u/crisp_maple

Any non-German citizens here who successfully used the self-determination act?

From my understanding, one is required to ask their country of birth later to change their name accordingly. But what happens when they cannot? [Ukrainian AMABs need to visit Ukraine in person, and they will be taken to the frontlines immediately upon entry; AFABS won't be able to leave after the legal gender change since the border is crossed for men; and this cant be done remotely]

What happens then?

Do I understand correctly, that there will be a legal limbo? The person will be with their new correct name and gender in German systems, but without passport/ID documents for that name (since its practically impossible to change it and come back later)? Or no?

will they have problems with the immigration authority (because no passport for the new name, and they definitely do ask for passport everytime u give them ur residence permit card)? what about banks?

How does proton mail handle mail searches and filtering? It is supposedly E2EE, right? Do they happen on-device, or right before plaintext emails are encrypted?

Hi!

I have a macos machine, and would really prefer to use say Mullvad's DoH servers instead of the plaintext DNS servers from big tech.

But I do use Lockdown mode, so profile installation is restricted - which is the way most DoH providers recommend configuring the devices

I know that I could potentially (and I am currently using this method) set up custom DNS servers in the admin console of Tailscale, but I just do not want Tailscale to collect so much precious DNS queries from my person.

So this is a convoluted one, but to summarize:

• Need DoH on macos system-wide, without profiles
• Do not want to hand over _all_ of my dns queries to Tailscale (so admin console -> custom DNS doesn't suit my needs)
• And yet I want to resolve magicDNS Tailscale names for my devices, that are connected to the mesh network.

UPD: I'm assuming this will require some tinkering with dnscrypt to redirect only a handful of DNS names to tailscale's magicDNS, but I could really use some directions ;[

I thought all ads brave showed were supposedly not personalized... And now it seems like they utilize my search history / browsing history to advertise something to me....

for example, unstoppable domains - i recently searched for them in particular and a domain provider in general.

when you use someone else's remote node, you send them ur TX and they get ur IP. so they can link your transaction to ur IP.

when u run ur own node, it also communicates to the network as a whole, no? so it shares ur IP as well. and most likely, if that node is only used by you (behind home firewall/NAT), your transaction can also be linked to ur IP no?

I'm trying to compartmentalize different aspects of my life into different macos users, and there is this very important folder that I want both users to have rw access. But after doing chmod, the newly created files still have the not desirable file perms. For example:

# log in as user 1 to whom the directory initially belonged
# let's call it parrot
$ pwd; whoami
/Users/parrot
parrot

# let's create the directory i wanna share
$ mkdir CuteDir/ && chmod -R a+w CuteDir/

$ ls -d CuteDir/
# Permissions  Name
# drwxrwxrwx@  CuteDir 

# try to create a new file either from parrot or another user:
$ touch CuteDir/a.txt
$ su -c 'touch CuteDir/b.txt' user2

# both of them don't have the write perms for other users:
$ ls CuteDir/
# Permissions Name
# .rw-r--r--@ a.txt
# .rw-r--r--@ b.txt

# whereas I want anyone to have write perms to both of those.

Hi!

When I initially bought my first crypto wallet, I didn't do enough research and now I deeply regret buying a device from ledger. I've learned that they managed to:

• leak user data
• break their promise that seed keys are unextractable
• and now i'm learning that they are also apparently data whores and collect anything and everything when one interacts with their ledger app. including IP addresses. and I'm absolutely not comfortable with that.

What would some better alternatives be? Trezor, Jade, Bitbox or maybe something else?

I think I would be okay with Trezor Safe 3, but I'm slightly concerned they will follow the same direction that Ledger took eventually.

I would want to add a Mullvad server as an exit node to my personal-use Tailscale network, but I wouldn't want Tailscale to have my billing details

But previously running both Mullvad and Tailscale at the same time bricked my internet connection somehow multiple times (idk maybe the routing tables got corrupted or something; I had to reinstall my os multiple times because of that and it was super inconvenient;[ )

So, could I instead pay for my Mullvad subscription myself, get the wireguard keys from them, and use those keys to setup Mullvad's wireguard node as an exitnode?

upd: and no, not to "hide from my ISP" :(
purely because im connecting to public/college networks a lot, and I trust mullvad a tiny bit more than admins at my college, altho I'd use Obscura if I had enough spare money :3

Hi!

Angenommen, ich zahle dafür, ein Lehrbuch und seine Mediendateien für eine bestimmte Zeit (3+ Jahre) nutzen zu dürfen. Wäre es illegal, den DRM-Schutz zu entfernen und das Material ausschließlich für den persönlichen Gebrauch zu verwenden (wahrscheinlich über das Ende dieser 3+ Jahre hinaus, aber auch nur aus Bequemlichkeit)?

Did someone successfully manage to request _raw_ data from Notion?

What they povide via the export button is Not enough - because it converts blocks (that u can access via the API urself) to Markdown and that looses a lot of information/structure that one can extract.

I theoretically could just save everything via the API, but I hope there is an easier way (I can make mistakes and I'm not that versed on the entire data schema they use - I only learn it as I need it. so there is a very big chance I can miss some data)

And then there is also an issue with the file links that they provide to u when u use API - turns out they store all of ur data on AWS, and the links provided are temporary (I think they expire in a day or so), so it's hard to download _all_ files, given how plently of them I have (anti-bot protections won't let that pass)

I'm intentionally not defining the thread model because I'm mostly driven by curiosity (i'm into compsci / math, not directly employed in cybersec and whatnot)

but as a very long time linux user, and subsequently macos user, i'm very disappointed at the current state of linux distributions' security.

some examples:

• verified boot (iBoot and how it uses secure enclave for verification is so fascinating) is generally lacking, even from the security-focused distros such as QubesOS
• read-only system partition. c'mon.
• no batteries-included sandboxing for day-to-day users. sure, if I'm a big corp I can allocate weeks/months for SELinux rules planning and whatnot. But if I'm the end user I just want to run my apps fairly isolated from each other (no flatpack isn't good enough. it doesn't have secure defaults)
• most package managers require root to install stuff? :/ brew screams when u try to run it as root.
• i'm aware macos has kernel integrity protection and other fluff to make sure kernel cannot be modified at run-time. is there something like that in linux?

so, how did u make ur daily driver laptop/PC more secure?