you have posted only two comments on lemmy so far, and both are telling people to buy this phone. do you have any affiliation with it, and/or are you planning to continue using your lemmy account solely to encourage people to buy it?

also, since you seem to know about this, i am curious if you can enlighten me: are there any benefits of iodéOS compared with LineageOS which it is a derivative of? i didn’t find a comparison between them on the website.

imo this (.world link) is a better choice

the guy in the middle is a pro at photobombing

the metadata isn’t

Authorities don’t need to ask Signal for metadata; Signal promises they don’t log any themselves and that is probably true.

But, they outsource their server operation to Jeff Bezos, and then they do some absurd security theater to pretend that cryptography makes it so that the server (Amazon) couldn’t possibly log metadata - which is obviously false.

How to install Linux on a dead badger (written in 2004, might not work with modern distributions)

We Need To Talk About “Authoritarianism”

Makes me curious as to what happened here

You can see the deleted comments in the modlog. There is also a thread for discussing the deletions in this thread here.

in the computing context, “lock-in” is shorthand for vendor lock-in.

How exactly do they hope to lock devs in github??? That’s absurd, there’s no way they can achieve that. I can always take my projects elsewhere and there’s nothing they can do to stop me.

I can’t tell if you’re joking? If not, what do you think “lock-in” actually means?

It doesn’t mean that it is impossible to leave, it means that there is substantial switching cost. And, that is certainly the case for github-hosted projects: all active contributors need to make a new account somewhere else, issues and discussions need to be migrated, CI workflows typically need to be rewritten, and good luck finding something that gives as much free compute for CI as github does. Yes, it’s easy to mirror a git repo onto another service, but github is much much more than just git repo hosting and each of their features have their own switching cost.

Also, OP actually said “lock devs in” rather than “lock projects in” - I actually am forced to have a github account if i want to contribute to projects which refuse to move their issues off of it 😢 … and the difficulty in creating new accounts anonymously these days prevents me from contributing to several things (lemmy, for instance) which i otherwise would.

regarding metadata on Signal

I bought some cheap Chinese 2-way radios. The packaging has a big American flag and a “Designed in U.S.A.” claim, which I suspect is bullshit given the company involved. Also, there are two Bible verses referenced. This smacks of pandering to a particular slice of conservative Americans. All I want is cheap radios for skiing with my kids next winter, not a reminder of my country’s socio-political bullshit.

This bullshit is not from the well-known Chinese radio maker Baofeng (baofengradio.com) but rather from a US company called “BTech” which has the deceptive URL BaoFengTech.com.

if they do something, it’s not in your interest

this is often true, but sometimes (like in this case) they are actually doing things that are in (almost) everyone’s interest: making browsers more secure 🙄

(see my other comment in this thread for details)

deleted by creator

fuck google generally, but in this case that mastodon post’s characterization that “Respondents overwhelmingly reject the suggestion” is not accurate - lots of people in that thread are in favor of removing it and those who aren’t aren’t making a strong case to keep it.

imo client-side XSLT never needed to be implemented; afaict its primary use is styling RSS feeds and I doubt many people ever actually read RSS feeds styled that way even if millions of feeds are/were.

tldr: This obscure “feature” is a significant source of vulnerabilities which attackers are able to compromise endpoints with right now. The GNOME project’s libxslt is used by all modern browsers and has been largely unmaintained for a long time, and it is a pretty sure bet that it has lots more remotely-exploitable bugs (in addition to those which have already been discovered and not yet fixed, or for which fixes are not yet widely distributed).

it sounds like there is also a mostly-working JS replacement for this C++ code; if it is actually possible to ship that and avoid breaking any sites it would be preferable, but, otherwise, i for one would certainly be in favor of dropping browsers’ XSLT support (which was only ever for XSLT 1.0 anyway!) completely ASAP.

CoMaps is “offline-first” and they’re working on a deskop version, but it is alpha right now and they don’t appear to be distributing binaries of it (the desktop version) yet so you’ll need to compile it yourself. There are instructions here. I haven’t tried it yet myself but I think it looks promising!

Another option is to run CoMaps, OsmAnd, or another Android app under Waydroid.

deleted by creator

fyi, Signal’s servers are hosted on a mixture of Amazon Web Services and Google Cloud.

🐝