undu
@undu@discuss.tchncs.de
- Comment on Apple brings age verification to UK users in iOS 26.4 beta - Users who don’t verify their age may not be able to download or purchase apps. 12 hours ago:
The scheme from the Danish government, shared in another comment, avoids the sharing by allowing token to be used only once, and, because the government issues the tokens, it can block people from getting tokens if they detect abuse. This can be done by rate-limiting, geoblocking and all sorts of techniques.
Remember that the function of the anonymous token is to not allow the service provider (like an OS, or a a website) to see your identity. This still allows the government to see which service provider you are using.
Hopefully the service provider can form pools yo block the government from knowing each individual website, but that’s not a given.
- Comment on Colorado proposing Bill to move age verification to Operating System rather than web site 5 days ago:
As a software engineer that works on virtualization and is interested in software freedom, this law terrifies me because it’s a trojan horse for something much much worse than the already shitty status quo: remote attestation.
And I will tell you this: the operating system is 100% where you want to do age verification
No, it’s the last place you want to do this check. Let me explain: because users control the PCs they buy right now, meaning they can install any OS and programa the so wish to install; governments at some point will decide that they cannot trust the results given by any OS.
The only way for governments will be to actually trust third parties (again) that will check properties in your computer through a module that controls the whole computer and users don’t have access to.
This is called remote attestation: eff.org/…/your-computer-should-say-what-you-tell-…
With this technology, users don’t decide what programa they can install and run, they can’t even decide what websites can they visit.
It’s a brutal encroachment on the computer freedom you have enjoyed up to now, and the perfect tool for an authoritarian government to enforce what can you watch and in general, can do with your computer.
If this law is approved, I guarantee you it will spread and will have expanded versions requiring remote attestation. (Don’t worry, lobbyists will find a way to sell remote attestation preserves privacy to make it go down easier)
The end result is a nightmare-fueling scenario where someone like Peter Thiel through Persona not only has your information because it needed to verify to create the account in your computer, but Microsoft also has it, and governments through Microsoft may decide to limit which platforms you can access (X or something worse), if also if you’ve been a bad citizen, if you can run programs in any computer that can be legally sold.
All in all, this law is incredibly dangerous in the current political climate where even supposedly democratic governments are pushing for more authoritarian controls to digital life. And I’m surprised organisations like EFF haven’t seen this yet
- Comment on Taste the flavor 2 weeks ago:
Demonstrably false, to feel the pancakes again you just need to make them spicier
- Comment on Alternatives to Mattermost 3 weeks ago:
Of the ones I’ve tried that are fully open-source is the best ons regarding UX functionality.
For example, Matrix is a UX nightmare, with many different clients implementing different features, or having issues if a non-default login mode is used, ending in people getting locked out after the browser logged them out because they forgot to copy a key when they were logged in.
Others like rocketchat are opencore like matter most, which means they can do the switcheroo.
The things I would care the most when checking this kind of service are:
- UX: how easy it is to use for nontechnical users
- how well-backed is the project, socially and financially, to ensure it lasts a long time
- how easy it is to get the (public) conversations out, as an exit strategy, if the one above isn’t looking so good.
- Comment on AI controls is coming to Firefox 3 weeks ago:
What’s not changing though is that most of their focus will be on integrating AI which most people don’t want.
I agree that AI chatbots are absolutely useless and have no place in a browser, but out of the three ML features in the screenshot, one is great for blind people, and another one is great for making the web more multilingual, so their usefulness is quite self-evident. Regarding ethics, at least for the last one it’s using a local model, and was trained using open-source datasets.[1]
What makes so-called “AI” bad is not the amount of users that can benefit from it, but how useful it is to the people that do use the feature, which usually means having experts tailor machine learning unto a single purpose.
I personally use the translation feature at least once a week when looking at news article that are not in English, and now I’m using a lot to translate Japanese webpages to plan a holiday there, so I’m very happy that Mozilla has invested time abd collaborated with universities to make this feature, I wish other people were less flippant about it just because it has “AI” in its name.
- Comment on I still haven't figured out how to do this 3 weeks ago:
There’s a relatively new latex replacement, which is much easier to use, although its ecosystem is not as complete (obviously)
(The CLI tools are OpenSource and independent from the GUI thing they sell)
- Comment on Revisiting Jill of the Jungle, the last game Tim Sweeney designed 2 months ago:
Reads like an infomercial for Epic to me
- Comment on Self-Host Weekly #145: Agentic 3 months ago:
Vates demoed on kubecon an ARM workstation running XCP-ng, a xen-based virtualization platform.
xcp-ng.org/blog/…/xcp-ng-on-arm-with-ampere/
It’s still early days, but I’m hoping it can reach homelabs, the big question being hardware enablement, which is difficult on ARM baseboards due to lack of standardization.
Disclaimer: I work with Vates, and prepared some component to compile under ARM to prepare the demo.
- Comment on LeFTIsTS just can't handle our glorious Trump's truths!11!1!!! 5 months ago:
And with a very american name, artem
- Comment on Simplify home hardware for selfhosting 5 months ago:
I know, yes. But I’m talking about virtualization, not containerizarion
- Comment on Simplify home hardware for selfhosting 5 months ago:
Personally, I want to properly isolate the services with virtualization. The main reason is I expose some of the services online, and I don’t t want to only rely on keeping all software up-to-date at all times. This allows me to limit the damage if one of the services is compromised.
I wouldn’t use MacOS as the virtualization platform, and instead use something else, like BSD, Linux, or xen-based for my servers
- Comment on Synology Lost the Plot with Hard Drive Locking Move - ServeTheHome 10 months ago:
Did Synology just hire some brain dead Broadcom executive?
Well, Citrix got their CEO.
And DOGE as well: crn.com/…/citrix-parent-ceo-krause-on-doge-role-w…
- Comment on Performance comparison between various Hypervisors 11 months ago:
Xcp-ng might have the edge against bare metal because Windows uses virtualization by default uses Virtualization-Based Security (VBS). Under xcp-ng it can’t use that since nested virtualization can’t be enabled.
Disclaimer: I’m a maintainer of the control plane used by xcp-ng
- Comment on Italy to require VPN and DNS providers to block pirated content 11 months ago:
But the individual network packets are usually at most 1500 byes long, and applications encrypt the content. Hashing doesn’t prevent jack squat. It’s more likely to be DNS + IP blocks