Zak

@Zak@lemmy.world

• ⁨Comment⁩ on ⁨Signal – an ethical replacement for WhatsApp⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

  No. WhatsApp came first, but later adopted Signal’s key exchange and encryption. One of WhatsApp’s founders is now chairman of the Signal Foundation and a major financial backer of the project.

• ⁨Comment⁩ on ⁨Mastodon: New Terms of Service IP clause cannot be terminated or revoked, not even by deleting content⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

  Mastodon’s federation is not at all consistent even when it could get much closer with a little effort.

  Servers don’t remote fetch old posts from recent follows for example, nor replies to off-server posts from people on a third server. There’s work being done on both, but I’m surprised it wasn’t prioritized much earlier. Some other Fediverse software handles these situations better.

• ⁨Comment⁩ on ⁨Mastodon: New Terms of Service IP clause cannot be terminated or revoked, not even by deleting content⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

  I think the fediverse has a built-in legal risk in that any time someone posts, data is sent to a large number of servers when then make it available via the web or sometimes push it to additional servers (e.g. by user boosts or community subscriptions). This is currently done without any explicit license for the IP contained in that post.

  I’m inclined to think that irrevocable permissions are the right thing here, in large part because it’s impossible to guarantee that any subsequent signal from the original poster propagates to everyone who has a copy of that post, or that the server software responds how someone else expects it will.

• ⁨Comment⁩ on ⁨Trump extends the TikTok ban deadline for a third time; there is no legal basis for the extensions and it is unclear how many times the deadline can be extended⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:

  There is a legal basis: congress passed a law, the president at the time signed it, TikTok sued, and the Supreme Court unanimously ruled against TikTok. That’s a legal basis by definition.

  Perhaps you mean that there is no rational basis. That’s a reasonable position you can argue for.

• ⁨Comment⁩ on ⁨Do instances exist where you can be 13+?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  And that is what I would recommend against, even on a server that does not ban that age. If someone’s (young) age is relevant to a discussion they wish to participate in, I would suggest a throwaway account.

• ⁨Comment⁩ on ⁨Do instances exist where you can be 13+?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  How were they revealed?

• ⁨Comment⁩ on ⁨Do instances exist where you can be 13+?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Why do you care?

  If it’s just about following the rules as a matter of principle, I suggest not doing that. Nobody is checking, and saying your exact age on public social media is oversharing anyway.

  If it’s about content moderation being strict enough to satisfy some comfort level, I wouldn’t rely on that, but I also think 13 is old enough to start learning there are shitty people online and how to deal with them, preferably with some adult support.

• ⁨Comment⁩ on ⁨WhatsApp is officially getting ads⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Android, iOS, or desktop?

  I’ve noticed the occasional slow delivery, but I have had reason to believe the recipient has an unstable internet connection when that has happened.

• ⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  When I have a reason to use a Chromium-based browser, it’s usually Ungoogled Chromium. Otherwise, I use Firefox, and I’ve been playing with Waterfox in case Firefox ever asks me to agree to the terms of service that were discussed a little while back.

• ⁨Comment⁩ on ⁨WhatsApp is officially getting ads⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  signal got overloaded, experience degraded

  I did not experience this, and I’ve been using Signal daily for years. Prior to 2020 or so, I experienced more unreliability and hesitated to recommend it to the average person.

  I’m familiar with the problem though; in most of the EU and probably other places WhatsApp usage is so high that it’s a major inconvenience to avoid it entirely.

• ⁨Comment⁩ on ⁨WhatsApp is officially getting ads⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  A fair number of my contacts from countries where this is true also have Signal. If you don’t, I suggest installing it and seeing how many people are there.

  If it’s hard to remember who uses what, start conversations from the contacts app instead of one of the messaging apps; in most cases it will tell you.

• ⁨Comment⁩ on ⁨WhatsApp is officially getting ads⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I don’t think any evidence has come to light that WhatsApp’s end-to-end encryption of message contents is broken, but it’s also impossible to prove that it is correct because the client is not open source.

• ⁨Comment⁩ on ⁨Menstrual tracking app data is a ‘gold mine’ for advertisers that risks women’s safety – report⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I think even something like Drip is not sufficient in this kind of situation. If the police can compel someone to unlock their phone and decrypt data, then being local-only won’t stop them. Of course it’s a lot easier to ensure that no data exists if it’s local-only and something happens that might attract the interest of the police.

  Nothing in this comment should be construed as legal advice.

• ⁨Comment⁩ on ⁨Android 16 is here⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I suppose the distinctions between the OS and “just an app” are blurred on any OS. One might argue anything that isn’t the kernel is just userland software on conventional Linux.

  On Android, anything a third party could deliver without system or root privileges is “just an app”. That includes keyboards, launchers, messaging apps, image editors, and smarthome device managers, but not direct management of network connections, notifications, or direct interaction with other apps (i.e. outside of intents or over the network).

  If you’ve used an Android device with root access, you’ve seen things that fail this test. Anything that needs root to work can’t be delivered to most Android users unless it’s part of the OS or a system app.

• ⁨Comment⁩ on ⁨Menstrual tracking app data is a ‘gold mine’ for advertisers that risks women’s safety – report⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I’m not sure what the best answer to that is. I don’t think it’s forcing Google to improve its search results.

  I want it to be the average person gaining a baseline level of computer and media literacy such that they seek out and find apps that cannot send sensitive data to third parties without the user’s clear intent, but I don’t think we’ll ever get there.

• ⁨Comment⁩ on ⁨Android 16 is here⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  The launcher is, but not everything new in Android 16 could be just an app. The new desktop mode, for example likely requires much deeper integration with the OS.

• ⁨Comment⁩ on ⁨Menstrual tracking app data is a ‘gold mine’ for advertisers that risks women’s safety – report⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  Would the cops come beating my door down claiming I had an abortion? 🤔

  I don’t think that has happened starting from a period tracking app yet. There was a case involving an unencrypted messaging app used to discuss a criminalized abortion.

• ⁨Comment⁩ on ⁨Menstrual tracking app data is a ‘gold mine’ for advertisers that risks women’s safety – report⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  So why the fuck don’t women just use that?

  They probably don’t know about it. If I search “period tracker” on Google Play, Drip is in about 40th place in the results. That’s several screens down, past a bunch of search suggestions, and the parts where it’s open source, on-device, and optionally encrypted aren’t clear until I tap on it and read the description.

  And you probably can’t even get drip on iPhones.

  There’s some irony in a comment dealing with people making decisions that are against their interests because they’re insufficiently informed speculating incorrectly about something like this when it’s easy to check. Drip is, in fact available for iPhone.

• ⁨Comment⁩ on ⁨Android 16 is here⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  These are all app features, not OS features.

• ⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  You can editorialize in the body on Lemmy; there’s no need to use a title that obscures what the link is about.

  It passed the house with a veto-proof majority and the senate unanimously. It is almost certain to become law whether the governor signs it or not.

• ⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Isn’t Microsoft Authenticator just a password manager and TOTP app? You can replace it with Bitwarden and Aegis (or a dozen alternatives).

• ⁨Comment⁩ on ⁨FBI Wants Access To Encrypted iPhone And Android Data—So Does Europe⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  This is a battle big tech cannot afford to lose.

  I don’t like this framing. This is about privacy for all of us, and some of the most important providers of encryption software and encrypted services are nonprofits and small companies.

• ⁨Comment⁩ on ⁨Fediverse for teens⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  It’s interesting the number of comments about parenting advice as opposed to technology suggestion.

  Was this unexpected? It has been my experience online that people are more likely to tell you what they think you need to hear than what you asked for.

• ⁨Comment⁩ on ⁨Fediverse for teens⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  I don’t know you, your daughters, or their friends so I can’t make specific recommendations. What I can say is that it’s really common for teenagers who are sheltered from the dangers of the world to make more and bigger mistakes once they’re unsupervised than those who get a gradual introduction.

  The two main dangers of social media for most people are:

  1. Encountering assholes. For girls and women, there’s a high probability assholes will try to sexually exploit them. Since there are minimal consequences most of the time for sending “show me your tits”, they’re going to encounter that behavior eventually, and it may be easier to deal with for the first time when they have parental support.
  2. Algorithmic rabbit holes. These can create the perception that problematic attitudes and behaviors are common and widely accepted when they are not. Having an open dialog with parents about anything from eating laundry detergent to Jordan Peterson can be a strong stabilizing influence.

  I don’t think a closed Fediverse server is likely to serve as a first step in a gentle introduction because it has neither danger and presumably no strangers to talk to. The full Fediverse might work better, as it does offer interaction with strangers. Encounters with assholes will be less frequent than on corporate social media, and any rabbit holes will be much more self-directed.

  That said, when one of them is likely within a year or two of leaving home or at least having full control of her digital life, if she wants to use some corporate social media, she’s probably better off doing that with some parental supervision and support than jumping in completely unprepared when you’re no longer in a position to prevent it.

  Her friend group has a group text and she wants to keep up with everyone but doesn’t want to get the ding notifications constantly.

  This seems like a good opportunity to learn how the notification settings on her phone work.

• ⁨Comment⁩ on ⁨how do I stop being a sucker for alcoholic stuff on sale?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  The behavior you’re describing does not sound like addiction. People with an addiction to a drug feel compelled to use the drug and become distressed if the drug is unavailable.

  This is also not binge drinking by any commonly-used definition. Two pints of beer a day is generally considered moderate drinking, and you’re not doing it every day, only when beer is on sale. Research does seem to be converging on drinking alcohol at all being bad for your health, however the effect size for occasional moderate drinking is small enough that it has been difficult to measure.

  What you are describing is impulsive behavior. When you see beer on sale, you can’t resist taking advantage of the offer. When you have beer, you drink it faster than you meant to. If you think about other areas of your life, can you find more examples where you struggle with impulse control?

• ⁨Comment⁩ on ⁨Google Play’s latest security change may break many Android apps for some power users. The Play Integrity API uses hardware-backed signals that are trickier for rooted devices and custom ROMs to pass.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Mobile check deposit is a moderately important use case in the USA. It would be possible to do that via the web, but banks usually don’t.

  Regardless, any apps refusing to run will annoy users, and they would likely blame the one brand of phone where that happens instead of the app developer or Google who actually deserve the blame.

• ⁨Comment⁩ on ⁨Google Play’s latest security change may break many Android apps for some power users. The Play Integrity API uses hardware-backed signals that are trickier for rooted devices and custom ROMs to pass.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Correct, but it is necessary to unlock the bootloader to gain root access.

• ⁨Comment⁩ on ⁨Google Play’s latest security change may break many Android apps for some power users. The Play Integrity API uses hardware-backed signals that are trickier for rooted devices and custom ROMs to pass.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

  Their goal is to ensure OEMs only bundle Google-approved Android for which Google charges licensing fees and which funnels users into Google services. If a phone won’t run your banking app, you probably won’t buy it.

• ⁨Comment⁩ on ⁨Google Play’s latest security change may break many Android apps for some power users. The Play Integrity API uses hardware-backed signals that are trickier for rooted devices and custom ROMs to pass.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

  Many devices, including Google’s own Pixel devices have user-unlockable bootloaders. No security vulnerabilities are involved in the process of gaining root access or installing a third-party Android distribution on those devices.

  What’s going on here isn’t patching a vulnerability, but tightening remote attestation, a means by which a device can prove to a third party app that it is not modified. They’re selling it as “integrity” or proof that a device is “genuine”, but I see it as an invasion of user privacy.

  Google can’t exactly make root access and custom ROMs easier to use in 2025.

  Sure they can. They’re in a much stronger position to dictate terms to app developers than they were in 2010 when it was not yet clear there would be an Android/iOS duopoly.

  They don’t want to though, because their remote attestation scheme means they can force OEMs to only bundle Google-approved Android builds that steer people to use Google services that make money for Google, and charge those OEMs licensing fees. A phone that doesn’t pass attestation isn’t commercially viable because enough important apps (often banking apps) use it.

• ⁨Comment⁩ on ⁨Is it OK to leave device chargers plugged in all the time? An expert explains⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

  I’ve encountered a number of outlets in American airports that should be replaced due to wear. They have very little friction on the prongs after millions of uses.