being/

Ah yes, the classical “only their actions matters” response that all racists use

Don’t worry, they’re still abusing minorities in their own territory