melroy

By Jeremy Hsu on September 24, 2024

Popular smart TV models made by Samsung and LG can take multiple snapshots of what you are watching every second – even when they are being used as external displays for your laptop or video game console.

Smart TV manufacturers use these frequent screenshots, as well as audio recordings, in their automatic content recognition systems, which track viewing habits in order to target people with specific advertising. But researchers showed this tracking by some of the world’s most popular smart TV brands – Samsung TVs can take screenshots every 500 milliseconds and LG TVs every 10 milliseconds – can occur when people least expect it.

“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,” says Yash Vekaria at the University of California, Davis. Samsung and LG did not respond to a request for comment.

Vekaria and his colleagues connected smart TVs from Samsung and LG to their own computer server. Their server, which was equipped with software for analysing network traffic, acted as a middleman to see what visual snapshots or audio data the TVs were uploading.

They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.

The researchers also discovered country-specific differences when users streamed the free ad-supported TV channel provided by Samsung or LG platforms. Such user activities were uploaded when the TV was operating in the US but not in the UK.

By recording user activity even when it’s coming from connected laptops, smart TVs might capture sensitive data, says Vekaria. For example, it might record if people are browsing for baby products or other personal items.

Customers can opt out of such tracking for Samsung and LG TVs. But the process requires customers to either enable or disable between six and 11 different options in the TV settings.

“This is the sort of privacy-intrusive technology that should require people to opt into sharing their data with clear language explaining exactly what they’re agreeing to, not baked into initial setup agreements that people tend to speed through,” says Thorin Klosowski at the Electronic Frontier Foundation, a digital privacy non-profit based in California.

https://www.newscientist.com/article/2449198-smart-tvs-take-snapshots-of-what-you-watch-multiple-times-per-second/ (paywall!!)

My ipset hash is full!? I'm using Ubuntu Server and I created a separate fail2ban jail that uses "iptables-ipset-proto6-allports" as their ban action (thus using ipset instead of iptables).

However, today I seem to hit the limit: stderr: 'ipset v7.15: Hash is full, cannot add more elements'.

This can be confirmed by running the ipset -t list command:

Name: f2b-manual
Type: hash:ip
Revision: 5
Header: family inet hashsize 32768 maxelem 65536 timeout 0 bucketsize 12 initval 0xbc28aef1
Size in memory: 2605680
References: 1
Number of entries: 65571

Where the 65571 entries exceeds the maxelem (65536). So what now?? Could I create a banlist in a txt file or something? I just want to ban some large tech corps: https://gitlab.melroy.org/-/snippets/619

Private properties are counterparts of the regular class properties which are public, including class fields, class methods, etc. Private properties get created by using a hash # prefix and cannot be legally referenced outside of the class. The privacy encapsulation of these class properties is enforced by JavaScript itself. The only way to access a private property is via dot notation, and you can only do so within the class that defines the private property.

Today I'm planning to upgrade the server from Ubuntu 22.04 to Ubuntu 24.04 (new LTS release).

I already proposed it once after reading: https://ostechnix.com/ubuntu-24-04-1-lts-release-delayed/...

Hopefully I will not hit any of these RabbitMQ bugs: https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/2074309

Mastodon poll is a tie: https://mastodon.melroy.org/@melroy/113135476244781426

So, let's go! What can go wrong??

~~ Famous last words ~~

Today we are releasing Mbin v1.7.1. Upgrade your Mbin server now to the latest release: 1.7.1.

This version includes tons of fixes (too many to mention here, look at "What's Changed") and introduces also new features like: trusted proxy configuration (see also docs), activate accounts manually using the admin panel, show an error when the image is too large to upload (look at the latest .env template file), improved API end-points (isAdmin, isGlobalModerator is part of the user API, fixed AP context and more) as well as many documentation improvements.

Note: Due to a dead-lock issue in 1.7.0, which is now fixed in 1.7.1, we strongly recommend upgrading your Mbin server as soon as possible.

If you want to host your own Mbin server? But you need help? Come and join us at: Matrix chat. We are happy to help!

I personally want to thank all contributors of Mbin as well as the Mbin community as a whole! We can't do it without all of you.

We are in the final testing phase of Mbin v1.7.1, we hope to release the new stable version this weekend! Which actually brings a lot of improvements (we could have considered it calling v1.8.0, but well).

#mbin #updates #release

I never seen such a good YouTube video from Linus Tech Tips: https://www.youtube.com/watch?v=GsjHMzGl-VY (jokes on you)

If you don't get it? Remove Chrome now and install Firefox (or any fork of Firefox). Then install uBlock Origin now! Add-on here: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

We released a new Mbin version: 1.7.0! See: https://github.com/MbinOrg/mbin/releases

This is the v1.7.0 release of Mbin and it brings a lot of changes: improved instance wide modlog, new SSO providers, new translated languages, moderator updates in the modlog, new cake day display, better stability and scalability of the messengers, PeerTube support, federating direct messages, federate un-/pinning entries, updated robots.txt, improve the documentation, longer durability of the user session, adding admin notifications for reports, tombstones for deleted remote users, improve the federation of edits, push subscriptions, a new look of the federation page, add public API endpoints for getting de-/federated and dead instances, magazines can now restrict posting to mods, updating magazines and users should now federate instantly, new users and magazines now show a leaf icon next to them, improve the editing of threads, make the maximum image size configurable

The Mbin development team now suggests using PHP v8.3. If you are using the docker setup you will automatically be running the new PHP version.

A total of 145 reviewed and approved pull requests have been merged into this release! As always, a special thank you to new and existing contributors, without you, future Mbin releases would not be possible!

I am able to use different programming languages. I know most of the well-known languages ​​without any problems: C, C++, Java, Python, JavaScript, Typescript, PHP...

However, I wanted to expand my horizon. Zig didn't do much for me neither did Rust, but now that I've written some Golang. I admit, I'm intrigued by the language.

I love the fact it's compiled to native machine language. There is still one caveat: despite Go being a GC language, you often still need to manage your memory. Sound strange right? But I needed to use io.Copy instead of io.ReadAll to avoid memory issues. But also you need to explicitly call defer res.Body.Close() to avoid Go not cleaning-up the HTTP response.. Ow well, so you learn it the hard way. Overall, I'm still very optimistic with Go. And looking forward to use it more often in some of my open-source projects.

See my first project in Go: https://gitlab.melroy.org/melroy/gitlab-artifact-deployer-go. Which I wrote in 3 days.

Did you try Go? What are your thoughts?

Sad story ahead

Today I fully removed Firefox as my main browser. It's banned from all my devices from now onwards. I used Firefox as my only browser since I was 10 years old. Which is 24 years now (24 years!). I loved

Firefox trying to be a good alternative to Chrome, promoting open-source and showing the world that privacy does matter. Sadly not anymore, recently after Mozilla hostile CEO takeover and moving the company forward to an advertisement company. Neglecting privacy. And fully want the other way around, tracking user data sending back to Mozilla. And at the same time Mozilla has also became an ads company just like Google, so there is no difference anymore really. And it only goes down-hill from here.

Furthermore, Mozilla is spending more money in AI companies then in the product Firefox itself. So..

Luckily, there are plenty great Firefox forks! Look into some of them yourself and really pick an alternative rather sooner than later:

• LibreWolf
• Floorp (I went with Floorp, thus far it's great!!!)
• Waterfox
• Mullvad

Just pick one, anything... from above list!

I know, it's sad. It's very sad, after 24 years I didn't went to leave Firefox, but this last moves was the straw that broke the camel's back. I'm out, cya at the fork!

Sorry for the late post.

This is the 1.6.0 release of Mbin. It brings several changes and improvements including, but not limited to, a new UI filter for sorting threads and microblog posts, a new hashtag system, Microsoft Azure and SimpleLogin SSO additions, private instance mode, framework upgrade to Symfony 7.0, outgoing federation of delete actions, several backend improvements to address federation stability and compatibility, UI fixes and route changes, etc.

We are already preparing for release 1.7.0, which is coming along very nicely. See you soon with v1.7.0.

Each AI generated polar bear, kills one real polar bear.

#meme #ai #generated #gemini #openai #dall-e #dalle #midjourney #stablediffusion #chatgpt #deepmind #polar #bear #climatechange #climate #heat #til