👏👏👏

And it is not straightforward to become arch maintainer. There has to be a level of trust in that person. The team shouldn’t be too big to manage. And there are other considerations too.

Without paywall: https://www.removepaywall.com/search?url=https%3A%2F%2Fwww.wired.com%2Fstory%2Frussia-signal-qr-code-phishing-attack%2F

Use btrfs with snapshots. Verify you know how to boot into snapshot after a failed update and repair the system. This is the most important thing and lets you experiment much more freely.

Many political leaders across Europe see Hungary not as a danger to democracy, but as a way to follow, means to cement their power, etc. Almost all societies across Europe are swinging to the right. I am not optimistic.

I can use bitwarden on Windows, Linux, Mac, iOS, Android, on desktop app or using CLI. That’s a stark difference in comparison with built in Microsoft or Apple keychains. And yes, I trust Bitwarden.

My thoughts exactly. I use Bitwarden and passkeys sync flawlessly between my devices. Password managers tied to a a device or ecosystem are stupid and people shouldn’t use them. This is true whether you use passwords or passkeys.

That said, we cannot blame users for bad UX that some platforms and some devs provide.

Why bother? Backporting security updates or updating packages is work and in case of debian often unpaid. Trixie is for testing new packages and configurations, does not make a ton of sense to keep everything up to date.

So what? The law enforcement knows you have an account and knows the sign up date and last login. That doesn’t affect your privacy whatsoever. Besides, Europe isn’t a monolith. You can absolutely buy and use a SIM card without disclosing your name in some countries.

They have published requests from the law enforcement and their responses to these requests. The only unencrypted data they have is the phone number, a date of sign up and a date of the last login. That is it, everything else is encrypted and they cannot access it whatsoever.

The phone number is not connected to the messages. That’s the only thing they have. It is the best app for privacy.

They have bigger issues than piracy, e.g. csam, malware, and other criminal activity. But the age of no moderation whatsoever is over it seems.

They don’t need physical access (hold the device in their hand), they just need a command execution, which is a much lower bar. I expect some defence in depth for an application that holds some of the most private information there is about me.

PoC on 32 bit requires thousands of authentication attempts, so any sane firewall should protect you against it already. Afaik there isnt any for 64 bit

What the fuck you just killed me

Good take

“I don’t like X.” Does X anyway.

He has a great content though. Some of his takes are a bit strange, but he didnt cross the line yet for me.

There is no place for a russian propaganda outlet.

Isn’t that horribly insecure? I have my doubts regarding privacy. LocalSend sends to the device directly, without an intermediary.