Yeah same, I make noise to be less “I’m being sneaky” because I’m not trying to be. It never occurred to me this could be taken as “I’m trying to start a conversation, while not being in your field of view at all and also not saying any words.” I don’t do this when walking with my wife.

I was assuming a long delay between event capture and event logging, when brainstorming use cases.

Yes you will make it easier for kiwifarms to create an ALPR network if you GPL it. Also social change activists, news stations, “news” stations, nosy neighbors, overseas companies interested in obtaining intelligence on US citizens, people who hate racing on public roads, neighborhood watch, people who want to make ALPR bans functionally impossible by making them indistinguishable from dashcams, people who want to make rich people sweat by tracking their movements.

If you don’t GPL it, you’ll demonstrate that a small team can create an ALPR system, so, they might think, why not give it a try?

I hope they explain further. Honestly I don’t think the “oh crap I need to know if it’s good or bad right now!” camp is really going to care, but it still feels a little uncomfortable. (As opposed to the “this could be either way, I don’t have enough evidence to decide right now, and I’m ok with holding that uncertainty in my brain until new evidence moves my needle” camp)

Are forked builds possible with third party service references neutered?

I would say it’s important not to conflate privacy with secrecy. If you have a domain with your name on it (e.g. my mspencer.net) but create email aliases for every situation, sites won’t be automatically correlating your addresses with each other. How do they know which addresses are yours and which aren’t? More importantly, if you self host, emails are encrypted in flight and live on your own hardware at rest, so nobody external to any conversation will be snooping on message contents.

I’m sure legally it has no effect, but I have postfix configured to refuse emails with “updated terms” and “updated our terms” in the body. If I still haven’t been notified that a site’s terms have been updated to allow some new horribleness, they can’t claim they made me aware, huh? I guess they’ll just have to send me paper mail if it’s so important to them.

(You could do that too, if you self host postfix / dovecot / roundcube / opendkim and use greylist and RBLs for anti-spam. It’s been effortless for me, after an admittedly grueling initial setup process taking several days to learn and fail with.)

This makes me sad, that we can’t engage in civil discussion about this. Why did you assume and not ask questions? Be curious, not judgmental.

To me it’s a question of laws. The laws of the U.S. at least somewhat constrain the people of my own country, and can prevent them from working against their own citizens. Like me.

Please be kind when replying.

As a US citizen, I prefer services that US consumer protections could apply to. (While we still have them, ahem.) I know that Chinese laws will not protect me from things a Chinese business does in China.

(What’s with the rude replies? Did I fail to notice what instance I’m on or something?)

Scrooge McDuck is an employee of his companies too.

BBS software. Nerds always find a way. I guess if I have to be a sysop now…

They would enforce the rules of their payment card network. Once they’re aware of a violation they take action. If they become aware of a series of violations they take further action to ensure the merchant complies in the future.

Apologies, I did the American thing. Checks, which get turned into X9.100 files, which are just digital versions of bags of bundles of checks, with check images that were TIFF images in CCITT T.6 encoding.

I don’t know if you’re being serious, but I can confirm from my time at as a developer at a banking software company, we didn’t use a hard RT OS even for like Mosler or Hitachi high speed check sorters. Just fast C++ code. (On Windows XP still, when I left in 2016)

(Work load is basically: batch of checks is loaded into an input hopper, along with check sized pieces of paper which are headers and footers, machine rapidly scans MICR lines and they go flying towards output pockets, and our code has something like 20 ms to receive the MICR data and pass back a sorting decision.)

I don’t know what people call this, but I’m curious if you also need future balance prediction, basically “here’s how much left over you’re going to have this payday, next payday, etc”. I might switch from my homegrown spreadsheet to one of these recommendations if they also support that.

(I’m talking about something where you input your known scheduled debits and credits, especially for people with biweekly paychecks but monthly debits, and then you match recent actual activity with what’s expected. So you get “current balance is $1800 but it’ll get as low as $300 before you get paid next” type info to keep you from over spending.)

Payment card transactions can be disputed or reversed. Cryptocurrency transactions cannot be easily reversed. Reversal is an important capability because sometimes customers or merchants lie, or they can have problems fulfilling their obligations.

When the buyer and seller are in the same country, or are in countries with legal and criminal justice systems which cooperate, transaction risk is lower so fees can be lower.

Not really, it’s been pretty effortless. Every couple months I have to make sure my renewed LetsEncrypt certs really got imported, but I don’t think I’ve had to intervene manually for anything in a long time.

I do, and I agree about their utility. My users and aliases are in OpenLDAP but it’s pretty easy to add new ones.

Separate accounts are preferable if you’re actually going to be responding to messages. I’ve had some embarrassing encounters where I’ve given an alias to a business that I didn’t realize was going to actually use it for real email conversations with a human. By default roundcube web mail lets you hit reply anyway and the reply goes out with your real address, which can lead to confusion.

I host my own for mspencer dot net, used this 15-ish step walkthrough from linuxbabe dot com. Only maybe three instances of spam in two years, gmail and outlook receive my messages just fine, etc. (Successful spammers were using legitimate services, and those services took action when notified. Greylist delays emails by a few minutes but it’s extremely effective against most spammers because they never come back to retry messages after a few minutes, while legitimate senders will.) I don’t know if I would accept blanket advice against self hosting.

Fundamentally if your mail server can see the addressee, it can see the content. SMTPS encrypts both in the same channel. So at the point where you accept messages and store them in a mailbox, the messages have to be readable.

Encrypting them at rest isn’t something I currently do, but if you’re going to later serve those messages to an email client that expects to receive clear text, your server needs both the keys and the messages. They can be stored in different places.

Most of your needs could be met with full disk encryption on the box hosting Dovecot. If you’re worried about being compelled to decrypt, there’s always the deck of cards trick: The pass phrase for full disk encryption consists of a memorized portion plus the letters and numbers of the top N cards in this deck of cards you keep by the server. If someone were to shuffle that deck of cards, and the server were powered down, the encrypted volume would be impossible to recover.

I’m eager to learn what other Dovecot tricks people can recommend to improve security.

Deceased users’ estates still haven’t agreed to the new terms, have they?

Mostly I’m scared I’ll write a firewall rule incorrectly and suddenly expose a bunch of internal infrastructure I thought wasn’t exposed.

In a general sense, you are discussing a way to control other people and organizations, and to make them stop talking about you. (Communicating and storing your information) This isn’t always possible or practical.

If you pay a merchant with your payment card, that merchant is allowed to know your payment card number. If you call a toll free number, the recipient of your call is allowed to know your phone number.

If they decide to share what they learn about you, and they do so legally, there’s not a whole lot you can do to stop them. I’m not saying this to antagonize or hurt you. I invite you to think differently about what you can control and what is worth worrying about.