Avatar

coherent_domain

coherent_domain@infosec.pub
Joined
0 posts • 20 comments
Direct message

The non-profit can hire the company executive and pay them, which if I understand correctly is exempt from income tax.

I think this can be a way for executives to avoid income tax: basically donate to a foundation through obscured means (crypto, purchase from third party, etc), then get non-profit money with exemption. They probably need to jump through many hoops and it is very likely still illegal, but I wouldn’t be surprised if this is common.

But anyway the couple dime people are donating probably is neglegible for tax purposes (I am guessing, I don’t have data). Yet I see no reason not to just donate to a charity you trust online…

Source about income tax: https://www.investopedia.com/ask/answers/08/nonprofit-tax.asp

permalink
report
parent
reply

Uh, there is a typo, the second probably should say “functional languages”. We all know how people are attracted to map, filter, and reduce.

permalink
report
reply

I think these are different. They mostly find vulnerability in the iOS system as opposed to try to crack the backup system.

I think iOS or Android backup system are rather secure compared to other components because of the following: hacker will also need to break into a cloud drive to retrieve them, which adds extra work; the backup is simple, just bunch of files and a password, apple/google can use standard well-tested encryption to encrypt them.

However, guaranteeing there is no way to break into an operating system, especially with all the features that a modern system requires, is much harder.

permalink
report
parent
reply

it says it is encrypted but it is encrypred using keys that google has access to as they are unlocked with you logging in into google account.

First it uses lock screen password, so google do not have access to this password.

Even if your lock screen is unfortunately your Google password, I think proper authentication protocol do not send your password to Google to authenticate, but only the hash, which cannot be reverted to derive your password.

Obviously, the above is assuming that Google is not malicious. Otherwise it can just use play service, which is privileged and closed source, to get all your data. If your threat model including Google itself trying to steal your key, you will probably need to install a trusted rom or use iOS (however, apple and the rom developer can also steal your key).

permalink
report
parent
reply

I like the idea of growing non-ml community, however, I wish larger instances do not block ML. Otherwise, they would just move to lemmy.ee or lemmy.one, just like how they moved from hexbear and grad to ml.

It is great tankies got their own place where they can be happy, but I really don’t want to interact with them. I am emotional about issues they engage in, and emotional me is usually not the nicest version of myself.

Social media is one of the few ways I can relax for couple hours per week outside of my job, and I really don’t want my social media experience to go full investigative journalism.

permalink
report
reply

You are right. I have done some research, it seems most people think that client side hashing is unnecessary in an HTTPS setting.

That is my misunderstanding.

permalink
report
parent
reply

I think mixing app and system dependencies is not the best idea, and Linux desktop is still fighting its impact.

When all the apps on a consumer laptop is expected to depend on the same dependencies, the system likely run into dependency hell, which means many apps needs to be downgraded in order to keep older apps working.

This mixture of system dependency and app dependency also prevents users to use the the latest version of an app on a hyper stable base system.

Flatpak basically aim to solve this problem, where each app chooses their own dependencies, so you don’t need to downgrade all your app just because one app depends on python 2.7.

permalink
report
reply

LOL I thought you are joking, but it is actually called buttplug gnome: https://en.m.wikipedia.org/wiki/Santa_Claus_(sculpture)

Officially the work represents Santa Claus holding a Christmas tree in his hands but the artist has implied that it could also represent a buttplug, and that “…For me, the sculpture is also about the consumer community - as a commentary on material consumption in the Western world.”[3]

permalink
report
parent
reply

I think you can block instances now.

permalink
report
parent
reply

It is a hilarious joke, but please don’t rationalize replacing stuff when it is still working. Buy quality goods and maintain them properly, repair when needed.

A good coffee machine should last at least decades ❤️.

permalink
report
reply