• 1 Post
  • 27 Comments
Joined 10 months ago
cake
Cake day: January 13th, 2024

help-circle
  • That is for sure a good question, although I would say it would present limitations.

    Let’s put it this way: Id photos are very standard. Front facing, until the neck, white lights, white background. Now lets say everyone’s photo got leaked (or used) and the only source of photos for a certain photo is the Id one only. I didn’t study the matching algorithms, but I will say that variation for a certain subject under different circumstances increase the matching possibilities. If by any chance you try to match someone live and the only source would be id photos, my guess is it would present a big error rate. Possibility could be fine tuned, not sure up to how much.

    Now lets consider what we have today. For a single person, I will bet there are on average more than 15 photos of themselves somewhere available (for those chronically attached to stuff such as IG of fb) and a lot of the times tagged as well (and manually as well, there was a time on fb this was a big thing). With this amount of comparison points, I would say the matching for sure works a lot better











  • Do you want to know the kicker? There are banks (yes, you heard me right) that straight up don’t allow more than 20 chars. 20!!! And they say you got to use the app for X things because it’s secure and shit (e.g.: use the app to 2FA credit card transactions). Meanwhile, does not allow you to add a yubikey for Fido authentication


  • I am not sure if by any chance they do the extra mile to check on that. However, as a rule of thumb you should try to keep private stuff away from work stuff, meaning, at work maybe is not the best idea to boast about your reddit profile where you happen to follow some nsfw stuff (or other stuff that can be considered offensive and/or can lead to controversy). I would imagine they try to check things such as accounts attached to an email or phone number (for instance). If a set of aliases were used for this (or different info) from your work email phone etc., you should be able to keep it separate.



  • For me feels someone is chasing a KPI on PSN users that, quite frankly, gives no one but Sony executives satisfaction on bigger number = better number. Steam on that sense made the correct decision to give back the money on people that cannot play a game anymore because of a future requirement (as mentioned by op, not everywhere psn exists). But for me, even if psn is available, you should be able to refuse to further engage on a game based on a future requirement like this and get the money back (same applies if for instance a game all of a sudden has something like denuvo).

    So my take away of this is: please, get rid of kpis, it’s about time we learn to get away from hard metrics that can be cheated






  • I was making a quick check, and yes, the DoH situation is a bit more dicey. From how I see it, the best way to make this work is to, at the firewall level, either block as much as possible any requests that look like DoH (and hope whatever was using that falls back to regular DNS calls) or setup a local DoH server to resolve those queries (although I am not sure if it is possible to fully redirect those). In that sense, pihole can’t really do much against DoH on its own

    EDIT: decided to look a bit further on the router level, and for pfsense at least this is one way to do this recipe for DNS block and redirect


  • Hm… I am not familiar with that device myself, and since I use opnsense for a while I forget most people do not use routers outside of the provided one.

    But in a theoretical sense, this firewall rule should look something like this:

    • origin of traffic is any IP that goes into port 53
    • outgoing traffic has to go to pi hole on port 53