Zak

@Zak@lemmy.world

• ⁨Comment⁩ on ⁨Federated blog platforms? (ideally lightweight)⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

  Wafrn might be worth a look. I’ve been meaning to try it myself.

• ⁨Comment⁩ on ⁨Federated blog platforms? (ideally lightweight)⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

  Mastodon’s character limit is pretty easy to change when self-hosting, but it has other limitations like a lack of even basic formatting and images inline in posts. I think that’s true of several of the others as well.

• ⁨Comment⁩ on ⁨Lawsuit Alleges That WhatsApp Has No End-to-End Encryption⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:

  There is a risk Google could tamper with the app for specific users if they’re installing it from Google Play. I think it’s likely security researchers would discover that if it was widespread, but there’s a chance Google could do it undetected if they targeted it selectively enough.

  People who are concerned about this can download the APK directly from Signal and check its signature before installation.

• ⁨Comment⁩ on ⁨Lawsuit Alleges That WhatsApp Has No End-to-End Encryption⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Signal uses reproducible builds for its Android client, and I think for desktop as well. That means it’s possible to verify that a particular Signal package is built from the open source Signal codebase. I don’t have to trust Signal because I can check.

  If I don’t have extreme security needs, I don’t even have to check. Signal has a high enough profile that I can be confident other people have checked, likely many other people who are more skilled at auditing cryptographic code than I am.

  Trusting the server isn’t necessary because the encryption is applied by the sender’s client and removed by the recipient’s client.

• ⁨Comment⁩ on ⁨OnePlus update blocks downgrades and custom ROMs by blowing a fuse⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
  • Reasonable: prevent downgrades when the bootloader is locked
  • Sketchy: prevent downgrades when the bootloader is unlocked
  • Unhinged: hard-brick the device when a downgrade is attempted
• ⁨Comment⁩ on ⁨If you have one, how much do you pay for a domain name? Any cheap registrar recommendations?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I have a .com for like $19.99 but pay to have my info redacted from whois stuff, an email address, all cones to like $42.99

  Porkbun charges $11.08 for a .com with whois privacy. $30/year for email hosting might be worth it if you’re getting very good service, but I think you’re overpaying.

• ⁨Comment⁩ on ⁨If you have one, how much do you pay for a domain name? Any cheap registrar recommendations?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  $11.08 for a .com. Source: just renewed.

• ⁨Comment⁩ on ⁨Android won't kill sideloading after all, but new verification rules will make it harder⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  A different Wallet/Pay implementation is a possible outcome, but I’m thinking of a bigger picture where Android phones are more like PCs: no non-unlockable bootloaders, no remote attestation anywhere, barriers to root detection at the OS level, third-party ROMs encouraged.

  The early days of Android were like that. I wonder if things had developed along that path, would we have a paradise for power users? A security nightmare for mainstream users? Both? Neither?

• ⁨Comment⁩ on ⁨Android won't kill sideloading after all, but new verification rules will make it harder⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I wonder what an alternate history where Google chose not to become evil would look like.

  What if they had looked at Microsoft’s Palladium proposal and thought, as pretty much everyone outside institutional IT departments did that locked devices with remote attestation was a nightmare scenario best forgotten, refused to build it, and made an effort to prevent anyone else from doing so on top of Android? Safetynet didn’t appear until 5-6 years after Android launched to the public. What if it never did? Android already had enough momentum by that point I don’t think the financial sector could refuse to be on it no matter what risk management said.

• ⁨Comment⁩ on ⁨What are your technology mispredictions?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Samsung, Huawei, Microsoft, and LG tried similar ideas and none got much traction.

  I’m not sure it’s actually a good idea even now that phones have enough CPU and RAM for an adequate desktop experience. It’s certainly not a good idea running Android as we know it, where apps are data silos and have UIs that don’t cleanly transition from the palmtop experience to the desktop experience.

• ⁨Comment⁩ on ⁨What are your technology mispredictions?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  You can do that today with a Linux tablet and Waydroid. It’s more like running the Android apps in a VM than something really well integrated with the Linux environment, but perfect is the enemy of good.

• ⁨Comment⁩ on ⁨What are your technology mispredictions?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  I got my first tablet this year after a long time as a skeptic. It runs Arch, BTW.

  Most of the time it has a keyboard attached and I use it like a laptop, but it’s nice to be able to watch movies on flights during taxi, takeoff, and landing because tablets and phones are allowed, not laptops.

  Gnome is really nice on a touchscreen aside from the terrible onscreen keyboard. KDE is a little rougher, but its onscreen keyboard is decent.

• ⁨Comment⁩ on ⁨What are your technology mispredictions?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  I remember making a note to look into it several times, and thinking I should buy one (exactly one) when it was about $600. If I had, I imagine I would have sold at 10x rather than holding until 100x or its peak at 200x.

  I actually did think it or a successor would become important as a consumer payment method. I was wrong there.

• ⁨Comment⁩ on ⁨What are your technology mispredictions?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  I remember playing with a Motorola Atrix in a store. It seemed like a really cool idea.

• ⁨Comment⁩ on ⁨What are your technology mispredictions?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  I thought people would learn how to use computers.

  It seemed as if most of the millennial generation in wealthy countries did learn to some degree and I expected it to be even more true for younger generations. Those more sophisticated users would enable more sophisticated and flexible applications. Technology would empower individuals while weakening corporations and governments.

  Instead, the most reliable recipe for popularizing tech is to dumb it down. Millennials represent a peak of digital literacy (in wealthy countries) and those younger tend to have weaker technical skills.

• ⁨Comment⁩ on ⁨Today in “Google Broke Email”⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  I hold the (possibly mistaken) belief that someone who can program everything from a web browser to a screensaver can, if they so choose, be a good sysadmin.

  I also believe programmers usually don’t choose to be good sysadmins, viewing such work as an annoyance to spend as little effort on as they can get away with, which is what it looks like jwz has done here. Someone with his experience should be self-aware enough to understand who is to blame when that’s what they’re doing.

• ⁨Comment⁩ on ⁨Today in “Google Broke Email”⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  I wonder how many people have company email addresses there.

  It’s a bar/nightclub. Most employees at bars don’t use email as part of their work. It would be unusual (though maybe on-brand for jwz) for bartenders to have company email addresses, for example.

• ⁨Comment⁩ on ⁨Today in “Google Broke Email”⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  Given his background, I’m certain he can do a good job of being his own IT admin if he wants to. He seems to want some of the benefits of that while having Google do the parts he doesn’t like.

  Google, on the other hand seems to want to drop features that I think it intended to encourage people to migrate from ISP email accounts to Gmail 20 years ago and now sees as cruft and/or security concerns.

• ⁨Comment⁩ on ⁨Today in “Google Broke Email”⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  He does have his own mail server according to the post. He doesn’t want to store the mail long-term, filter spam, host a web mail client, or support employees setting up native mail clients.

• ⁨Comment⁩ on ⁨Today in “Google Broke Email”⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  The whole @gmail.com thing also opens up potential regulatory issues depending on the details of the business.

  It’s a bar.

  I’m probably missing some big detail, but I don’t get why he has his current setup to begin with.

  The post makes it sound like he has a bunch of automation he likely wrote himself on incoming mail, but he wants Google to do some messy parts (spam filtering, archiving, providing a nice client). Google has no reason to want to continue doing that for him and the handful of other people doing something similar.

• ⁨Comment⁩ on ⁨Today in “Google Broke Email”⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  He’s being a bit whiny here. He was having employees use Gmail as a client for his self-hosted POP mail, which is a niche use case that likely has a brittle implementation and doesn’t make any money for Google. Gmail offers a paid product for this kind of use case, but it won’t integrate with the rest of his (likely custom) automation. He wants to self-host parts of the system and have Google do the messy bits, but he’s not their customer and probably isn’t a very good product either.

  He then complains that to solf-host IMAP:

  My server is now responsible for storing all of their messages, including all of their spam. It is a vast amount of data. I will have to implement quotas.

  It’s 2025 and that’s a silly claim. A 12Tb HDD costs the same as a couple bottles of booze, and it’s not hard to write a script that clears out spam after 30 days. The other complaints are basically UX.

  Normally saying a small business owner should self-host IMAP and write scripts would be a bit unreasonable, but this is JWZ.

• ⁨Comment⁩ on ⁨Quick post about AI-free FireFox Based Browsers (Keep your Adds and avoid the Bloat)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  Depends on whether you want to convince people of your position, or you’re just explaining your own choice. The latter is fine, but the former won’t happen without better sources.

• ⁨Comment⁩ on ⁨Quick post about AI-free FireFox Based Browsers (Keep your Adds and avoid the Bloat)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  I’m not particularly horrified about the availability of AI features, but I’d rather see Mozilla focus most of its resources on core competencies. Firefox lags behind Chrome in web standards feature support, e.g. the browser scores on caniuse.com. It’s also prone to making my laptop fan spin more than Chromium browser do, and people often complain about speed.

  They should make the core browser better, and maybe task a couple developers to build some LLM support as an extension.

• ⁨Comment⁩ on ⁨Quick post about AI-free FireFox Based Browsers (Keep your Adds and avoid the Bloat)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  Without taking a position on the claim itself, this is a bad citation. It makes a variety of claims that either don’t hold up to basic scrutiny, or aren’t evidence that iOS has a security advantage. Here are some examples:

  Open-source platform increases vulnerability surface area

  This is perhaps one of the most thoroughly debunked pieces of FUD in the entire tech industry.

  [Various claims about inconsistency between devices]

  These are mostly true but largely irrelevant. You’re not buying an aggregate of all Android devices that exist, but a specific device with specific traits. The Android phone you should actually buy will have a security chip and many years of updates just like an iPhone.

  The rigorous app review process and mandatory App Store distribution (except in EU) virtually eliminate malicious app threats for average users.

  This might be a benefit when the user has no clue how to use a computer, but I expect people posting in this community are past that stage. It’s a big disadvantage for those who want to use something like Firefox (real Firefox, not a skin on Safari) with potential security and privacy upsides.

• ⁨Comment⁩ on ⁨Quick post about AI-free FireFox Based Browsers (Keep your Adds and avoid the Bloat)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  There is actually a current Chromium-based browser for Android with Manifest v2 extension support and uBlock Origin.

  spoiler

  It’s Microsoft Edge. No, I’m not advocating that you use it.

• ⁨Comment⁩ on ⁨Quick post about AI-free FireFox Based Browsers (Keep your Adds and avoid the Bloat)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  Waterfox is available for Android.

• ⁨Comment⁩ on ⁨Why Are Cars Getting Rid Of Android Auto?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  I imagine you could wire your own mechanical switch to that steering wheel wheel. Fuck them for doing that though.

• ⁨Comment⁩ on ⁨Explained: Why you can't move Windows 11 taskbar like Windows 10, according to Microsoft⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  KDE has a bigger team now. Gnome doesn’t have a Windows-style panel by default. I was thinking of projects like Xfce and LXDE.

• ⁨Comment⁩ on ⁨Explained: Why you can't move Windows 11 taskbar like Windows 10, according to Microsoft⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  The bit about apps having to reflow seems nonsensical. They have to reflow any time the user resizes their windows.

  I’m not accepting any excuses from MS about limited resources when Linux desktop environments built by hobbyists have the feature in question.

• ⁨Comment⁩ on ⁨Verizon refused to unlock man’s iPhone, so he sued the carrier and won⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  people like this make phone deals worse for the rest of us.

  Verizon can get exactly the same amount out of most customers by either:

  • Charging more for the phone and less for the service
  • Unbundling the phone financing from the phone service