Jerry

Warning to new tutamail users, your account could be temporary

I made my first and only account with tutamail and within 48 hours it was disabled due to abuse. It really bothered me because I had forwarded now deleted emails for storage, updated many accounts including my doctors with the new tuta email. The next time I try to login it tells me that my password is wrong or can't login. I...

Jerry , 15 days ago

This is definitely the best protection. If the provider drops you, you move your domain to another provider. But, as far as I know, while almost all email providers will host your personal domain, none that I know of will do it on the free plans. But your email is your identity. You should be willing to pay for it, especially if you host it on a provider that otherwise won't make any money on you.

There are a couple of downsides. If you forget, or are unable, to renew your domain, you lose it and your emails. Make sure another family member or friend can pay the renewal for you if, for some reason, you cannot.

While your own domain makes it far less likely that your email will be canceled (because you can move it), abuse of your domain can result in your losing your domain name and your email, especially before it has earned a reputation.

Which brings up another IMPORTANT point. If you use your own domain name, then you must set up your DNS records to protect your domain from spoofers and spammers so it doesn't get blacklisted or, worse, doesn't cause cancellation of your domain name. Scammers and spammers WILL try to send email using your domain name. You need to tell email clients to toss these rogue emails and give them the means to determine spoofing and unauthorized use. Read this: https://www.valimail.com/blog/dmarc-dkim-spf-explained/

Also, be aware that SpamAssassin considers .com, .net, and .org TLDs to be far safer than .world, .online, .blog, and most others. Using one of these newer TLDs results in a higher spam score, and your email is more likely to end up in the spam folder if it reaches the magic score of 5. A new age TLD can add as much as 1 point to the spam calculation depending on the email provider receiving your email.

So your own domain name is safer but costs money and requires more work.

Small or medium-sized Mastodon instances?

I'm looking to move to a new Mastodon instance, away from Mastodon.social. I don't have any problems with .social, but I kinda want to keep things decentralized in the Fediverse, and I want to start fresh with a new account regardless....

Jerry , 20 days ago

https://hear-me.social is one possibility. It has the added benefit of a 12,000-character posting size as well, especially nice if the 500-character limit at .social was frustrating.

TIL that in 1820 some 20,000 pigs roamed NYC to clean up the streets ( www.nypl.org )

Early New Yorkers tossed garbage into the street or into one of the rivers. The city stunk. In the absence of organized waste disposal, pigs played an important role in reducing (and reusing and recycling) trash in the city....

Jerry OP , 23 days ago

They did eat them. That was part of the cycle.

https://backstory.newamericanhistory.org/episodes/another-mans-treasure/3/#:~:text=The%20pigs,literal%20violence.

startpage.com blocking VPN?

edit: I changed my location and that seems to have worked for now. still a strange thing that it was localhost and not "site blocked" or something if my location was the issue. my VPN (ExpressVPN) was set to NJ. I switched to Toronto. ___ 🤷...

ALT

Jerry , 28 days ago

Deleted by author

Jerry , 28 days ago

I deleted what I wrote before. If it federated, ignore it.

Your browser is trying to find startpage.com on your local machine instead of the Internet.

While on the VPN, open a command window and ping startpage.com. Does it return localhost or the real IP address? If it returns the real IP address, then the problem is related to the browser. Try another browser to see if it's Vivaldi-related.

If it returns localhost then maybe it's a setting in protonVPN?

This is strange. Just try to find clues.

[Thread, post or comment was deleted by the author]

Jerry , 28 days ago

I'd ask for a refund.

Is Pixelfed sawing off the branch that the Fediverse is sitting on? ( ploum.net )

Jerry , 1 month ago

I read the post and understood the problem. Then I read Dan's reply. And he's fixing it. In fact, he's fixing it in the exact way the blog post says it should be fixed, "... but those filters should be manually triggered and always removable."

Here's Dan's reply:

"... I hear the community: you want text-only posts. We are going to build this as an opt-in feature. If you want microblogging, turn it on. If you prefer the classic media-only experience, nothing changes."

Why was this blog post even written then? Now it's seeming to be personal.

Looking for a PeerTube instance that actually accepts new users

I have been trying to find a PeerTube instance so I can upload music my son's band performs....

Jerry , 1 month ago

my-sunshine.video is one with no restrictions and has open registration. Don't know about others.

My Mastodon instance refuses to federate with a specific instance, and nobody seems to know why.

I originally signed up to mastodonapp.uk. Now that I'm attempting to get m.dollha.us running, I'm looking to pull my account from the former and move it to the latter. Easier said than done, though, because I cannot, for the life of me, seem to get my instance to federate with that instance. I have tried leaving it for a week or...

Jerry , 2 months ago

A relay, as in the Mastodon relay feature? As in Administration->Relays? If so, does mastodonapp.uk have an active relay? It can't be used to connect to just any Mastodon server. It has to connect to a special relay server.

Not sure whether this is helpful.

Jerry , 2 months ago

Yes, it claims to proxy the traffic, but then you have to connect to the fedibuzz relay server.

It sounded from the post that there was an attempt to directly connect to a Mastodon server through the relay connection, which won't work.

HELP! Migrating to a new Mastodon account. I tried both without the @ at the start & with. Either way, it doesn't work. What am I doing wrong?

Jerry , 2 months ago

I just searched for @ ItsGloria @ vivaldi.net on my Mastodon instance and everything appears good. It tells me that you switched your account to Glor.

Have you since resolved the issue then?

Jerry , 2 months ago

Dumb question. Are you sure the "I" after the @ in ItsGloria is an upper case I (eye) and not a lower case l (L)?

I'd really like to kick the idiot who created a font where both are identical.

Jerry , 2 months ago

Seems like a defect to me. Maybe if you write to @Gargron or @ClearlyClaire, they might help if they see your message.

Could somebody recommend me a reliable and safe email service to use instead of Google and Microsoft ones?

Jerry , 2 months ago

Proton Mail, Tuta mail, runbox.com, to name three.

TIL the guillotine was named after a man who neither invented it nor believed in the death penalty

TIL the guillotine was named after a man who neither invented it nor believed in the death penalty....

TIL the Guillotine was named after a man who neither invented it nor believed in the death penalty

TIL the guillotine was named after a man who neither invented it nor believed in the death penalty....

Jerry OP , 3 months ago

Thanks! I've tried editing it.

HUGE tip for extra privacy for android

On F-Droid and Droid-ify there is a very useful app called MockTraffic (all one word). This will increase your privacy by protecting you from ISP web traffic analysis. It does this by generating fake DNS and HTTP request....

Jerry , 3 months ago

I see so much wrong in these claims.

1. Anyone analyzing your traffic is not just doing so based on DNS queries. They use Deep Packet Inspection (DPI) and they track packets across the Internet to find out what you're doing. A fake request won't fool them.
2. Similarly, they use machine learning and behavioral analysis, which won't be fooled either by a bunch of DNS queries.
3. The increased noise could be detected as malicious activity, like a DDOS attack. You can find yourself rate limited, and your network performance can drop substantially.
4. If the fake requests are real websites, your IP address can become associated with a wider range of interests, leading to more targeted advertising.
5. Instead of using a simpleton's approach that won't work, use real protection. Use a paid-for VPN, or at least a reputable free one (not many) with built-in ad and tracker blocking to bypass your ISP.

**The App sounds fishy, actually. ** Many apps come out claiming to provide some unique security, and they eventually turn rogue and start stealing information. This one sounds ripe to go rogue, especially since it can't make it into the standard store. I expect to read about MockTraffic someday being caught stealing information.

I wouldn't go near it.

Jerry , 3 months ago

You have to trust someone. There's no way around this. But trusting some app written by some unknown person that has nobody overseeing it is probably the worst place to put your trust.

So, decide. You either trust some unknown app developer, your ISP, or a VPN provider. You must choose one. Which one do you choose? Choosing none means you are off the Internet.

I have more trust in Proton VPN, Mullvad VPN, Mozilla VPN, and some other reputable VPN providers than I do in my ISP, some cheap VPN run by unknown people, or some app making crazy claims. I strongly doubt that a reputable VPN provider is doing any tracking of user traffic. But I bet MockTraffic is telling someone all the websites you're visiting.

I think if you are worried about your traffic being tracked, you are safest with a reputable VPN provider.

Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting?

Curious to know what the experiences are for those who are sticking to bare metal. Would like to better understand what keeps such admins from migrating to containers, Docker, Podman, Virtual Machines, etc. What keeps you on bare metal in 2025?

Jerry , 4 months ago

Depends on the application for me. For Mastodon, I want to allow 12K character posts, more than 4 poll question choices, and custom themes. Can't do it with Docker containers. For Peertube, Mobilizon, and Peertube, I use Docker containers.

We have lost Guppe groups ( github.com )

More info on Guppe itself

Jerry , 4 months ago

I see good points in this comment, even if the analogy of their being like hashtags might be a little off.

gup.pe groups have a 1-word description. Most of them I've been unable to assign a topic to because I didn't know what the word means or it has ambiguous meanings. Most have no posts. So they land in the "unknown" topic.

I always wondered what I would do if someone started posting porn or hate to them. It would be a nightmare. I'd just have to block the group, I suppose.

Frankly, instead of someone creating a gup.pe-like group, I think they ought to create a community in PieFed, MBIN, or Lemmy. gup.pe was an early experiment when there wasn't a threadiverse.

I'm fine without gup.pe or gup.pe replacements.

AI hacking. Downloading images can allow your computer to be hijacked

Rule 1: Don't ever use an agentic browser (one that an AI can control)....

My Pixel 10 warned me 8 times in 30-minutes that there was a rogue connection made. Deeply concerning

I have a #Pixel 10 Pro XL phone, which may be the first phone to give warnings when the phone connects to a rogue cellphone tower or IMSI catcher. The OS cannot block it; it can only tell you that someone read information, and it presents an alert. It says,...

Jerry OP , 4 months ago

It's a new feature in Android 16, but older phones don't have the hardware to support it.

Jerry OP , 4 months ago

According to the documentation, turning off 2G will not block emergency calls. But, yeah, having said this, definitely, it's best to remember how to switch it back on, just in case.

Jerry OP , 4 months ago

My understanding is that the phone requires a modem that supports version 3.0 of Android's IRadio hardware abstraction layer (HAL). Older phone's modems do not support version 3.0.

Jerry OP , 4 months ago

A cell phone repeater is a passive device. It just extends the range of an existing signal. They don't act as cell towers. They don't read information from the phone.

Jerry OP , 4 months ago

In the U.S. it's illegal to do anything that would interfere with these devices because it also cuts off emergency services. Sort of like using a hospital to store weapons during a war?

Jerry OP , 4 months ago

I think T-Mobile still has 2G service in some parts of the U.S. https://www.androidpolice.com/t-mobile-2g-network-is-still-active/

Jerry OP , 4 months ago

They can triangulate from the 8 readings that they did and know my location. They also know it's T-Mobile and they can subpoena T-Mobile and Google to get the information (the IMSI code will identify the dealer) to identify who bought the phone and what phone account pays for the service.

Jerry OP , 4 months ago

Seems to depend on what you read: https://godarkbags.com/blogs/news/imsi-catchers-the-hidden-threat-to-your-mobile-privacy-and-how-to-stop-them

Quote:

Can I Be Tracked With My Phone Off?

Yes, even when your phone is turned off, it’s not entirely inactive. The radio system, controlled by a separate subsystem called Baseband, can still transmit signals. This design allows for features like remote device tracking but also means that simply turning off your phone doesn't protect you from IMSI catchers. Using a Faraday bag completely isolates your device from any external signals, providing robust protection.

The most effective defense against these threats is to block the signals that IMSI catchers rely on. This is where Faraday bags come into play. These specially designed bags create a barrier that prevents radio waves from reaching your device, effectively neutralizing IMSI catchers and other surveillance tools.

Jerry OP , 4 months ago

It doesn't mean they are wrong. Anyway, here:

"Based on documents leaked by Edward Snowden, the National Security Agency (NSA)
had already developed a technique in 2004 to locate cell phones even when they were turned off,
called “The Find”, mostly used to locate terrorist suspects [36]. This was accomplished through
the use of IMSI catchers, which could wirelessly send a command to the phone’s baseband chip to
fake any shutdown and stay on [37]. The phone could then be instructed to keep just the
microphone on, in order to eavesdrop on conversations, or periodically send location pings. The
only hint that the phone was still on was if it continued to feel warm even though it had been shut
off, suggesting that the baseband processor was still running. IMSI catchers used by London’s
Metropolitan Police are also reportedly able to shut down targeted phones remotely [38]."

https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf

Jerry OP , 4 months ago

Edward Snowden claims the NSA knows how to do it.

https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf

18+ thenexusofprivacy , 5 months ago to Fediverse

There's a lot of discussion of Mississippi's age verification law for social media today, after Bluesky announced they're blocking the state.

Note that Mississippi's requirements go far beyond the Online Safety Act, MIssissippi's law, HB 1126, requires age verification for all users, and parental consent for users under 18., no matter what the content of the site is. Last week the US Supreme Court declined to block the law while it's being challenged in the courts, even though Kavanaugh described it as "likely unconstitutional".

The law clearly should be found unconstitutional - the amicus brief from @CenDemTech, @eff et al discusses why. Still, with the current Supreme Court, who knows; they just the (somewhat narrower) Texas age verification law also should have been found unconstitutional, but SCOTUS said it was okay. So who knows. And of course this is exactly the kind of chilling effect they're aiming for, which is why it's so disappointing that SCOTUS didn't block its enforcement until the case is heard.

As far as I know there isn't any guidance yet for people running fedi instances (or message boards, which are also covered). If you're running a US-based fedi instance, it's might well be worth talking to your lawyer about this. Here's the legislation, and here's the langauge from Section 4 (1)

"A digital service provider may not enter into an agreement with a person to create an account with a digital service unless the person has registered the person's age with the digital service provider. A digital service provider shall make commercially reasonable efforts to verify the age of the person creating an account with a level of certainty appropriate to the risks that arise from the information management practices of the digital service provider."

Fediverse @fediversenews

#fediverse #mississippi #ageVerification

Jerry , 5 months ago

I'm exhausted with all this. And it's not my fight. The fight belongs to the people of Mississippi. They elected their "leaders."

Until I know for sure that I am not on the hook to pay a $10K penalty for each person on my servers, I've blocked all Mississippi IP addresses from logging in and registering on my Mastodon, Piefed, and Friendica servers.

Wyoming will probably be next.

Jerry , 5 months ago

Why is this post NSFW???

Jerry , 5 months ago

On feddit.online I block both the UK and France in addition to Mississippi. However, I believe in a future upgrade, PieFed can be configured to block people from specific countries from accessing NSFW and NSFL communities (feddit.online doesn't allow NSFL communities). When that upgrade happens, I will open it again to the UK and France but keep it closed for Mississippi.

Jerry , 5 months ago

Doesn't work that way. States agree to enforce each other's civil orders

LEAKED: A New List Reveals Top Websites Meta Is Scraping of Copyrighted Content to Train Its AI ( www.dropsitenews.com )

Meta has scraped data from the most-trafficked domains on the internet —including news organizations, education platforms, niche forums, personal blogs, and even revenge porn sites—to train its artificial intelligence models, according to a leaked list obtained by Drop Site News....

Jerry , 5 months ago

My Mastodon instance is on the list. I try hard to block them.

The problem with the list is that it's a target list, but not a list showing how much content, if any, they manage to process from any of the sites.

Can no longer access my old instance (lemmings.world) because I'm from the UK. I made several communities there. Is there any way I can mod them again or do I move them to this instance?

Jerry , 5 months ago

Just mentioning that Mozilla VPN uses Mullvad, and with their Firefox extension you can exclude individual websites from VPN protection or set preferred server locations for specific sites. So you can stay on a UK server for UK banking sites but switch to a different country server for a social site.

Only works on Windows for now. But maybe useful given this situation.

Jerry , 5 months ago

They can notify the hosting company that the server is violating UK law, the registrars, and payment services. This is the fear for sites not hosted in the UK. There are inter-country agreements to support civil actions.

Just received an email from feddit.online saying they've geoblocked UK IPs due to the Online Safety Act

I think they're the 3rd, 4th largest piefed instance? Check: !feddit_online@feddit.online

Jerry , 5 months ago

The Mozilla VPN with their Firefox extension (not yet on Linux), for example, lets you change the VPN server's country based on the domain you connect to and even bypass the VPN for certain domains. So, I believe it can be configured to select a U.S. VPN server, for example, when visiting a U.S. social site, but stay on the native connection when accessing BBC services. It uses Mullvad as the provider, actually, which is high quality. They can't be the only one.

The Internet always seems to find ways to bypass blocks.

Jerry , 5 months ago

Piefed.social isn't as affected because they restrict the NSFW communities. Feddit.online doesn't have the restriction, so it's more exposed.

The fear is a complaint being made to Digital Ocean that a server they host is violating UK law. It would be much easier for DO to remove the server than to take any other action.

Jerry , 5 months ago

A public enforcement action by Ofcom could make it difficult because payment processors can refuse to work with the site owner, domain registrars could be pressured to suspend the domain, and hosting providers might refuse to provide services.

Who needs this drama?

Jerry , 5 months ago

Yes, the U.S. and the U.K. have cooperation agreements for Civil actions.

Rss.ponder.cat is no more

Hi all. So, it's done: All the RSS feeds that were on rss.ponder.cat are now served from ibbit.at instead. More about it in the sticky post in !meta@ibbit.at, but if you're subscribed to RSS stuff, look for it on ibbit.at instead now....

Jerry , 6 months ago

No, totally not spam. I think the DMs would/will be greatly appreciated. I look forward to the notifications.

Thank you for continuing the service!

PieFed.World is now open ( piefed.world )

cross-posted from: https://piefed.world/post/237378...

Jerry , 6 months ago

I think it depends on the Piefed instance; it's up to the Admin.

It should work on, for example, feddit.online. If not, something is broken.

Jerry , 6 months ago

Likely, then, that lemmy.world has the same restriction.