It was already known before the whistleblower that:

1. Siri inputs (all STT at that time, really) were processed off device
2. Siri had false activations

The “sinister” thing that we learned was that Apple was reviewing those activations to see if they were false, with the stated intent (as confirmed by the whistleblower) of using them to reduce false activations.

There are also black box methods to verify that data isn’t being sent and that particular hardware (like the microphone) isn’t being used, and there are people who look for vulnerabilities as a hobby. If the microphones on the most/second most popular phone brand (iPhone, Samsung) were secretly recording all the time, evidence of that would be easy to find and would be a huge scoop - why haven’t we heard about it yet?

Snowden and Wikileaks dumped a huge amount of info about governments spying, but nothing in there involved always on microphones in our cell phones.

To be fair, an individual phone is a single compromise away from actually listening to you, so it still makes sense to avoid having sensitive conversations within earshot of a wirelessly connected microphone. But generally that’s not the concern most people should have.

Advertising tracking is much more sinister and complicated and harder to wrap your head around than “my phone is listening to me” and as a result makes for a much less glamorous story, but there are dozens, if not hundreds or thousands, of stories out there about how invasive advertising companies’ methods are, about how they know too much, etc… Think about what LLMs do with text. The level of prediction that they can do. That’s what ML algorithms can do with your behavior.

If you’re misattributing what advertisers know about you to the phone listening and reporting back, then you’re not paying attention to what they’re actually doing.

So yes - be vigilant. Just be vigilant about the right thing.

proven by a whistleblower from apple

Assuming you have an iPhone. And even then, the whistleblower you’re referencing was part of a team who reviewed utterances by users with the “Hey Siri” wake word feature enabled. If you had Siri disabled entirely or had the wake word feature disabled, you weren’t impacted at all.

This may have been limited to impacting only users who also had some option like “Improve Siri and Dictation” enabled, but it’s not clear. Today, the Privacy Policy explicitly says that Apple can have employees review your interactions with Siri and Dictation (my understanding is the reason for the settlement is that they were not explicit that human review was occurring). I strongly recommend disabling that setting, particularly if you have a wake word enabled.

If you have wake words enabled on your phone or device, your phone has to listen to be able to react to them. At that point, of course the phone is listening. Whether it’s sending the info back somewhere is a different story, and there isn’t any evidence that I’m aware of that any major phone company does this.

Sure - Wikipedia says it better than I could hope to:

As English-linguist Larry Andrews describes it, descriptive grammar is the linguistic approach which studies what a language is like, as opposed to prescriptive, which declares what a language should be like.[11]: 25  In other words, descriptive grammarians focus analysis on how all kinds of people in all sorts of environments, usually in more casual, everyday settings, communicate, whereas prescriptive grammarians focus on the grammatical rules and structures predetermined by linguistic registers and figures of power. An example that Andrews uses in his book is fewer than vs less than.[11]: 26  A descriptive grammarian would state that both statements are equally valid, as long as the meaning behind the statement can be understood. A prescriptive grammarian would analyze the rules and conventions behind both statements to determine which statement is correct or otherwise preferable. Andrews also believes that, although most linguists would be descriptive grammarians, most public school teachers tend to be prescriptive.[11]: 26

You might be interested in reading up on the debate of “Prescriptive vs Descriptive” approaches in a linguistics context.

You can run a NAS with any Linux distro - your limiting factor is having enough drive storage. You might want to consider something that’s great at using virtual machines (e.g., Proxmox) if you don’t like Docker, but I have almost everything I want running in Docker and haven’t needed to spin up a single virtual machine.

Wow, there isn’t a single solution in here with the obvious answer?

You’ll need a domain name. It doesn’t need to be paid - you can use DuckDNS. Note that whoever hosts your DNS needs to support dynamic DNS. I use Cloudflare for this for free (not their other services) even though I bought my domains from Namecheap.

Then, you can either set up Let’s Encrypt on device and have it generate certs in a location Jellyfin knows about (not sure what this entails exactly, as I don’t use this approach) or you can do what I do:

1. Set up a reverse proxy - I use Traefik but there are a few other solid options - and configure it to use Let’s Encrypt and your domain name.
2. Your reverse proxy should have ports 443 and 80 exposed, but should upgrade http requests to https.
3. Add Jellyfin as a service and route in your reverse proxy’s config.

On your router, forward port 443 to the outbound secure port from your PI (which for simplicity’s sake should also be port 443). You likely also need to forward port 80 in order to verify Let’s Encrypt.

If you want to use Jellyfin while on your network and your router doesn’t support NAT loopback requests, then you can use the server’s IP address and expose Jellyfin’s HTTP ports (e.g., 8080) - just make sure to not forward those ports from the router. You’ll have local unencrypted transfers if you do this, though.

Make sure you have secure passwords in Jellyfin. Note that you are vulnerable to a Jellyfin or Traefik vulnerability if one is found, so make sure to keep your software updated.

If you use Docker, I can share some config info with you on how to set this all up with Traefik, Jellyfin, and a dynamic dns services all up with docker-compose services.

Look up “LLM quantization.” The idea is that each parameter is a number; by default they use 16 bits of precision, but if you scale them into smaller sizes, you use less space and have less precision, but you still have the same parameters. There’s not much quality loss going from 16 bits to 8, but it gets more noticeable as you get lower and lower. (That said, there’s are ternary bit models being trained from scratch that use 1.58 bits per parameter and are allegedly just as good as fp16 models of the same parameter count.)

If you’re using a 4-bit quantization, then you need about half that number in VRAM. Q4_K_M is better than Q4, but also a bit larger. Ollama generally defaults to Q4_K_M. If you can handle a higher quantization, Q6_K is generally best. If you can’t quite fit it, Q5_K_M is generally better than any other option, followed by Q5_K_S.

For example, Llama3.3 70B, which has 70.6 billion parameters, has the following sizes for some of its quantizations:

• q4_K_M (the default): 43 GB
• fp16: 141 GB
• q8: 75 GB
• q6_K: 58 GB
• q5_k_m: 50 GB
• q4: 40 GB
• q3_K_M: 34 GB
• q2_K: 26 GB

This is why I run a lot of Q4_K_M 70B models on two 3090s.

Generally speaking, there’s not a perceptible quality drop going to Q6_K from 8 bit quantization (though I have heard this is less true with MoE models). Below Q6, there’s a bit of a drop between it and 5 and then 4, but the model’s still decent. Below 4-bit quantizations you can generally get better results from a smaller parameter model at a higher quantization.

TheBloke on Huggingface has a lot of GGUF quantization repos, and most, if not all of them, have a blurb about the different quantization types and which are recommended. When Ollama.com doesn’t have a model I want, I’m generally able to find one there.

You said, and I quote “Find a better way.” I don’t agree with your premise - this is the better way - but I gave you a straightforward, reasonable way to achieve something important to you… and now you’re saying that “This is a discussion of principle.”

You’ve just proven that it doesn’t take a moderator to turn a conversation into a bad joke - you can do it on your own.

It’s a discussion of principle.

This is a foreign concept?

It appears to be a foreign concept for you.

I don’t believe that it’s a fundamentally bad thing to converse in moderated spaces; you do. You say “giving somebody the power to arbitrarily censor and modify our conversation is a fundamentally bad thing” like it’s a fact, indicating you believe this, but you’ve been given the tools to avoid giving others the power to moderate your conversation and you have chosen not to use them. This means that you are saying “I have chosen to do a thing that I believe is fundamentally bad.” Why would anyone trust such a person?

For that matter, is this even a discussion? People clearly don’t agree with you and you haven’t explained your reasoning. If a moderator’s actions are logged and visible to users, and users have the choice of engaging under the purview of a moderator or moving elsewhere, what’s the problem?

It is deeply bad that…

Why?

Yes, I know, trolls, etc…

In other words, “let me ignore valid arguments for why moderation is needed.”

But such action turns any conversation into a bad joke.

It doesn’t.

And anybody who trusts a moderator is a fool.

In places where moderator’s actions are unlogged and they’re not accountable to the community, sure - and that’s true on mainstream social media. Here, moderators are performing a service for the benefit of the community.

Have you never heard the phrase “Trust, but verify?”

Find a better way.

This is the better way.

Then why are you doing that, and why aren’t you at least hosting your own instance?

Yes, I know, trolls etc. But such action turns any conversation into a bad joke. And anybody who trusts a moderator is a fool.

Not just trolls - there’s much worse content out there, some of which can get you sent to jail in most (all?) jurisdictions.

And even ignoring that, many users like their communities to remain focused on a given topic. Moderation allows this to happen without requiring a vetting process prior to posting. Maybe you don’t want that, but most users do.

Find a better way.

Here’s an option: you can code a fork or client that automatically parses the modlog, finds comments and posts that have been removed, and makes them visible in your feed. You could even implement the ability to reply by hosting replies on a different instance or community.

For you and anyone who uses your fork, it’ll be as though they were never removed.

Do you have issues with the above approach?

As a user, you can:

• Review instance and community rules prior to participating
• Review the moderator logs to confirm that moderation activities have been in line with the rules
• If you notice a discrepancy, e.g., over-moderation, you can hold the mods accountable and draw attention to it or simply choose not to engage in that instance or community
• Host your own instance
• Create communities in an existing instance or your own instance

If you host your own instance and communities within that instance, then at that point, you have full control, right? Other instances can de-federate from yours.

I recommend a used 3090, as that has 24 GB of VRAM and generally can be found for $800ish or less (at least when I last checked, in February). It’s much cheaper than a 4090 and while admittedly more expensive than the inexpensive 24GB Nvidia Tesla card (the P40?) it also has much better performance and CUDA support.

I have dual 3090s so my performance won’t translate directly to what a single GPU would get, but it’s pretty easy to find stats on 3090 performance.

The above post says it has support for Ollama, so I don’t think this is the case… but the instructions in the Readme do make it seem like it’s dependent on OpenAI.

Are you saying that NAT isn’t effectively a firewall or that a NAT firewall isn’t effectively a firewall?

Is there a way to use symlinks instead? I’d think it would be possible, even with Docker - it would just require the torrent directory to be mounted read-only in the same location in every Docker container that had symlinks to files on it.

Depending on setup this can be true with Jellyfin, too. I have a domain registered, use dynamic DNS, and have Traefik direct a subdomain to my Jellyfin server. My mobile clients are configured using that. My local clients use the local static IP.

If my internet goes down, my mobile clients can’t connect, even on the LAN.

Apparently there’s a vulnerability with sending messages with images in them and “she” might be logging people’s IP addresses through that.

If the images are hosted on your instance, this wouldn’t be relevant. If they’re links to an image hosted somewhere, this is possible, but there’d be a lot of noise and not much value. To link accounts to IPs the URLs would themselves need to be different

I checked the urls to the images in my PMs and they’re all hosted on Lemmy.

Under notes, where you said my name, did you mean “Hedgedoc?”

From the feature comparison at https://github.com/meichthys/foss_note_apps only two FOSS apps support handwriting: Joplin (with a plugin) which gets a subjective 6/10 score, and TriliumNext, which gets a subjective 2/10 score. I personally dislike Joplin but many people love it, so I recommend giving it a shot. EDIT: I installed Joplin using the APK from the site and both the handwriting and Excalidraw plugins were “not available on mobile,” so I have to rescind my recommendation. On my iOS device, the plugins didn’t even show up in the search.

I think TriliumNext is great, but the mobile experience is still lacking (though they are tracking several issues to improve here). There’s no dedicated mobile app but they at least have a PWA. It also needs to be self-hosted, but doing so is straightforward if you’re already using Docker. The handwriting is done via a built-in Excalidraw integration.

Here are some options not captured in that list:

Obsidian is not open source, but also has an Excalidraw plugin. I’ve not used it yet but I’ve seen multiple discussions saying that it’s very well done and has additional functionality on top of base Excalidraw. There’s also an open source (MIT) plugin for Obsidian that adds support for handwritten notes. I only use Obsidian on my work computer and haven’t used it either, though I plan to install the Excalidraw plugin Monday.

StylusLabs Write is FOSS (AGPL 3.0), multiplatform, and has a free Android apk available. Note that the Google Play version has had updates suspended. I just learned about it and don’t know how it otherwise measures up. I’m planning to check it out, though.

You can use any note app that has Excalidraw support, so long as you don’t need your handwritten text to be OCRed. That means that the following are all options:

• The Nextcloud Excalidraw integration
• Standard Notes, using https://github.com/nienow/sn-excalidraw (or if you pay for Standard Notes, official Excalidraw editor)
• The Excalidraw PWA
• A self-hosted fork of Excalidraw with Firebase replaced with something else (see https://github.com/beltebelt/excalidraw for an example)