Technical summary: it seems OK against an observer who can see the network traffic but hasn’t infiltrated the phone of the source or the computer of the news organization.

Any real message is stored locally on the smartphone by the CoverDrop module and sent as the next CoverDrop message, i.e. replacing the dummy message which would otherwise have been sent. Consequently a network observer cannot determine whether any communication is taking place and CoverDrop therefore provides the potential source with plausible deniability.

The CoverNode and each journalist has their own public-private key pair. These keys are published by the news organization and available to the CoverDrop module directly so the user does not need know about them. When the CoverDrop module is used for the first time, it generates a new, random public-private key pair for the user.

All real CoverDrop messages sent by the CoverDrop module to the CoverNode include the text written by the potential source as well as their own public key. The message is first encrypted using the public key of the journalist who will ultimately receive the message, then encrypted a second time using the public key of the CoverNode. All dummy CoverDrop messages are encrypted using the public key of the CoverNode. All messages, real or dummy, are arranged to be the same, fixed length. Encryption and length constraints ensure that only the CoverNode can distinguish between real and dummy messages.

They’re probably not joking, TOX IDs are like that. :) Mine is:

CA9A4C1968AA38CC93CB32F31F3682AB897ABA42C90E6F0EA5E1FB541930FD64138B4CC09AD*

(*the number opposite to the first is the number that comes after one, to hinder any spam bots)

You can use Signal with a different client.

Can you advise, which one would be a good one? Because I actually use Signal too, it’s just misbehaving a lot recently.

I have had endless difficulties with Signal forcing upgrades on me and requiring to sign in on the phone, under threat of deactivating my account (I use it on a PC).

Commentary:

You’re linking to the Times of Israel. Since the news outlet operates in Israel, it is subject to censorship by the IDF, and they have chosen to use their power to censor the article and omit weapon types.

If you want information about assassinations of Iranian nuclear scientists, get their list from Wikipedia and google each of their names, looking for descriptions.

https://en.wikipedia.org/wiki/Assassinations_of_Iranian_nuclear_scientists

My guess: guided missile or drone strikes. All the assassinations happened at a time of Israeli air strikes over Iran. Whatever weapon was used, was deployed from airplanes. Given the high profile of the targets, Israeli intelligence agencies did their job this time (in Gaza, they seem to be feeding their troops low quality AI slop).

I will use the opportunity to remind that Signal is operated by a non-profit in the jurisdiction called “the US”. This could have implications.

A somewhat more anarchist option might be TOX. There is no single client, TOX is a protocol, you can choose from half a dozen clients. I personally use qTox.

Upside: no phone number required. No questions asked.

Downside: no servers to store and forward messages. You can talk if both parties are online.

Sadly, Iran has not been “tolerable to the media” in recent times.

(Example: a few months ago, their courts were discussing whether to sentence a rapper named Tataloo to death for “corruption on earth” - singing about the wrong things.)

Since they are now in war, media freedom in Iran is probably under the table.

Opinion:

Politically, the ayatollah can’t be toppled by foreseeable events, except if an Israeli strike should kill him. His successor in that case is unlikely to be milder. Netanyahu is also firmly in power due to special circumstances, and probably pretty safe from any Iranian attempts.

Militarily, Iran has taken bigger losses, and has probably lost expensive and important parts of its nuclear programme - but not its stocks of highly enriched uranium, or its ability to launch ballistic missiles. From that perspective, if the Israeli strikes were meant to disarm Iran - they didn’t.

Prognosis: they will trade more strikes and neither will achieve breakthrough success. Iran will lose more in the process.

• Not providing a platform for activities that harm society (e.g. scams, disinformation).
• Not providing a platform for activities that will get you sued or prosecuted (e.g. piracy, child porn).
• They had to pay a considerable amount for the service.

On social media, putting the burden of blocking on a million users is naive because:

• Blocks can be worked around with bots, someone has to actively fight circumvention.
• Some users don’t have the time to block, simply conclude “this is a hostile environment” and leave.
• Some users fall for scams / believe the disinfo.

I have once helped others build an anonymous mix network (I2P). I’m also an anarchist. On Lemmy however, support decentralization, defederating from instances that have bad policies or corrupt management, and harsh moderation. Because the operator of a Lemmy instance is fully exposed.

Experience has shown that total freedom is a suitable policy for apps that support 1-to-1 conversations via short text messages. Everything else invites too much abuse. If it’s public, it will have rules. If it’s totally private, it can have total freedom.

it was also unclear he has in fact paid any taxes to the Russian government

Seems like a Captain Obvious moment. You work somewhere, your employer pays taxes to the government without even asking if you like it. I’m fully certain that even hardcore anarchist partisans who burn shit at night, pay taxes to the RF government on their day job - to look more like a normal citizen.

Perhaps more importantly, Netanyahu also exchanged the director of Shin Bet, as if anticipating that some day, that guy might get a warrant to arrest a certain person accused of war crimes.

To make it short and get to the point, Israel is also risking their constitutional order by letting Netanyahu run wild. He might decide not to leave at some point.

1.8.1 is sufficiently infectious and will attempt to self-install on you, functionality however is the same, it does the same stuff as Omicron did

In our modern times, Ea-Nasir still has some bars of aluminum to sell you. Quite several, in fact. :)

Saudi Arabia needs to run out of money and get into an “all hands needed” situation to change (at which point they will surely discover that half of hands belong to women).

The king needs to lose his ability to bribe people to shut up.

Everyone can help this a little by transitioning off oil, gas and other petrochemical products, not letting this country acquire advanced technology, and generally not cooperating with them.

You just missed my point about the 1.6MP elephant in the room.

For your information, a global shutter sensor is not required in that scenario.

A global shutter is advisable if you want to get detailed video of a fast moving object that fills a large percentage of the frame, without distorting the shape of the moving object. With rolling shutter, you still see, but get a distorted (elongated, stepped) moving object.

• Does a bullet missing Trump fill a large percentage of the frame? No.
• Do you need to see details of the bullet? No.
• Is Trump moving too fast to photograph without distortion? No.
• Do you need to autofocus on the bullet? No, and you can’t. It’s fine, you already focused on Trump.

It follows that you don’t need global shutter, and you don’t care about autofocus. Merely using fast exposure and having a sensitive sensor + big lens (enabling you to use fast exposure) it will be sufficient.

You also need luck, of course. I think the photographer who snapped that shot had a considerable amount of luck. They weren’t fumbling on their bag for a better X or Y. They were already taking a photo, most likely. Things just happened at the right time for them.

As for practicality of modular and DIY equipment, yes, it may not be everyone’s preference.

What makes you think OP is willing to deal with these?

I’m not interested in whether the OP is even interested in open architecture or DIY. I’m pointing out that alternatives exist, and they are decent alternatives.

Yeah, that absolutely can replace the gear that captured the photo of the bullet whizzing by Trump and won the Pulitzer prize.

Capturing a photo of a bullet that’s been slowing down for 300 meters is not a great technical feat. Try to buy a ballistics camera from Canon, see how much you end up paying (if they agree to sell).

P.S. To my recollection, one inch and 3/4 inch sensors are available for Pi. Note: this is experimental, but: https://github.com/will127534/OneInchEye

How to make Saudia Arabia a normal society?

• deny it income
• deny it access to advanced technology
• deny it legitimacy and cooperation

Most importantly: stop using oil and natural gas sooner rather than later.

Reasoning: the king stays in power by paying cops, security officials and prison guards - and paying people to shut up and tolerate the regime. Once the system runs low on money, things may change.

Note: women in Europe made rapid progress at getting civil rights at a time when they were needed to run ammunition factories.

It doesn’t have to be a world war - any development that makes it economically unavoidable that women start going to work outside their home, will change the role of women in society.

Autofocusing external lenses is a real problem. Fuck the lens makers indeed, as a result of which I’ve only used Raspberry Pi based systems with manual focus.

Depth of field is a property of the lens, not the sensor.

Sensors: if you want to take pictures in starlight, you can get IMX585 (hard due to market problems). If you want lots of pixels, 64 M is not a problem. If you want to photograph a bullet, you can get the low-pixel global shutter sensor, there is code around to take video at 500 fps (disclaimer: tiny video, extreme light level required).

Cameras can be homebrewed, big integrators like Canon charge too much.

A tip: you can build your own camera using a Raspberry Pi. There are kits. There are lenses and sensors which impress.

But who would buy such hardware? :)

so good luck hiding a VPN client.

In my imagination, there is no VPN client. The whole network is behind a VPN router and the internet gateway is where it needs to be.

how did you do it?

In the BIOS options of that specific server (nothing fancy, a generic Dell with some Xeon processor) the option to enable/disable ME was just plainly offered.

Chipset features > Intel AMT (active management technology) > disable (or something similar, my memory is a bit fuzzy). I researched the option, got worried about the outcomes if someone learned to exploit it, and made it a policy of turning it off. It was about 2 years ago.

P.S.

I’m sure there exist tools for the really security-conscious folks to verify whether ME has become disabled, but I was installing a boring warehouse system, so I didn’t check.