Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)RE
refalo @programming.dev
Posts 4
Comments 1K
Can a website access my local network/learn about the existence of other devices without installing malware?
  • The page load time of creepjs would not be acceptable for use in real life

    Well any site that uses fingerprinting tech, regardless of what it is, is just going to have it load silently in the background so I don't think it would be noticeable anyways.

  • What's holding you back from trying Codeberg?
  • For one there's no incentive for individuals running an instance to care about compliance in the first place, regardless of the actual issues at play. One obvious issue that comes to mind is the right to be forgotten. FOSS software can be easily modified and if servers don't comply with such requests properly then your rights are being violated and good luck doing anything useful about it.

  • Can a website access my local network/learn about the existence of other devices without installing malware?
  • WebWorker is disabled by default in JShelter which is required for creepjs to work. If you set just that function to Strict instead of just the default Remove, then creepjs still works fine.

    But creepjs could be modified to work without webworker if you were thinking JShelter really does something useful to hide your fingerprint from someone who wants it bad enough. And you can still be fingerprinted many other ways even without JavaScript at all.

  • Installed GrapheneOS for the first time
  • Yes but for me it is a non-starter for legal reasons because screenshots do not work with fingerprint lock turned on. I don't understand why the user cannot choose to enable this or not like other apps can (including Signal).

  • How I Got a Truly Anonymous Signal Account
  • tl;dr the sms verification falls back to voice and they just used a payphone.

    I guess if you count the airport full of cameras they went to to do this as "anonymous", then sure :)

    Also this article from 2017 suggests not using this method:

    It’s important to maintain control of this phone number. For example, you could use a disposable SMS service to register with Signal — there are many such services if you search for them — but those phone numbers can be used by anyone. Similarly, you should avoid using a public payphone’s number, or a SIM card on which you do not intend to renew service. If someone else can receive SMS messages or phone calls to this phone number, they can take your Signal account away from you.

  • Matrix - A Pit of Abuse with Government Ties

    30

    403 on API endpoints

    Tried to use several different API endpoints as described in the link, but they all return 403 with a cloudflare "Just a moment..." html reply. Even tried copying an existing jwt token from a working logged-in browser but the same thing still happens.

    Any idea what I could be doing wrong?

    curl -v --request POST \ --url https://programming.dev/api/v3/user/login \ --header 'accept: application/json' \ --header 'content-type: application/json' \ --data '{"username_or_email": "redacted", "password": "redacted"}' ... < HTTP/2 403 ...

    <!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title> ...

    6

    Some comments not appearing?

    I am noticing that some comments, which are coming from users on other verified (via /instances) federated instances, do not show up on a post. For example: https://programming.dev/post/13648105

    Does not show this comment on it: https://lemmy.ml/comment/10803786

    Any ideas why? I checked the modlog and the comment wasn't removed, and their post history to me does not look like someone that is likely to be banned from the instance, so I'm not sure what else it could be.

    7
    Lemmy Support @lemmy.ml refalo @programming.dev

    Is there a way to view the frontpage of another server, or get an RSS feed of another server's single community?

    My lemmy account is on the programming.dev instance but I use newsboat for RSS reading of some lemmy.ml communities, along with browsing the local homepage of lemmy.ml and some other instances in a regular browser. Is there a way to do either of these things from the programming.dev instance so that I can easily comment on posts without having to manually locate the same post by browsing to /c/[email protected] on my own instance?

    12