Exit 86

Say No to Privacy Defeatism

Exit 86 — Wed, 25 Mar 2026 00:00:00 +0000

I think the current situation needs no introduction if you've found yourself here. Internet privacy is in danger with ID verification being strongarmed into just about every public service on the internet whether by law or by corporations themselves and, understandably, people are pissed. Moreover, both big tech and our governments are increasingly hellbent on destroying our digital freedoms with every year, extending well beyond just ID verification. Many people, including a very statistically likely you, are trying to find out what to do now, whether to comply with our digital overlords or get themselves started on a long-overdue journey of reclaiming their freedom.</p>

For many of you, it's hard to come to terms with how bad things are in terms of internet freedom and privacy. At this point, some of you probably weren't even born yet when the Snowden files were released. As you're probably aware of in at least some capacity, our digital activity has been watched for decades at a scale probably incomprehensible to us by now by both our governments and the Big Tech corporations. Try PRISM</a>, XKEYSCORE</a>, BULLRUN</a>, or DISHFIRE</a> on for size. All of these are warantless surveillance programs concocted by the USA's very own National Security Agency under the guise of "preventing terrorism" while also flying in the face of every US resident's 4th amendment rights, while partnering with other intelligence agencies to surveil their countries too. The time for all of us to start protecting our privacy and freedom online came long ago but it's not gone. Not yet.</p>

"But I have nothing to hide!"</h2>
First off, you do have things to hide. If you have nothing at all to hide because you're such a good person, send me all your login creds, all of your personal documents, your phone number, your address, credit card(s) and so on</a>. I'll update this page when one of you proves you truly have nothing to hide.</p>
More importantly, warrentless dragnet surveillance doesn't really help anyone, especially when virtually all global law enforcement is corrupt to the core. Remember that the governments telling you to think of children's internet safety are doing absolutely fuck all to prosecute Epstein's clients in one of if not the biggest child sex abuse cases of the century. Remember that the biggest player in this astroturfed lobbying movement</a> (a more digestible version if you don't need full detail</a>) to destroy any digital rights you have left is none other than Meta themselves. If you somehow don't recognize them somehow, that's Facebook Meta. Instagram Meta. WhatsApp Meta. Constantly</a> under</a> fire</a> for</a> failing</a> to</a> protect</a> users</a> and especially children on their own fucking platforms Meta. Same company that thinks it has ANY right to dictate your digital life in the name of protecting children.</p>
And even if the governments of the world and our Big Tech overlords at the likes of Meta are the benevolent forces defending end user safety by any means necessary, do you trust that data to stay in their hands only? There is no such thing as a back door or point of data for only the good guy, and when we already have a new breach resulting in identity theft and credit card fraud just about every week, I know I wouldn't. Either you or somebody you know is extremely</em> likely to have had their information leaked in a company's security breach. Security breaches will always happen, for as long as there is software. There is no way around this, and when there's more breaches than ever in the world, do you really</em> want to be putting out even more information to get stolen?</p>
The more you comply with the destruction of internet freedom, the more it will get worse. The slippery slope is real.</strong> Just because our governments and tech companies operate under the guise of protecting children and defending against terrorism doesn't mean it's justified. They start with "protect the children". Then they move to "stopping degeneracy" by making pornography more difficult to access (see the UK's OSA, effectively creating/pushing users into an unregulated market). Then they slowly start putting it into everything else once it's become more accepted, as if nothing happened. It never was about protecting the end user and it will never stop getting worse as long as people keep complying. There is no acceptable amount of warrantless surveillance and there is no reasonable level to which IM platforms can introduce ID verification and mandatory data collection.</p>

"It's not like we can even do anything"</h2>
I understand most of you will begin to violently convulse at the mere thought of changing any of your daily habits, but please, stay with me here. If you want change, YOU must help make it happen. Instead of using spyware platforms like Discord and Windows, consider a switch to XMPP and Linux. Keep in mind that you don't have to throw away your audience on the platforms you leave. If anything, it's better to keep it! One of the most common reasons I see people giving for staying in their mainstream, surveillance-addled ways is that there's nobody they know on the privacy-respecting platforms. You're allowed to be in more than one place at once and you dont have to lock yourself in with network effect. Instead of going scorched earth on your mainstream presence, use it to your advantage and convince your friends to follow you to the new places, advising them to do the same as you've just done and take as many pepole as they can with them too. Rome wasn't built in a day.</p>
And if it wasn't already obvious, PARENT YOUR FUCKING KIDS! It isn't the state's nor any tech company's responsibility to parent your child for you. They obviously should be taking measures to keep underage users safe by removing predators where possible, but not in lieu of parents actually doing their job and not leaving their children completely unsupervised online and uneducated on internet safety.</p>
Conclusion</h2>
Remember that perfection is the enemy of all progress. Things aren't going to immediately become great, but it's on YOU</em> to help push us there. I'm sorry for the condescending tone in some parts of this but people like me have been trying to get people to care about this to no avail and it sucks seeing people only wake up after it's too late.</p>
Also, don't be afraid to ask for help! We were all new to caring about privacy at one point, and most people would be happy to help you out in reclaiming your digital freedom. If you have questions join my group (Discord</a>, XMPP</a>, IRC</a>) and ask away. You should join the Non-Compliance Pact</a> too if you have a website.</p>
Also also to all zero people that check this site regularly or subscribe to the feeds, I swear I'll start writing more interesting things soon instead of just articles about tech freedom. I have limited time to write blog posts with and when things keep coming up in terms of privacy infringements with so few good places to start for normal people, that kinda has to take priority over me writing out and uploading 2000 words about why the PlayStation 3 is the Second Coming of Christ or why GTA IV sucks.</p>

'Discord Alternatives'

Exit 86 — Mon, 16 Feb 2026 00:00:00 +0000

Introduction</h2>
By now, I think everybody reading this has heard that Discord will be requiring ID verification for a large amount of features, so I'll skip the news. Right now, it seems like everybody is looking for a sane backup plan for when Discord starts pushing this to everybody. I've seen a lot of names get thrown around so far over a variety of platforms, and most of these options are not very good. I believe XMPP and Mumble are the best way to go forward, with maybe some other platforms to supplement the two. While it does suck that not everything can be 1:1 replaced that well, this is the best we have, and in some cases we're better off just leaving features behind.</p>
STOaT/Revolt, Valour, Root, Nerimity, etc</h2>
All of these are pretty clear clones of Discord. I see these get thrown around more than anything else, probably because of how similar their UIs and (intended) featuresets are to Discord's. Most of these are open source, but almost all of these have the same problems. They're all lacking end to end encryption (Valour claims to be planning E2EE, whether this happens or not is yet to be found out) and are centralized.</p>
While it is convenient at times, centralization is incredibly bad for a messaging network. You can't run your own server as part of the network to have control of your data, so everything lives on the master server. When the main, official servers go down, everything goes down. It also makes it possible for the service to corrupt one day and implement the ID checking you once sought to escape. Server software is often open source but I've yet to see a client for any "true" Discord clone be designed in a way that would work with multiple servers at once, and again, you can't connect your own server to form a greater network.</p>
SMS/MMS</h2>
Please, I beg you, just don't. Whatever's wrong with you, I cannot fix with just this article.</p>
Telegram</h2>
Telegram is centralized, requires a phone number, and lies a lot about a privacy a lot. End to end encryption is only present in specifically encrypted conversations on mobile clients. Because of this, it immediately goes in the garbage.</p>
Signal</h2>
Signal is well known for their strong security practices, and while these are for the most part true, that can only be said for now. The problem is that Signal is centralized, so there's nothing stopping them from going rogue on server side. It also requires a phone number, which is definitely reason for concern. It's encrypted, which is an improvement over Discord for sure, but still far from ideal.</p>
Also, Signal is encrypted everywhere</em>. Encryption is good for private communication, but causes problems while solving nothing in public communities, which is a major part of what people used Discord for.</p>
Matrix</h2>
Matrix (especially big rooms) break constantly and even small servers are incredibly heavy. I used to believe in Matrix and would push it as the solution to Discord, but it's been years and things have somehow only got worse in that time. I no longer have any hope in this protocol. As much as the developers claim to have fixed room state problems, they keep coming back worse than the last time again and again. In my experience, every part of it is constantly finding new ways to fail on you. It also works like absolute shit on anything even close to a spotty connection, a problem not felt nearly as much on XMPP and IRC.</p>
IRC</h2>
IRC is pretty much the old reliable of internet communication. It's probably older than most people reading this article, and still active and improving to this day. It's lightweight on both server and client side. I think IRC is good for large, public communities, but it lacks end to end encryption (unless you want to use OTR or whatever, which very few clients support), which makes it very bad for privacy. IRC is also centralized, though MOST (with the exception of Senpai, Gamja, and Goguma if you don't use Soju) clients are designed to make using multiple IRC networks/servers easy. IRC is a bit dated and lacks many features though, so it does take some getting used to coming from Discord, and you will probably need a bouncer.</p>
XMPP</h2>
XMPP is, as of the time I'm writing this, the only viable all-purpose messenger. It has (most) of the features one needs for text chat; media upload, text reactions, replies, end to end encryption, and so on. Hosting your own server is also fairly light on resources, a bit heavier than IRC and far</strong> lighter than Matrix. The main problem in XMPP is its client ecosystem, though that has been improving more than ever lately. Most clients are also lacking in the voice/video department sadly, so I suggest using Jitsi or Mumble (depending on your needs) in tandem with XMPP until multi-user calling is more common.</p>
XMPP being decentralized and allowing all servers to join together in one network lets anybody run their own part of the network, giving you full control over your data and still allowing you to talk to people on their own servers, kinda like e-mail. This also means XMPP couldn't try to make you give over your ID if it wanted to. If a server tried it, you could either move to a different one or host your own.</p>
Conclusion</h2>
Text: XMPP for most cases, IRC if you only care about building communities and don't need DMs or anything.</p>
Voice/Video: Mumble and Jitsi/Screego/whatever you want for screenshare or video if needed.</p>
See also: Jabber - GS.XYZ</a></p>
There's a lot of IM software out there, so I might do a part 2 of this if needed.</p>

Fuck Kernel-Level Anticheat

Exit 86 — Thu, 29 Jan 2026 00:00:00 +0000

Before I start off this blog post, I'd like to apologize to any former viewers for my site and services being gone for so long. My old website was a piece of shit and needed to go, but I couldn't get this one in a way I wanted for a while. Sorry about all that, I'll try to have actually usable stuff now. Most of my old services are back online with the rest getting worked on. Old blog posts have been wiped because they sucked anyways.</p>
Anyways, back to your regularly scheduled nerdbabble.</p>
Introduction</h2>
Cheating has been a problem in online gaming for about as long as anyone can remember. I think most people reading this can agree that cheating in multiplayer isn't a good thing. That said, I think the problem of intrusive anticheats is far greater than the problem of cheaters themselves. And this isn't coming from someone who's never dealt with cheaters in games. I was there at the peak of Sniper bots in Team Fortress 2 spinning around like Beyblades and killing you from across the map, I've played plenty of Black Ops 2 in lobbies with people using mod menus, and I've seen CS:GO wallhackers. I know it sucks, but kernel-level ACs are not a good solution for anything reaching normal players. The only situation I can see them being even remotely permissible is in LAN tournaments and such.</p>
What is kernel-level anticheat?</h2>
Kernel-level anticheat, unsurprisingly, operates in the kernel space of an operating system. While this part is obvious, if you're actually reading, you likely have no clue what that means. The "kernel" of an operating system is the part that talks to your hardware (like your processor, monitors, RAM, network card, etc). On Windows, the kernel is called NT. On MacOS, it's XNU. On Linux-based systems, it's Linux. All modern operating systems that actually matter divide everything between "kernel space" and "user space". Kernel space handles the kernel and all of its jobs, while user space is where all your other software goes, like web browsers, games, messaging apps, and whatever other stuff you might be running. Maybe this graph will do a better job explaining roughly how this works if I'm not coming through right:</p>

These two "spaces" talk to each other, but kernel space takes higher privilege than user space since it directly talks to the hardware and handles communication between the two. Back to the topic of anticheat software, this is where kernel-level ACs actually work. By operating in kernel space, the anticheat gets access to ~everything on your computer when the anticheat is running with the (marketed) goal of stopping you from cheating in game. Note that I did not say "when the game is running", I said "when the anticheat" is running. Kernel level ACs usually require that you run them from boot until when you stop playing, so if it's not running from when you boot, you have to reboot with it enabled and *then* play. </p> </div>
While yes, this theoretically gives the AC more power to detect cheating, this neither makes it inherently better at picking up on cheats nor does it justify granting that much access to a kernel blob you have no real reason to trust.</p>
Shady Vendors</h2>
Running things in your kernel from often dubious sources, as I just said, gives that program (and by extension, its developers) as much access as you can possibly give to a piece of software, and of course, gets abused. The single biggest example of this I can remember happened all the way back in 2013 on ESEA. In April 2013, ESEA's anticheat client was updated to start mining Bitcoin</a> on every install of the client, which of course was removed, discovered, and then played off as a mistake.</p>
While yes, not all kernel ACs will try to pull some shit like this, it's something you should definitely take into consideration when you play a game using this type of AC or defending the use of them.</p>
Security</h2>
Even if you put 100% trust in the anticheat developers that they will never include ANYTHING malicious in their AC, no program is perfect. Vulnerabilities happen in everything given enough time, no matter what gets put on the marketing page. Shit happens, and when it does, you don't want it happening in THE most privileged part of your operating system. While yes, this does go for the rest of the kernel, the first party parts of the kernel and its drivers are A) invariably held to a higher standard than something like Vanguard, Javelin, or Ricochet is, and B) are largely maintained as one, constantly getting the security updates they need. The kernel and its modules usually (with the main exception of NVIDIA's god-awful Linux drivers, which even then shouldn't</em> introduce nearly as much of a risk) are maintained for as long as you're using that system or installation of the operating system. When a game using a kernel AC falls out of support or the developer just stops caring, what happens then? You're just fucked! If you want to keep playing your game, you'll have to keep running with potential vulnerabilities that probably would exist by then at the kernel level. Or even worse, nothing will work AT ALL because your anticheat doesn't work on the latest kernels.</p>
For example, you might remember the CrowdStrike incident of 2024. While it may have not been an anti-cheat for some online game, it did happen due to misuse of kernel space. ONE fuck up in Falcon Sensor led to an estimated 8.5 million BSoDs</a>, causing flights to get canceled and affecting 60% of the Fortune 500</a>.</p>
The Linux Problem</h2>
Of course, most (if not all) kernel-level anticheat software is Windows-only. And since it's running as part of the kernel, compatibility layers like Proton/Wine don't help. As Linux's userbase for gaming slowly grows with the help of Steam hardware and Windows repeatedly shooting itself in the foot, this presents a pretty big problem to Linux users, especially as most kernel ACs try to detect VMs and block you from playing on anything other than a bare metal Windows install. It's pretty annoying to have to set up dualboot between Windows and Linux just to play a game with your Windows-using friends.</p>
And For What?</h2>
The biggest problem with kernel level anticheat is that on top of being invasive and breaking Linux compatibility, they aren't the silver bullet Riot, EA, Activision, etc want you to believe it is. Running in the kernel does not make the software inherently better at picking up on cheating. It simply gives the opportunity to detect kernel-level cheats (which of course, carry all the same risks listed here and then some). As the cheating-anticheating arms race continues, hardware cheats taking advantage of DMA (Direct Memory Access) are becoming increasingly prevalent, with kernel ACs able to do very little about it in comparison to software cheats.</p>
While I'm not at all knowledgeable in cheat development, I think the best solution here is validating player actions on the server side as much as possible. I think machine learning in picking up on irregular player inputs could be very useful, and it would heavily relax the "need" to run invasive software on client machines.</p>

Exit 86

Say No to Privacy Defeatism

'Discord Alternatives'

SMS/MMS</h2> Please, I beg you, just don't. Whatever's wrong with you, I cannot fix with just this article.</p>

Telegram</h2> Telegram is centralized, requires a phone number, and lies a lot about a privacy a lot. End to end encryption is only present in specifically encrypted conversations on mobile clients. Because of this, it immediately goes in the garbage.</p>

Fuck Kernel-Level Anticheat

SMS/MMS</h2>
Please, I beg you, just don't. Whatever's wrong with you, I cannot fix with just this article.</p>

Telegram</h2>
Telegram is centralized, requires a phone number, and lies a lot about a privacy a lot. End to end encryption is only present in specifically encrypted conversations on mobile clients. Because of this, it immediately goes in the garbage.</p>