Whatever the format, let’s hope it doesn’t end up having the extension .map

(minor attracted persons aka PDF file joke)

Wow, this is awesome, thanks!

Unless you know specifically what they’re adding or changing this wouldn’t work. If they have a hidden ‘barcode’ and you add another hidden ‘barcode’ or modify the image in a way to remove some or all of theirs, they’d still be able to read theirs.

You should spread that idea around more, it’s pretty ingenious. I’d add first converting to B&W if possible.

This is a great point. Image watermarking steganography is nearly impossible to defeat unless you can obtain multiple copies of the ‘same’ file from multiple users to look for differences. It could be a change of a single 5-15 pixels from one rgb code off.

rgb(255, 251, 0)

to

rgb(255, 252, 0)

Which would be imperceptable to the human eye. Depending on the number of users it may need to change more or less pixels.

There is a ton of work in this field and its very interesting, for anyone considering majoring in computer science / information security.

Another ‘neat’ technology everyone should know about is machine identification codes, or, the tiny secret tracking dots that color printers print on every page to identify the specific make, model, and serial number (I think?) of the printer the page was printed from. I don’t believe B&W printers have tracking dots, which were originally used to track creators of counterfeit currency. EFF has a page of color printers which do not include tracking dots on printed pages. This includes color LaserJets along with InkJets, although I would not be surprised if there was a similar tracking feature in place now or in the future “for safety and privacy reasons,” but none that I am aware of.

It’s not, technically, but if I have sensitive documents on my phone and a law officer is trying to get me to unlock my phone, I will be entering and/or putting the duress code into my phone. GrapheneOS has ‘lockdown’ button by ‘restart’ and ‘shutdown’ all of which will require a passphrase to unlock, even if you normally have fingerprint enabled for X hours each time of use.

So it’s semi-related in that GrapheneOS protects against this type of attack.

It’s new as of about 1-2 months ago.

Passcode. Not fingerprint.

Unfortunately that wouldn’t work as this is information inside the PDF itself so it has nothing to do with the file hash (although that is one way to track.)

Now that this is known, It’s not enough to remove metadata from the PDF itself. Each image inside a PDF, for example, can contain metadata. I say this because they’re apparently starting a game of whack-a-mole because this won’t stop here.

There are multiple ways of removing ALL metadata from a PDF, here are most of them.

It will be slow-ish and probably make the file larger, but if you’re sharing a PDF that only you are supposed to have access to, it’s worth it. MAT or exiftool should work.

Edit: as spoken about in another comment thread here, there is also pdf/image steganography as a technique they can use.

I thought it looked recent B&W but glad to have confirmation. clothes and hairstyles would surprise me if 80s

Funny, we get more complaints about DuckDuckGo browser than anything else, and that’s one of the few we don’t test on. I know this because I make it a point to have someone from CS tell me about consistent pain points users are having. I wonder how many complaints about Firefox not working your customer service team is getting daily and you just don’t hear about it because they’ve been told to tell users “just say Firefox isn’t a supported browser and to try installing Chrome.”

You should ask someone in CS. Whichever agent bullshits the least (not the manager) - you might learn something.

Almost 3/10 people accessing your sites are using Firefox. All those “images not loading right or whatever” are probably blatant to them, making them think “wow, what an absolute shit website.”

3 out of 10.

Those were your words – you said you would notice a shift like that and adapt, which to me is saying you think you could undo the harm once you noticed it. Maybe you worded it wrong.

Yes, Edge has transitioned to using their own forked version of Chromium under the hood, but they make enough changes that it’s necessary to test for. It’s not like Cromite that takes Chromium and removes some things and change configs. They modify core components of the engine itself.

“I have PERSONALLY spoken to GOD, and HE said I FORGIVE YOU, MY CHILD!”

“Amen!”"Amen!“Amen!”“Amen!”

At that point its out of your hands. Once the users have fully decided only one browser is all they’re going to use, because most websites only develop for that browser (gee sound familiar?) then whoever owns that browser owns the web. That’s the point people are trying to get you to understand and you aren’t getting.

its not like we wont notice a shift like that. It would be very easy to adapt

This has has happened before. It took over a decade to get people to start using other browsers. Your little company can’t wave a magic wand and make the entire internet ecosystem shift, even though you were part of the cause.

Firefox market share is going up. But because small vendors not testing on it, it’s preventing its adoption. So you’re letting Google own the web.

The number of Edge users is only a few % more, do you skip that too? Just check Chrome and Safari and call it a day?

As someone that uses only Firefox and knows others who do, this really surprises me. If a website is broken on Firefox then it’s shitty webdev work and I’ll find another store.

I think it’s not humiliating, but if you know someone, you should have some idea what they like/their interests are. Getting a small gift that fits them shows that you spent at least a small amount of time and thoughtfulness picking out or making the gift. If you don’t know the person, sure, cash/gift card.

Although I think it’s becoming less common to have the space or ‘the time’ (but we could prob all spend 30 mins less each day doing nothing on our phones) so giving physical actual gifts are becoming less common, and also due to the economy the idea of ‘mandatory days of gift giving’ is a bit off-putting. People love getting personalized gifts from people who create things, but far less people today ‘have time’ to learn a hobby where they create things in physical space.

Less “Fuck you here is $10” and more “Here is $10 as agreed upon by the social contract unwritten by the masses who came before us, I didn’t have any clue what you might like or want and didn’t think to ask.”

Some people gladly prefer cash/card. I am one of those people. We will make that known well ahead of time.

Much of the tine they’re Indian pharmaceuticals which are easier to obtain, but still highly faked. There are reaction agent results for all the major medications, but sometimes the binders do interfere with them even if legitimate.

Since its servhold, you may be able to remove the offending content (for a short time, anything public-facing) and then contact reg.xyz to get it unsuspended. You’re right though that’s not very good customer service.

On a related note, it’s possible a misconfiguration allowed some of the contents or index to be shown publicly and it got caught in a search engine and was taken down in an automated DMCA sweep. I believe .xyz is an American registrar so have to respond to DMCA but could be wrong on that. I like to stay with any .TLD that archive uses… md, ph, etc.

https://help.sav.com/hc/en-us/articles/11933048624923-Resolving-serverHold-on-Your-Domain

Njalla just buys domains from major registrars on your behalf and owns them on your behalf. Godaddy, Tucows, etc. It was the owner of the entire .xyz space (gen.xyz) who shut your domain down. Njalla is just passing along the info. Porkbun will do the same.