jeffhykin

Fingerprinting isn't always possible to defeat, and its not always possible to avoid making accounts (work and school accounts)

However, it should be possible to fill up tracked data with meaningless garbage and reduce the signal-to-noise ratio. Ex: a bot that browses random products on amazon to reduce profiling accuracy.

Do you guys know of any tools that do this? Anything from browser extensions to command line scripts, to anonymous group-accounts.

I'm asking for existing tools/systems that let me programmatically say: "here is my public key, BUT if each of these 5 other public keys all send a signed message saying that my public key has been compromised, then you should mark my public key as compromised, and use the new one they provide". (This is not for a particular task, I'm just curious if any existing auth systems are capable of this)

I call the idea "guardian keys" because it could be friends' public keys or or just more-securely-stored less-frequently-used keys that you control.

NOTE: I know this would not work for data encryption. Encrypted data is simply gone if a key is lost. But, for proving an identity, like a login, there could be a system like this but I don't know of any

I don't think I've seen any solarpunk art (much less real world construction) with transparent wood, so I wanted to share

Not only is transparent wood real but apparently it has been around in labs for a bit. Take a look! (And let me know if this is old news for you)

Article: https://arstechnica.com/science/2023/12/why-scientists-are-making-transparent-wood/

Wikipedia with video: https://en.m.wikipedia.org/wiki/Transparent_wood_composite

Original paper publication: https://45-79-48-20.ip.linodeusercontent.com/s/trDsHKKWwsHsQZ5

• I make websites
• If someone is banned twice (two accounts) I want it to take them more than 5min and a VPN to make a 3rd account
• I'm okay with extreme solutions, like requiring everyone to have a Yubikey-or-similar physical key
• I really hate the trend of relying on a phone number or Google capcha as a not-a-bot detection. Both have tons of problems
• but spam (automated account creation) is a real problem

What kind of auth should I use for my websites?

If a human posted every 5 min, got 0 upvotes for 20 posts straight, we would ban them for spam. If bots would limit themselves to posting once a day, or once a week, and only post the top-voted non-duplicate post of that timeframe, it would be a dramatic improvement. For once, we might actually see real-lemmy posts along side bot posts, instead of the community being exclusively bots (or 99% bot posts) or exclusively Lemmy users.

I would tell the bot creators myself, except I don't know how to get in contact with them. Is there a consistent way to contact a bot creator?

I couldn't find a post in this community about cameras so I figured I'd make one. Requirements:

• No "sign up" required to record video
• Video is stored locally
• Video is in a non-propriatary format
• Can work offline

Optional/Discussion Points:

• Can wireless connectivity be hardware disabled
• Can auto-update be disabled
• Does the device try to "phone home" if it is connected to wifi
• Disk encryption would be nice but I doubt that'll be an option for anything other than self-hosted stuff

Does anyone know about Lorex (it seems more privacy centered)?

I'm highly technical, so feel free to mention self hosted raspberry pi soltuions as well.

Imagine the following:

• Servers declare a target number of users/posts-per-day (enables programmatically detecting when other people's servers are generally under/over capacity)
• Severs have a recommender list of other servers (whitelist), separate and more exclusive than their non-blocked list

Whenever someone goes to the sign up page, for example, on Lemmy.world, we:

• look at the recommender list
• find the server that is most under capacity
• have a very large iframe with "Sign up for Lemmy (using [under capacity server here])"
• have a small "No, I want to sign up specifically on Lemmy.world" option

AND, as a precaution against maybe-malicious takeovers (e.g. a Facebook server saying it has unlimited capacity and all new users getting forwarded to them) a server can set it's own maximum recommender caps; e.g. "recommended" servers won't be recommended if they're above 10,000 users even if they claim they could handle more.

Thoughts?