I don’t exactly consider Drew Devault a reliable or unbiased judge of character

Huh, I misremembered then. I stand corrected.

Notable though that there are specific countries (such as India) where adoption is far higher at 72%

Huh weird that it would be removed, that’s a fair comment.

For Web scraping and other activities by so-called “legitimate” companies to varying degrees, this may be the case. But for general bots, they are generally attempting to scan and probe the entire IPv4 range, since it can be exhaustively checked in a reasonable amount of time and the majority of IPs have hosts on them. Enumerating the entire IPv6 space is quite literally impossible without some external list of hosts known to exist, due to the number of hosts. This happens, but it’s a much higher hanging fruit for an attacker so far fewer will bother. So you generally see few to no continuous probes on things like sshd over IPv6 unless you have a domain name. I’m guessing a lot of bots (in botnets) are dumb old technology that doesn’t even have IPv6.

NAT was always a hacky workaround. And although it effectively ends up functioning as a firewall under normal usage when combined with a typical “drop invalid incoming packets” rule, it was not designed to be a firewall and shouldn’t be assumed to always function as one. A simple accept established, default drop firewall rule should do the trick and should be used on both v4 and v6 regardless of NAT (and probably is on your router already).

If your goal is privacy in the sense of blending in, you can still use NATv6 and this is a good use case for it. This is what VPNs like Mullvad use. If your goal is privacy in the sense of being more difficult to track across sessions, you can enable IPv6 privacy extensions which essentially generates a new IPv6 address for every connection your device makes. So in this sense it’s more private than IPv4

Or you could just… learn to use the modern internet that 60% of internet traffic uses? Not everyone has a dedicated IPv4 anymore, we are in the days of mobile networks and CGNAT. IPv4 exhaustion is here today.

Best to set a firewall rule with nftables to block non-vpn traffic from leaving (you should also do the save for IPv4 traffic to prevent leaks in case the tunnel disconnects)

I don’t think it’s quite as simple as someone just forking it. Realistically, a browser is an extremely complex piece of software that requires a lot of organizational effort to maintain, deal with security issues, etc. Pretty much every other piece of software on a similar scale I can think of (the kernel, KDE, Blender, Libreoffice) has some sort of organization behind it with at least some amount of officially paid work. All the major forks of Firefox or chromium follow quite closely to upstream for this reason (which is also why I’m skeptical of Brave’s ability to maintain manifest v2 long term, despite their probably genuine best efforts to do so).

I do wish that Firefox were developed and funded by an organization specifically dedicated to developing it. This could of course happen if Mozilla dies. But that’s going to require someone starting it, which is not at all a small or cheap task.

I could also see a future where Oracle or IBM buys it 😂🤡

This one is already in the default uBlock filters - Badware risks

I also strongly suggest adding https://big.oisd.nl/ as a filter list. It’s a large and well maintained domain blocklist (sourced from combining lots of other blocklists) that usually adds lots of these sorts of domains quickly and has very few false positives.

If you want to take it even further, check out the Pro list and Thread Intelligence Feeds list here https://github.com/hagezi/dns-blocklists

These can all be added to a pihole too if you use one.

This is why ublock origin is an essential security tool.

This is a forum for general discussion, not a question and answer board.

Adopted daughter. But still…

Never thought I’d see banknote inflation rule 34

Companies cry the same way about the bills to ban end to end encryption, and they’re still bad for consumers too

EWG is a well known pseudoscience peddler, even going as far as anti-vaxx claims https://en.wikipedia.org/wiki/Environmental_Working_Group

Every new game that is released with a character dressed in even a slightly sexually suggestive way results in a rabid meltdown from braindead Twitter users. Payment processors like PayPal are forbidding the use of their services for NSFW content due to pressure from fundamentalist christian organizations like Exodus Cry, under the guise of “child safety”

In general, AM radio is the playground of the right wing and I’d love nothing more than to fuck them over because that’s the only thing they’ve ever known.

This is an unhinged take. Kill off the most simple to implement and farthest travelling radio system that would be essential in the event of a nationwide blackout or other emergency (and let the spectrum get sold off to some megacorp), just to own the cons because they broadcast stuff that nobody listens to anyway?

Emergency broadcasts can be made on FM, its not as big of a loss as we fear it will be.

It would be a big loss. FM does not travel beyond the horizon. AM does not require a functioning electrical grid powering the whole country and hundreds of towers linked to telecom services. AM receivers can be built with household scrap. We can get by currently with FM for emergencies, that’s what NOAA weather radio is, but vast swaths of the desert and rural areas are presently left uncovered, and a nationwide power grid or telecom outage would severely impact the service.

Before trying the conversion, I suggest checking if you are missing a library that strawberry needs (probably libopus or libopusfile). For me, strawberry reads opus files perfectly normally, so I wonder if yours is falling back to using ffmpeg or something to decide them

If you really must convert, use Vorbis with the variable bitrate mode -q6 (or -q:a 6 option in ffmpeg) which usually ends up around 192 kbps, or push it up one more to q7 which will be a little higher. This is the level that is usually transparent, but do keep in mind that any conversion between lossy codecs is much more likely to cause perceivable loss in quality than a conversion from a lossless source. Btw opus is the direct successor to Vorbis and is superior in quality per bitrate (128k is what YouTube uses and is indistinguishable the vast majority of the time). It’s probably better than 320k mp3 at least

When Amazon thinks “sub” means “submissive” rather than “subscriber”

I think it should be allowed to set limited data cap OR limited/guaranteed speed, but never both

They’ve been using opus for probably around a decade at this point, and in fact YouTube was a pretty early adopter of it and had a large role in popularizing it

Oh okay, that makes more sense now