• 1 Post
  • 29 Comments
Joined 2 years ago
cake
Cake day: July 8th, 2023

help-circle
  • An easy analogy that common users can understand is e-mail. E-Mail is also decentralized, everyone has an e-mail address but everyone uses a different e-mail host (the domain name after the “@”). So e.g. “[email protected]” has an account at gmail.com but “[email protected]” has an account at mailbox.org. Both are completely different, yet they can communicate with each other. There’s not one company controlling or storing every single e-mail account or inbox. It’s spread out and everyone can choose the mail provider they like or trust the most.

    Then you use that as a bridge to explain Lemmy, or Mastodon, or other Fediverse social media platforms. And remind the listener that single companies having full control over everyone’s accounts is generally bad and opens the door for all sorts of abuse and manipulation or arbitrariness.



  • Just for reference, this is what the Google Play services app transmits roughly every 20 minutes to Google if it has network access:

    Phone #
    SIM #
    IMEI (world-wide unique device ID)
    S/N of your device
    WIFI MAC address
    Android ID
    Mail Address of your logged in Google account
    IP address
    

    And that is when you have disabled ALL telemetry in ALL of the options, even the most hidden ones. So this is the minimum amount this app is always gathering from every Android user using the Google Play services app, no matter what you selected. Other Google apps (like the Play store app) could then contain additional telemetry on top, this is just the common base of all Google proprietary apps. Or the minimum amount of privacy violations you get when using proprietary Google apps on your phone, no matter what.

    If you use GrapheneOS, I’d recommend not installing/using ANY Google apps at all (not even Play store or Play services). To get apps, you should use (roughly in this order of priority): 1.) GrapheneOS’s app store for the built-in apps 2.) Accrescent app store (has several good open source apps, is intended to be more secure than F-Droid) 3.) Obtainium (for getting open source apps directly from their source repos) or if you really can’t get into Obtainium, use F-Droid instead 4.) Aurora Store (for getting apps from the Google Play store without sending too much data to Google. Only do this if there is no open source app available for doing the same thing).

    To fully mitigate the removal of the Play services app, you also should probably install/configure something like ntfy to get battery efficient push notifications and ideally use apps which also use that, e.g. the Molly fork instead of Signal. It’s quite easy to do, just something to be aware of. Otherwise your battery drain might be a bit higher. Then you’re also independent from Google’s push notification infrastructure. But you need a ntfy server to go along with it, either self-hosted or use a public one. There are some privacy friendly ones public ones out there.



  • BNC Feed-Through Adapters (with Terminators if needed)

    I’m kidding, I’m kidding!

    For anyone too young, this was how you made gaming LAN parties in the early 90s when there was Doom, Doom 2, Duke3D and Quake 1 to play. It’s a switch- and hub-less network connection where every PC is literally connected to all others in one line which is fed through each PC. Making your connection extremely sh!tty if you were on one end or someone between you and the other guy had a terrible PC or had to reboot. Well, actually it was generally sh!tty. This problem went away completely when switches (even just hubs) became commonly available / cheap for consumers.

    I do miss LAN parties though. Online gaming is also great but it’s just not the same.




  • I use several, depending on use case:

    • Tor Browser for general and anonymous web browsing (e.g. reading news, looking up stuff, and so on)
    • Mullvad Browser as a clear web alternative for general use
    • Librewolf for generally logging into sites with personally identifiable accounts (e.g. to buy stuff)
    • Ungoogled Chromium for those few sites which only work with a Chromium-based browser, or other specific cases
    • On Android (GrapheneOS): Tor Browser and Vanadium

    All regular browsers have some hardening applied and uBlock Origin installed.


  • Since you only mentioned 25% gaming, I’d recommend against a gaming-centric distro like Bazzite. Instead, use a generalist desktop distro.

    Since you mentioned that you’re rather new-ish, I’d recommend against Arch-based distros like CachyOS. Instead, check out e.g. Fedora, Mint, OpenSuSE. (Probably in that order of priority)

    These aren’t hard recommendations, so you can do whatever and probably be fine either way, but it still doesn’t fit that well.


  • There are lots of great live bands but maybe these were most memorable for various reasons: Magma (just hypnotic), Lazuli (very entertaining live band every single time), The Pineapple Thief (great prog rock with incredible drummer), The Musical Box (playing and re-acting old Genesis. Too young to see the originals but just in time to see the remakes), Le Silo (super high energy duo or trio, don’t even remember, but man that was wild), Aranis (they don’t exist anymore unfortunately)


  • I don’t view it as badly. He’s probably overly defensive and paranoid and interprets some forms of criticism as attacks. But I do not see this as an argument against his competence or contributions to the project, or against using GrapheneOS altogether, at all. In fact, I even kind of like having someone paranoid as the head of a security-focused OS. Seems like a useful synergy to me. Also, AFAIK the GrapheneOS project now also has others posting about the project, not just him alone. I think this was also a result of his “miscommunication” in the past. Furthermore, the project is too important (there are almost zero high-security and high-privacy mobile OSes!) to escalate this into a problem. And furthermore again, there might also be parties involved who are ACTUALLY interested in attacking GrapheneOS and weakening its popularity, for their own gains. And so when your successful and also high-quality project is under regular attacks from various angles, you might get more paranoid and misinterpret some valid criticism as a result. Combine that with Rossman’s over-dramatic nature and high reach, and someone paranoid like Daniel might take it the wrong way. And then communication spirals out of control into various escalations. At least that’s how I interpret it.



  • He’s mostly correct about lots of things, but not about everything (for example, he hated on everything GrapheneOS just because its lead dev is a bit socially awkward). Plus he’s overly dramatic and verbose which can be annoying. Sometimes you must be to get abstract or complicated points across better, but I still feel he’s too aggressive in that regard. I also like what he’s trying to achieve with FUTO in general. Overall, he’s a great and valuable activist who has almost all of his eggs in the right baskets.





  • It’s nice to see a significant portion of people (probably still not enough though) leave proprietary social media. Unfortunately, it took them extremely long to realize why that’s a bad thing to use.

    So that’s one step in the right direction I guess.

    On the other hand, there generally isn’t much hope for humanity left because we haven’t learned from past mistakes, haven’t listened to science, and haven’t ensured ourselves a decent future on this planet.



  • Don’t read too much bad news, it’s bad for the general mood. But still expect everything to go to hell, because it absolutely will, and sooner than anticipated. But you can still enjoy some amount of non-hellish time. And then make some preparations for an upcoming fascist government, rising crime/vandalism, and for climate change hitting everywhere with full force. Existing systems might not stay functional. Start building up local communities to support each other. Make the best of any situation and make forward-looking decisions. Don’t despair, but also don’t have false hopes. It will get much worse before it will get any better.


  • Well, “nice” to have that feature, but you still shouldn’t use Discord, or at least limit your time on it as much as possible. Remember, when you use it, you’re part of the network effect that makes Discord big. You have to resist that. Take a look how Discord compares to pretty much any other messenger or communication tool in existence: https://www.messenger-matrix.de/messenger-matrix-en.html Avoid it whenever possible, get your friends to leave it and weaken its network effect.

    So, some of the drawbacks (there’s probably more):

    • Discord has weak security (see URL above)
    • Discord has non-existent privacy
    • Discord has an incredibly vague privacy policy which means they do what they want. Even companies with strong privacy policies screw users over routinely. Guess what companies do who don’t even care about good privacy policies. They even weakened it further a while back because they need to train their new AI features on your data as well, and probably even their weak privacy policies were in the way before. Well, good thing that the users agreed that they can change it at any time for any reason and be fine with it.
    • You grant all rights of everything you write, say, share or do on Discord to Discord, and everything you type, say, upload or share is being processed by their servers
    • Discord tracks what you’re typing before sending it
    • Discord suspended accounts and required even more user data for “verification”, such as telephone numbers which is completely unnecessary except for tracking and data selling purposes
    • Discord shares chat logs with law enforcement (and they can share everything because they’re collecting everything)
    • The Discord client app tracks what programs you have running so it can for example display what games you’re currently running. That means it contains a process logger. It has to scan every running application and then finds games out of those, and then you have to hope that only the game-specific bits are uploaded to their servers. Maybe that is the case, but can you trust them, and also to never change that? No.

    If you have to use it:

    • Never use their desktop app, always use the web version from a secondary browser (web apps running in the browser have much less rights than locally running applications), and even then limit what the site can access to the least amount of stuff necessary. If you never use your mic or camera then block it in the browser settings. Don’t trust Discord’s own mute setting (this also applies to other proprietary software).
    • Use a fake e-mail alias / telephone number when creating your account, generally give them the least amount of data possible. Opt out of any options or features which are tied to you exposing more data to them
    • Don’t give them additional money e.g. for their premium stuff (you already pay with data they gather from you)
    • Block at least these API endpoints which are purely used for tracking purposes (there may be more though, and they might change) [easy to do with uBlock Origin for example]:
    https://discord.com/api/v*/science
    https://discord.com/api/v*/channels/*/typing
    https://discord.com/api/v*/track*
    
    • You can also block these related hosts safely without impairing Discord’s main functions (again there may be more):
    crash.discordapp.com
    status.discordapp.com
    b.stats.paypal.com
    app.adjust.com
    client-analytics.braintreegateway.com
    

  • Yeah, I also don’t like such general laziness. It’s also not just limited to switching to Linux, it’s kind of the same with switching to anything that’s better but slightly(!) more inconvenient than what you’re used to. Well, you can’t make or be part of some progress unless you’re willing to sometimes get off your comfy couch and do something you’ve never done before. Like switching to Linux. Like stopping eating meat. Like stopping supporting certain evil companies. Like going to vote for a non-retarded option. Like voting with your wallet for the products you use/buy and also NOT use/buy. If everyone would do it, the world would be a different (better) place. But still too few are doing it. Because it’s slightly less convenient. And that would be so damn hard to change. Oh man would that be hard. Not.