Forem: ByteKnight

LinkedIn "BrowserGate"

ByteKnight — Mon, 06 Apr 2026 17:22:36 +0000

An investigation alleges LinkedIn secretly scans users' browsers for 6,000+ extensions-potentially revealing sensitive personal data-and shares it with third parties, without clear consent. LinkedIn denies wrongdoing, stating the practice is solely for security and anti-abuse purposes. The controversy raises major GDPR and privacy concerns, but no regulatory ruling has yet been issued.

Original Article

🧅 Oniux: Tor Routing for Linux

ByteKnight — Mon, 15 Sep 2025 14:25:32 +0000

The Tor Project just dropped Oniux, a powerful command-line tool that routes any Linux app through the Tor network—safely and leak-proof. Unlike torsocks, Oniux uses kernel namespaces and a virtual interface (onion0) to isolate traffic at the system level. Built with Rust, it’s fast, secure, and perfect for privacy-critical tasks.

Try it:

bash oniux firefox

Total anonymity, no shortcuts.

Element: The Open-Source Federated System for Secure Messaging, Voice, and Video

ByteKnight — Fri, 05 Sep 2025 06:32:51 +0000

Discover Element: The Open-Source Federated System for Secure Messaging, Voice, and Video

Element is a free, open-source app built on the Matrix protocol. It enables secure chats, voice calls, and video calls with end-to-end encryption (E2EE), group rooms, and file sharing.

Why Element Stands Out

Federated & Decentralized – Communicate across different servers without vendor lock-in.
Data Ownership – Self-host or use public servers while keeping control of your privacy.
Open Source – Transparent and community-driven (AGPLv3/GPLv3).
Cross-Platform – Works on web, desktop, and mobile with synced chat history.
Bridging – Connects with Slack, IRC, Telegram, Jitsi, and more.
Trusted – Used by journalists and governments for secure communications.

How It Works

Matrix replicates messages across federated servers, cryptographically signed to prevent tampering. Even if a server fails, your communication continues securely.

Conclusion

Element is ideal for teams, communities, and individuals who want secure, private, and interoperable communication without relying on centralized providers.

https://element.io/

Prompt engineering: it's not really engineering.

ByteKnight — Wed, 03 Sep 2025 09:12:50 +0000

There's no magical or tricky way to ask questions to a language model.

Even if you manage to craft a clever prompt, if you don't understand the answer, it's useless.

The most effective way to interact with an LLM is to genuinely understand the topic you're asking about.

Orbot for Android: Secure Your Traffic with Tor

ByteKnight — Tue, 02 Sep 2025 14:31:59 +0000

Orbot for Android: Secure Your Traffic with Tor

When we talk about privacy on mobile devices, Android often leaves users exposed. Apps constantly collect data, networks track your activity, and websites fingerprint your device. If you want to reduce your digital footprint, Orbot is a great starting point.

What is Orbot?

Orbot is a free and open-source proxy app for Android that routes your internet traffic through the Tor network. This means your traffic is encrypted and anonymized, making it much harder for anyone - your ISP, apps, or even governments - to track what you're doing online.

Why Use Orbot?

Anonymity → Orbot masks your IP address and routes traffic through multiple relays.
Censorship Circumvention → Access websites and services that may be blocked in your country or region.
Encryption → Secure your data on untrusted networks, like public Wi-Fi.
Integration → Works not only with the Tor Browser but can also proxy traffic from other apps.

How to Get Started

Download Orbot from Google Play.
Open the app and tap Start to connect to the Tor network.
(Optional) Configure your favorite apps to use Orbot as a proxy.
For browsing, pair it with the Tor Browser for Android for maximum privacy.

Final Thoughts

If privacy matters to you, Orbot is an essential tool in your Android toolkit. It won't make you invincible online, but it does raise the bar against surveillance, data collection, and censorship.

Don't Forget to Share Bandwidth

Tor only works because volunteers contribute bandwidth to the network. In Orbot, you can enable the option to act as a relay node, helping other users enjoy the same freedom and privacy you benefit from. If your connection and data plan allow it, consider sharing bandwidth - it makes the network stronger and faster for everyone.

🧅The Onion Router: How Tor's Layers Create Online Anonymity

ByteKnight — Mon, 01 Sep 2025 07:11:27 +0000

Unmasking Anonymity: A Deep Dive into Onion Routing and Tor

Ever wondered how it's possible to browse the internet anonymously? This video breaks down the fascinating technology behind onion routing, using Tor (The Onion Router) as a prime example. This technology isn't about encrypting your messages for confidentiality; it's about making it impossible for anyone to even know you sent a message in the first place.

How it Works: Layers of Secrecy

The core principle of onion routing is to bounce your connection through multiple intermediate computers, called nodes, before it reaches its final destination. In Tor's case, your connection takes a three-hop journey. But the real magic lies in the encryption.

Imagine your message as an onion. Before it's sent, it's wrapped in multiple layers of encryption, each with a unique key. As the message travels through the network, each node peels off one layer of encryption, revealing the next destination in the chain. This process continues until the final node, the "exit node", removes the last layer of encryption and sends your message to its destination. The response from the website you're visiting follows the same path in reverse, with each node adding a layer of encryption back on.

The Power of Anonymity

This clever system ensures that no single node in the network knows the entire path of your connection. The first node knows who you are but not where you're going. The last node knows your destination but not who you are. And the middle node? It knows neither.

The Trade-offs: Speed and Security

While Tor provides a powerful tool for anonymity, it's not without its drawbacks. The multiple hops and layers of encryption can slow down your connection. More importantly, it's not a silver bullet for all security concerns. If the website you're visiting doesn't use HTTPS, your data can be intercepted at the exit node. Additionally, sophisticated attackers who control both the entry and exit nodes of your connection could potentially de-anonymize you through traffic analysis.

In Conclusion

The video provides a clear and concise explanation of how onion routing and Tor work, highlighting both their strengths and weaknesses. It's a must-watch for anyone interested in understanding the technology behind Tor.

https://www.youtube.com/watch?v=QRYzre4bf7I&t=206s&ab_channel=Computerphile

Open Source is one person

ByteKnight — Fri, 29 Aug 2025 17:32:59 +0000

The article “Open Source is one person” by Josh Bressers explores a startling truth about the open source ecosystem: most open source projects are maintained by just one person.

🧩 Key Takeaways:

Scale of Solo Maintenance: Out of 11.8 million projects tracked by ecosyste.ms, around 7 million are maintained by a single individual. Many of the remaining projects lack maintainer data, suggesting the true number is even higher.
Popular ≠ Well-Resourced: Even among the most downloaded NPM packages (over 1 million downloads/month), nearly half are maintained by just one person. This trend persists across ecosystems.
Security & Risk: The real supply chain risk isn’t where a maintainer lives—it’s that they’re often underpaid, overworked, and unsupported. Demonizing developers based on nationality (as seen in a recent Register article) misses the point entirely.
Call to Action: Instead of scapegoating individual maintainers, the community should focus on supporting them. The author admits there’s no easy fix, but emphasizes that vilifying solo contributors is not the answer.

💡 Final Thought:

Open source powers the digital world—Harvard estimates its economic value at $8.8 trillion. Yet, much of it rests on the shoulders of individuals working alone. That’s the real vulnerability.

🔄 Syncthing: The Open‑Source Way to Keep Your Files in Sync

ByteKnight — Fri, 29 Aug 2025 15:20:04 +0000

Tired of juggling USB drives or trusting your personal files to someone else's cloud? Syncthing is a free, open‑source, peer‑to‑peer file sync tool that puts you in control. It's built for privacy 🔒, security 🛡️, and flexibility — and it works seamlessly across devices.

What is Syncthing? 💡

Syncthing connects your devices directly, syncing files without a central server. Whether you're keeping work documents aligned between your laptop and phone or sharing project folders with a team, your data stays private, encrypted, and entirely under your control. It runs on Windows, macOS, Linux, Android, and more — so your setup can be as simple or as cross‑platform as you like.

Why People Choose Syncthing

Privacy First – No third‑party servers. Your files never leave your devices, and all transfers are encrypted with TLS.
Open Source – Transparent, community‑driven, and licensed under the Mozilla Public License 2.0.
Flexible Syncing – Pick the folders, choose one‑way or two‑way sync, and enable versioning to keep older file copies.
No Accounts, No Subscriptions – Install, connect devices with a unique ID, and start syncing — no sign‑ups required.

How to Get Started 🚀

Download & Install – Grab Syncthing from syncthing.net for your desktop OS. On Android, find it on Google Play or F‑Droid.
Connect Devices – Each device gets a unique ID. Share it securely to link them.
Select Folders – Choose what to sync and set permissions (read‑only or read‑write).
Let It Run – Syncthing works quietly in the background, keeping your files up to date everywhere.

🛡 CrowdSec: Open‑Source, Crowd‑Powered Defense

ByteKnight — Thu, 28 Aug 2025 10:05:21 +0000

Tired of fighting cyber threats alone? CrowdSec turns security into a team sport. It’s a free, open‑source IDS/IPS and WAF that detects suspicious activity, blocks bad actors, and shares threat intel with a global community.

Why it’s different:

Crowdsourced protection – one detects, all defend.
Flexible remediation – block, challenge, or throttle threats at the right layer.
Cross‑platform – Linux, Windows, Docker, Kubernetes, and more.

How it works:

Detect attacks from logs and traffic.
Apply countermeasures.
Share intel with the network.

Get started:

curl -s https://install.crowdsec.net | bash

🔗 GitHub Repo

Yggdrasil Network — Join the Global Mesh

ByteKnight — Wed, 27 Aug 2025 08:45:10 +0000

The Yggdrasil Network is an experimental, end‑to‑end encrypted IPv6 overlay that links nodes into a self‑healing, decentralized mesh. It’s lightweight, transport‑agnostic, and operates without central servers — ideal for privacy‑minded networking, resilient communication, and experimentation.

⚡ Quick Connect

Once Yggdrasil is installed and running, you can join the mesh instantly by adding a public peer:

sudo yggdrasilctl addPeer uri=tcp://51.15.204.214:12345

You can also choose from the public peers list for more options.

🌍 Reaching Other Hosts in the Mesh

Find your Yggdrasil IPv6 address:

   ip addr

Look for the address starting with 20... (the mesh prefix).

Use that address to connect to other nodes directly. For example:

   ping 201:f095:565e:fe6c:a7f2:c641:ecad:78c1

💡 Tip: Once connected, you can run services bound to your Yggdrasil IPv6 for secure, mesh‑only access.

Farley on vibe coding

ByteKnight — Tue, 26 Aug 2025 09:32:57 +0000

In a video from the "Modern Software Engineering" channel, Dave Farley discusses why he considers "vibe coding" the "worst software idea of the year." He argues that this approach, which relies heavily on AI to generate code, misses the core purpose of programming.

According to Farley, programming is not just about writing code; it's about breaking down complex problems into precise instructions and communicating ideas effectively to other developers.

He identifies three key problems with AI-driven "vibe coding": the lack of precision in specifying requirements, the critical need for automated testing to verify the AI's output, and the difficulty of making incremental changes to the generated codebase. He concludes that successful software is defined by its ability to be easily changed, a characteristic that "vibe coding" fails to support.

https://youtu.be/1A6uPztchXk?si=Umn4h1PG6IWhDfOH

sshuttle

ByteKnight — Mon, 25 Aug 2025 11:00:07 +0000

sshuttle is a handy tool for routing traffic through an SSH server, acting like a lightweight VPN. It’s easy to use and doesn’t require admin rights on the remote host.

Example:

sshuttle -r user@remotehost 0.0.0.0/0

This command forwards all traffic through remotehost via SSH. Just replace user@remotehost with your actual SSH login.

More details here: https://github.com/sshuttle/sshuttle