> > They keep them in while ordering and paying for things in stores and supermarkets.
> As a GenYer I find this rude and I'll take them out any time I interact with someone.
I don't take my headphones off while paying for things in a supermarket - because you aren't really expected to talk or listen in this scenario, and the cashier doesn't want to interact with you either. But for anything more involved, like ordering something in a coffeeshop - yeah, absolutely.
Agree, it definitely is rude. Saying hello, good afternoon, responding to a question about cash/card also involves communication, and with earbuds it is simply rude to the other person.
If you don't want to talk to anyone, go to self-checkout or a vending machine, but cashiers are humans and not just robots scanning items.
I see nobody saying "good afternoon" in a grocery store, that's the one place where you keep interactions to a minimum.
Also, self-checkouts are not always an option because at least the ones at grocery stores here never accept cash.
Lived in DC and this is very true, lived in London and would be thinking about it all day if I ignored a cashier. London it is polite to say please, thank you, good afternoon, and all other verbal mannerisms.
I know Chrome has some additional limitations, and in a vacuum MV3 doesn't break UBO as hard - but is blocking of the "Element picker" part of that or inherent to MV3? I rely on that a lot.
I don't think I'd prefer this, tbh. I would want to see the whole topic information when choosing what exact torrent to download. Is it marked "verified" or "questionable"? If it's "questionable", is it for some arbitrary formality, or something like "the audio is desynced"? Are there many different dubs (because I'd rather prefer not to have them, as they're bloating the files?)...
When it comes to movies/shows, I generally just trust the listing; there's no real risk, particularly as I'm not a quality whore.
For games/programs, I'll mostly just check the download page to ensure it's from a verified, trustworthy group.
Mostly though, I've never felt the need to be as paranoid as some people suggest one must be when torrenting; despite doing this for 20+ years, I've not had any incidents since I was about 12 years old.
They all do have auto firing things that would not necessarily show on a screenshot. It's a cat and mouse game between these sites and filter maintainers.
But even for those I recommend the popup blocker strict extension.
This a good point but, do you browse torrent sites? There are much better tools available these days, than torrent sites. I mean, it was always the case that Usenet was quicker but even with that, there's options available such as the *Arr stack.
I might be misremembering, but wasn't YIFY/YTS known for their awful quality ultra compressed releases? I thought they closed down many years ago tho, so no idea if they are the same people or if they still focus on low-quality releases.
Yeah, it did shut down :( Ever since, I haven't really found an English-speaking replacement. Rutracker has the absolute majority of what I need but doesn't have some newer American children's cartoons that I used to get from Rarbg. For example, one show had full seasons on Rarbg, but only individual episodes on 1337 (of which none are from the newest season), and Rutracker only has the first two seasons, only with a TV dub and in a horrific quality :/
Not those exact markings, but TPB does have user-markings displayed that can serve as a vouch for credibility.
- Normal User, no special status (No Skull)
- Trusted (Pink Skull)
- VIP (Green Skull)
- Helper (Blue Skull, Legacy)
- Moderator (Black MOD Tag)
- Super Moderator (Red MOD Tag)
- Administrator (Black ADMIN Tag)
> Seems to me that if we want this at all, it should be an independent body that approves signing keys of vetted vendors (e.g. vendors roll out security updates timely, etc.).
This is also a horrible idea. If an OS can be vetoed for untimely security updates, it can also be vetoed for not having something like clientside scanning.
> The attestation API in AOSP allows companies to trust signing key fingerprints (such as those of GrapheneOS), which means that the attestation system is not controlled by a single company (Google).
I wonder if this would exclude rooted OSes, non-relocked bootloaders and things like that? Sorry for stupid question, still not quite understanding how this works.
Currently probably not, because there are leaked keys, etc. But otherwise it would, since the verified boot state, etc. is added as part of the signed material.
I feel like the complaint about this not adding to security could be read in a really wrong way. Instead of "this is some hypocritical BS", could be interpreted as "lol let's lock EOL devices from even lower integrity tiers". Doubt this is possible because so, so many people use EOL phones, but still.
I would attribute EOL phone use to largely to being frugal or poor. I'm sure at least one person considers the ecological factor but I'd expect that to be a small cohort.
Eh, not really. Using EOL devices is genuinely a bad idea, it's just that with phones you have no choice due to the updates usually being only like 2-3 years and alternative OSes not being as accessible as Linux. And most people don't even care or know anyway.
I simplified the process in my description. The DRM ID Android has is not what I was referring to.
I was referring to the static private key that is stored in the silicon. At any time an application can initiate a license request process using DRM APIs which will elicit an unchangeable HWID from your device. The only protection is that it will be encrypted for an authorized license server private key so collusion may be required (intel agencies almost certainly sourced 'authorized' private keys for themselves). Google or Apple also has the option to authorize keys for themselves. In 'theory' all such keys should be stored in "trusted execution environments" on license servers and not divulge client identities for whatever that's worth: <https://tee.fail>.
The "license challenge" (it might be a mistake I think it's supposed to be a license request) is just a packet (that can be saved and later sent to anywhere) and it contains the encrypted certificate which doubles as your HWID. An adversary needs to control the private key of the license "server" the challenge is for (this is a privacy measure introduced to prevent the CDM from offering the HWID to anyone who wants it). Now if you want the HWID you need to work for it (one time) by stealing a private key, bribing/blackmailing employees or issuing secret edicts ("here is a new license server we need a certificate for"). Working for Hollywood is also an option I suppose.
Pirates sacrifice devices when they publish ripped content due to the certificate being revoked after Hollywood downloads the torrent and by doing things like this:
For large-scale per-viewer, implement a content identification strategy that allows you to trace back to specific clients, such as per-user session-based watermarking. With this approach, media is conditioned during transcoding and the origin serves a uniquely identifiable pattern of media segments to the end user.
I don't have hearing problems, but I have noticed I arrive at places quicker when I don't have headphones on. Sadly this doesn't happen often because I'm low-key addicted.
mom always joke i look like a 100 year old guy when i'm walking around the neighbor. i'm always listening to a podcast about science in a non-native language so a lot of mental workload goes into it
i have quite long legs and i outpace by a far cry everyone when i'm walking around the city without my earbuds or when i'm hiking
reply