I’m not sure what better choice there is if you want strong decentralization/federation… every attempt so far has been met with moderation woes whose solution is just… more centralization (mjolnir/shared ACLs/blocklists/etc.).

Or you can use unmodified latest chrome/firefox with One-Core-API

I just use a network share to copy files from the host, and don’t have a default gateway, that way I don’t risk having an open internet connection in the VM.

They might be able to identify specific known large VPN providers, but as a concept, you technically can’t just blanket block all “VPNs”.

If I don’t know what your code is doing, and I can’t modify it, I don’t want it.

To be fair, 99% of the world population do not share this viewpoint.

I thought whisper was for the opposite… speech to text.

https://github.com/myshell-ai/MeloTTS works well for me

I like the attention to sandboxing/security that web apps are given, the ease of updating, and that the UI design is easier/more accessible (many more web devs than anything else) than traditional apps, but I still prefer the speed, size and light (memory) weight of native apps.

Yes but even curl easily passes those tests by default, regardless of the user-agent. I guess I’m just skeptical of how much effect it really has in the real world… you see a lot of people saying “oh yea it works great”, but they don’t tell you what the before and after bot traffic actually was.

Happen to be proven wrong though if anyone has some hard data.

Isn’t that going to be basically every president on earth? Unless you happen to be a president yourself or something.

Yes but it doesn’t actually do any work or verify anything… crawlers could follow the refresh URL immediately and get right through. And I’m skeptical that not having to actually solve a PoW could make a meaningful difference, especially if the delay from the meta refresh can be easily bypassed.

non-JS

WebAssembly

Erm… technically correct I guess? But disappointing. Other solutions let you run a local command to generate the response and then paste it into a form.

I sortof understand the argument that it can look like what some malware does, but I feel like there should be an easy fix for that, like maybe just label it as an “advanced user” feature or something, so at least it’s still available. I just feel like requiring wasm is a step in the wrong direction and even moreso shuts out legitimate users that don’t have/enable wasm on their browser.

I don’t understand how/why this got so popular out of nowhere… the same solution has already existed for years in the form of haproxy-protection and a couple others… but nobody seems to care about those.

Extensions themselves are also frowned upon by privacy advocates because anything that modifies or restricts the DOM/javascript/etc. can itself be detected and used as yet another data point to identify someone.

No anti-fingerprinting method currently in use can evade creepjs to my knowledge. And that EFF site has its own issues… it only tests uniqueness across other visitors the site has seen before, and not all possible combinations of data points.

Even if your boards are made in the US, aren’t the machines they use made overseas anyway? Doesn’t seem very scalable to me.

what does trade and tourism have to do with work visas?

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest/onBeforeRequest

https://www.geeksforgeeks.org/html/how-to-intercept-http-requests-in-web-extension/

not a single mention of notcurses-demo

userscripts like tamper/grease/violentmonkey should be able to do it