windy.com with a VPN in a private browser window. They can’t track you if they don’t know where you are!

I knew that motion sickness is triggered by frequent starts and stops and frequent turns, but even I was not aware of how big a contribution the engine vibration makes until I got to experience a ride without it.

I was apprehensive about EVs but the first time I rode in one I immediately fell in love with it. I get carsick easily, and the super-smooth ride without the chug-chug-chug of an internal combustion engine made the experience surprisingly much more pleasant for me. I do not use a car, but if I had to buy one, I don’t think I could ever stomach an ICE again knowing that this alternative is available.

Can’t access the article, but wasn’t China the one most vulnerable from the Malacca Strait being a chokepoint? As in, their trade towards Europe and fuel from the Middle East being potentially threatened? How does Thailand pitching to the US make sense then? How would a Thai bypass even increase security, since both routes are in the same area and can be equally blockaded? There aren’t any problems with throughput capacity at Malacca, unlike say at the Panama Canal. Maybe it will make the travel distance slightly shorter, but is there really any way it could ever be cost-effective to offload and reload ships for a few hundred kilometers savings?

I want people to be able to report bugs without any trouble.

Thank you for being aware! I’ve experienced this on github.com. I’ve tried to submit issues several times to open source projects, complete with proposed code to solve a bug, but github shadowbans my account 6 hours after creating it (because I use a VPN? a third-party email provider? do not provide a phone number? who knows). I can see the issue and pull request when logged in, but they only see a 404 on their project page even if I give them a direct link. I ended up sending them a screenshot of the issue page just to convince them this was even possible. Sad to hear gitlab does it even worse now by making phone mandatory.

far more maddeningly, some sites tell me that my username and password combo are incorrect when I’m using a VPN

Brb, gonna wiretap the judge’s house. It’s not a crime as long as I don’t act on the information I hear so there is no injury.

The list of tor exit ips is publicly viewable. Some IPS block the entire list contrary to Tor Project’s request not to do exactly that.

I assume this “VPN Server” that they can see is the “entry node”, and not the “exit node” (i.e. my IP as seen by the world) - but never got a clear answer to that

Traditionally, the entry node and the exit node have been the same VPN server/ip. In that sense, your ISP does know the IP of your exit server, since they are the ones connecting you to it.

For example, your X ISP’s logs could show “At 15:00, user #123 connects to IP 1.2.3.4, which lookup shows is assigned to “CheapVPNs Ltd”. At 15:01 our email server received 1,000,000 emails from IP 1.2.3.4 all angrily complaining about how “X ISP sucks”. Correlation implies user #123 is responsible for the mail bomb attack against our servers.”

At the moment, Mullvad specifically does use different entry and exit IPs, but they are all still located in the same datacenter and subnet. That is, you could be connecting to a Mullvad VPN server 1.2.3.4, 1.2.3.5, or 1.2.3.6 in London, and they all exit out through 1.2.3.1 in London. This is just something Mullvad does. Other VPN services may not do it and Mullvad hasn’t done it in the past. Someone analyzing ISP logs could correlate these IPs if they really wanted to.

Mullvad also offers “multihop”, but the way they have it implemented currently (changing the destination port number), an ISP could still deduce your exit IP if they bother looking up records of Mullvad network structure (which are publicly available), since they know the IP number and the port number of your entrance node.

The only way to hide your VPN exit IP from your ISP currently is to use multiple VPN services and nest them inside each other (or use one service and nest it inside itself using the “multiple devices” perk). Then only a state-level actor could hope to correlate your traffic by monitoring the ingress/outflow of multiple IPs simultaneously.

Piped/invidious work by scrapping the video chunks directly from google and proxying them through volunteer servers. They will stop working as soon as google gets around to locking down the APIs that they are abusing, or blocks their server IPs.

This is like that Key and Peele sketch where they rob the bank by working in there for 20 years.

That’s why Google is pushing hard their Web Environment Integrity. It’s DRM for the browser! They want the TPM chip in your computer to attest that the code running processing the video stream is authentic. Then you can’t slice out the ads because you do not have physical access to the inside of TPM. With HDCP encryption on the HDMI video output, you gonna need to point a literal video camera at the physical screen to DVR the video and slice out the ads later.

They’ve been working hard for decades to lock down the video pipeline with TPM and HDCP and now WEI. They said “don’t worry about it” and we let them. They are really close to snapping the trap shut!

Now please excuse me, my tongue is falling off with all the acronyms…

We are totally gonna get DVRs back, aren’t we 🤣?

The US bans all of it, while Japan has an exception for drawings

Absolutely incorrect. You are thinking of Canada or UK. In US, drawings are fine. Rather it is photorealistic depictions “indistinguishable from that of a minor” that are prohibited, almost presciently pre-empting techniques like deepfake and stablediffusion by 20 years, a rare win by legislators.