border guard: do you have anything to declare?

me:

{ pkgs, config, ... }:
{
    ...
}

it’s literally what made me decide to go buy a Pixel and install it.

if you’re expecting your burner to get searched, they could access your social media through the phone. if you have none, you might look suspicious. if you have lots, you’re giving out tons of metadata.

plus with regular phones you’re giving out your location 24/7 to Google and your carrier. the intervals you’re on airplane mode are suspicious.

I think the more normies use GOS, the less it stands out. Tor still stands out, but Signal doesn’t, because tons of people use Signal. maybe even use GOS for burners - just get used Pixels. maybe say you use it to skip ads on YouTube and pirate shit? and if they try to unlock the burner, well… it wastes their time, only to find you were telling the truth all along.

I wasted twenty minutes of my life learning enough tumblr to understand the second note. tumblr is a strange and fascinating country, like Listenbourg.

yeah! there’s a punishing learning curve but it’s sooo frikkin powerful once you get it. for my NixOS config on WSL2, I have it cross-compile age-plugin-yubikey for Windows, then stuff the (absolute) path in a wrapper script to use agenix with passage as a git-credential-helper storage, all of which gets set up using home-manager as my default git config. and it all just gets automatically built and configured when I nixos-rebuild switch, so I can sync it to my other machines.

unfortunately I have no idea how it works anymore lol. that’s the problem, it’s so resilient I forget how to change it! but I can’t imagine doing that in any other Linux distro.

!unix_surrealism@lemmy.sdf.org is leaking.

between Gentoo and Arch, but so far down the y-axis it clipped off the chart.

t. masochistic NixOS user

oof.

(I say, as though I don’t use my phone 4x more than my laptop, which is honestly a bad habit I need to break because programming on phone suuucks.)

curl | bash for the Windows crowd.

honestly it’s exactly as secure as running a binary you downloaded from their website. no more, no less (since https.)

the only computer user?!

specifically this is how QUANTUMINSERT worked (from the Snowden leaks.) also China used the same technique, injecting malicious JS through the GFW to get bystanders to DDoS github, in a much more obvious and indiscriminate way.

nobody here is remotely likely to be targeted by NSA, of course, but you can actually do such attacks on a budget if you compromise any router in the chain. combined with a BGP hijack it’s not far out of reach for even a ransomware gang to pull something like that these days.

Zalgo captchas would go so hard.