scrps (u/scrps) - Readit News

scrps commented on Supercookie: Browser Fingerprinting via Favicon (2021) github.com/jonasstrehle/s... · Posted by u/vxvrs

ghxst · a month ago

Tried a similar approach but found that putting the browser in a VM has a tendency to expose a few data points that stand out as less trust worthy which means you end up getting a lot of captchas on some websites (like using swiftshader for renderer, not having some fonts installed, among other things), lying about these can typically be detected as well (like injecting noise into a canvas, modifying the advertised renderer). If you've found any solutions to these please share.

scrps · a month ago

What approach did you end up going with instead?

scrps commented on Supercookie: Browser Fingerprinting via Favicon (2021) github.com/jonasstrehle/s... · Posted by u/vxvrs

captainkrtek · a month ago

This sounds interesting, do you have this written up anywhere?

scrps · a month ago

I sadly do not atm beyond some notes but I can if there is interest.

scrps commented on Supercookie: Browser Fingerprinting via Favicon (2021) github.com/jonasstrehle/s... · Posted by u/vxvrs

scrps · a month ago

Nonpersistent vm-based browser, I use qemu + cage + firefox and some glue logic to fire up a copy of a base image which gets deleted on exit. Fires up slower than a native firefox instance but runs all the same.

Can containerize for the less paranoid and less work but browsers touching host kernel gives me the ick as does the idea of trying to write ebpf policies for firefox to mitigate. Browsers are pain.

scrps commented on Peter Thiel sells off all Nvidia stock, stirring bubble fears thestreet.com/investing/p... · Posted by u/hypeatei

FrankWilhoit · a month ago

When someone like this does something like this, it is not an economic act. It is a signal of some kind, a move in an opaque chess game, whose players are nowhere near as smart as they think they are.

scrps · a month ago

I always thought the opposite was true like whales breaking up orders for various reasons like not moving the market too much over things like portfolio adjustments, secrecy, etc?

scrps commented on Anthropic’s paper smells like bullshit djnn.sh/posts/anthropic-s... · Posted by u/vxvxvx

skybrian · a month ago

If we’re sharing vibes, “our product is dangerous” seems like an unusual sales tactic outside the defense industry. I’m doubtful that’s how it works?

Meanwhile, another reason to make a press release is that you’ll be criticized for the coverup if you don’t. Also, it puts other companies on notice that maybe they should look for this?

scrps · a month ago

I think it might be a "our product IS dangerous but look we are on top of it!" kind of deal. Still leaves a funny taste either way.

scrps commented on Heretic: Automatic censorship removal for language models github.com/p-e-w/heretic... · Posted by u/melded

buu700 · a month ago

Agreed, I'm fully in favor of this. I'd prefer that every LLM contain an advanced setting to opt out of all censorship. It's wild how the West collectively looked down on China for years over its censorship of search engines, only to suddenly dive headfirst into the same illiberal playbook.

To be clear, I 100% support AI safety regulations. "Safety" to me means that a rogue AI shouldn't have access to launch nuclear missiles, or control over an army of factory robots without multiple redundant local and remote kill switches, or unfettered CLI access on a machine containing credentials which grant access to PII — not censorship of speech. Someone privately having thoughts or viewing genAI outputs we don't like won't cause Judgement Day, but distracting from real safety issues with safety theater might.

scrps · a month ago

It's wild how the West collectively looked down on China for years over its censorship of search engines, only to suddenly dive headfirst into the same illiberal playbook

It is monkey see, monkey do with the political and monied sets. And to think they see themselves as more evolved than the "plebs", Gotta find the humor in it at least.

scrps commented on When UPS charged me a $684 tariff on $355 of vintage computer parts oldvcr.blogspot.com/2025/... · Posted by u/goldenskye

inopinatus · a month ago

From the other side of the Atlantic this sounds like straight Thatcherism, in which Chicago-school monetarism was an ideological anti-union weapon, and the Thatcher cabinet was not coy about it. However I think the US went that way first even if Reaganomics came later.

scrps · a month ago

I think a lot of that in the US got spun up with Nixon, Reagan brought a lot of it to the mainstream though. Both of them hated unions with a passion that is for sure.

scrps commented on All praise to the lunch ladies bittersoutherner.com/issu... · Posted by u/gmays

gishh · a month ago

The sub nukies I know would disagree with this. The few weeks before they would get back to port they just eat whatever they can find.

Storage is a big deal on a sub.

scrps · a month ago

Ah didn't know that, thanks!

scrps commented on Lawmakers want to ban VPNs eff.org/deeplinks/2025/11... · Posted by u/gslin

1vuio0pswjnm7 · a month ago

"Here's what happens if VPNs get blocked: everyone has to verify their age by submitting government IDs, biometric data, or credit card information directly to websites-without any encryption or privacy protection.

We already know how this story ends. Companies get hacked. Data gets breached. And suddenly your real name is attached to the websites you visited, stored in some poorly-secured database waiting for the inevitable leak. This has already happened, and is not a matter of if but when. And when it does, the repercussions will be huge."

Then

"Let's say Wisconsin somehow manages to pass this law. Here's what will actually happen:

People who want to bypass it will use non-commercial VPNs, open proxies, or cheap virtual private servers that the law doesn't cover. They'll find workarounds within hours. The internet always routes around censorship."

Even in a fantasy world where every website successfully blocked all commercial VPNs, people would just make their own. You can route traffic through cloud services like AWS or DigitalOcean, tunnel through someone else's home internet connection, use open proxies, or spin up a cheap server for less than a dollar."

EFF presents two versions of "here's what will happen"

If we accept both as true then it appears a law targeting commercial VPNs would create evolutionary pressure to DIY rather than delegate VPN facility to commercial third parties. Non-commercial first party VPNs only service the person who sets them up. If that person is engaged in criminal activity, they can be targeted by legislation and enforcement specifically. Prosecution of criminals should not affect other first party VPNs set up by law-abiding internet users

Delegation of running VPNs to commercial third parties carries risks. Aside from obvious "trust" issues, reliability concerns, mandatory data collection, potential data breach, and so on, when the commercial provider services criminals, that's a risk to everyone else using the service

This is what's going on with so-called "Chat Control". Commercial third parties are knowingly servicing criminals. The service is used to facilitate the crime. The third parties will not or cannot identify the criminals. As a result, governments seek to compel the third party to do so through legislation. Every other user of the service may be affected as a result

Compare this with a first party VPN set up and used by a single person. If that person engages in criminal activity, other first party VPNs are unaffected

EFF does not speculate that third parties such AWS, DigitalOcean, or "cheap server[s] for less than a dollar" will be targeted with legislation in their second "here's what will happen" scenario

Evolutionary pressure toward DIY might be bad news for commercial third party intermediaries^1

But not necessarily for DIY internet users

1. Those third parties that profit from non-DIY users may invoke the plight of those non-DIY users^2 when arguing against VPN legislation or "Chat Control" but it's the third parties that stand to lose the most. DIY users are not subject to legislation that targets third party VPNs or third party chat services

2. Like OpenAI invoking the plight of ChapGPT users when faced with discovery demands in copyright litigation

scrps · a month ago

Preexisting solutions to future problems! Thanks to AI (mostly) botnets specifically for renting residential IPs have multiplied since most commercial VPN IP blocks get rate-limited, captcha'd, outright blocked which got even worse with AI.

People causing shenanigans using residential IPs if they ban VPNs is gonna lead to a lot of kicked doors, red herrings, lawsuits, and very probably ballooning budgets and will yet again fail to stop Bad Things™ not that it was really designed to anyway. I wonder if they think this is a good idea because they have machinations or is it just that they are clueless wealthy dinosaurs corrupting a future that isn't theirs?

scrps commented on All praise to the lunch ladies bittersoutherner.com/issu... · Posted by u/gmays

somerandomqaguy · a month ago

Not exactly easy. The US military (hell just about every army on the planet) spends a lot of money and effort into developing field rations that are palatable enough for infantry sections on the move to eat in it's entirety. I can't imagine developing it for far more numerous school children is going to be any easier.

scrps · a month ago

faint sound of fading laughter from a US SSBN

If you want a successful lunch program (and rations if you have a to-go bag) look no further than the US Navy's sub program.

Given the environment and danger (and having a bunch of humans in close proximity, deep under the ocean, with nowhere to go, hangry, is not going to inspire unit cohesion) they get really, really good food. Which is probably not a bad thing to give people tooling around with enough firepower to take out a few dozen cities.