Random nerd who has an interest in computers, privacy, AI, videogames, and CDs. I also like dogs and horses.

Mastodon: https://mastodon.nl/@Cambion

  • 0 Posts
  • 14 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle
  • TPM on my motherboard is forever disabled

    If that’s just to stop W11 that’s stupid. TPM chips are security related. Disabling them has some serious drawbacks.

    Now there are discussion on if you’d even want a TPM chip or not, and if you choose not to use it for such reasons it may be a well thought out decision. Then you won’t hear me complain. But to trow out security components just to prevent an update, without looking at the possible consequences, is stupid. There are better ways to prevent that anyways.


  • Funny. My grandpa has been using Thunderbird and Libre Office for years, and he never realised it until recently (and he uses it a lot). He recently had an issue for the first time and asked me as he was trying to fix it with Microsoft but didn’t get anywhere, and I had to break the news to him it wasn’t their product.

    I’m not the one who set it up for him btw. But whoever did so made it look as much as to make it easier for him to switch. Which worked as he had no clue and thought he got some free version or so.

    I do also use it, but my setup isn’t Microsoft-like per se. I’m rather happy with it tho.



  • You can try getting your hands on an AsteroidOS compatible watch and flash it with that. It’s basically Linux on your wrist. There is a health app here and the required sensor logging is here, which are in early development but work well in what it does, like step counting and heartbeat graph. Past days aren’t shown further than a week but they are logged, so you could probably get it by hand in terminal after accessing the watch with SSH if you need to until it’s implemented (I think it’s on the to do list).

    It’s my daily watch for months now, sold my Galaxy Watch4 in favor for it. It works well, is completely FOSS, and works without internet, bluetooth, or phone. Altrough both can be enabled and phones can be connected with GadgetBridge or their own app. Both are in F-Droid. You won’t find a more privacy friendly smartwatch solution really.

    There is an issues with the current nightlies tho, so downloads are taken offline for now. So you need to wait for that or see if anyone has old files from before the issue.

    Devs are quite active on Matrix. If you have no patience you can ask there if anyone has the files. Any kind of support is also allowed there, no matter if it’s very noob or advanced level.


  • Article says:

    We’re also beginning the beta for our upcoming macOS desktop app for Proton Drive. […] Once the macOS app is released, we’ll also work on our planned Linux version.

    Based on Proton’s trackrecord in development times I’ld say a far future, but I must admit they’ve been making meters lately when it comes to releasing stuff. It may be sooner than expected (or it might take years, we’d have to wait and see).


  • but I think Google will do more. They’ve been trying to break it for ages. It’s one of those never ending fights. Doubt it’ll end soon.

    Even if it does, then we’re at a point that “just use a good browser and uBlock Origin” also won’t cut it. Honestly, those will break much sooner than dedicated projects that are much more sophisticated in getting around YT-stuff. As soon as they put a login requirement on the site, which is needed to break apps like NewPipe, the browser + uBlock idea already won’t cut it anymore, no matter if you got a VPN ot not.

    As for Aurora, as long as Average Joe still uses Google Play without a care I’m not too worried about it. People use AdBlock for the ease, but using Aurora doesnt’t give ease. It’s only the tiny group of privacy people interested in it, which is a much smaller demographic that’ll be hard to convert to Google services. If they break Aurora, the amount of non-playstore requests to developers is going to to pump up and as long as stuff like APKMirror and apk downloads from vendors still exist people will download by hand over using the Play Store. It’s a lot of trouble that likely just leads people further away from Google.



  • NewPipe (on Piped technology) is working fine here? As long as YT isn’t behind a login they will keep working. If they do put it behind login, tbf they’ll likely find way around it again sooner or later.

    I agree that front-ends are always in an endless fight against these Big Tech solutions. But for content not available on other platforms it’s an necesity and a better solution than simply an adblocker. And sadly it’ll take a long time before content moves away, Average Joe isn’t really worried about Google as much as they are about the cons of moving away from YT.


  • I actually used to have YT Premium because I’m a strong believer that nothing is free, so you either pay with data or money (on anything slightly commercial, not counting FOSS projects made as hobby or under foundations etc. as things get more complex then. But even then I pay/donate for some stuff in the same way of reasoning).

    Yet I cancled the YT Premium subscription. Simply for one reason, privacy. I don’t mind paying, but then I don’t want just no adds, I also want no tracking. I pay with money, so I don’t want to pay with data as well having a whole profile made.

    Switched to NewPipe with sponsorblock on phone and TV and FreeTube on PC. Got a redirect extension in FireFox automatically sending YT videos to either Invidious or Pipe.


  • Business software has very different requirements. It’s much harder to implement stuff for them without breaking those requirements. Think compliances like (ISO) norms and laws regarding commercial businesses, contracts, or even the software being made to work and be administrated on a whole different scale. You can’t compare really…

    While I agree it could go worse from here into a downwards spiral of enshitification, all I meant was that the title is a bit misleading into the other direction; making it sound like they would force telemetry onto users. If they wouldn’t say shit about this option, no one would sign up, even if they wouldn’t mind it. And basically, they’re explaining how they tried to make it as anonymous as possible and that’s it’s opt-in, which would also be a way to go if you legitimatly want to get data for improvement only. If that’s truly what they want, time will tell.

    The moment it stops being optional I’m looking for a different password manager right away, I switched more complex and important things for similar reasons. But since my experience with them has been good, I’ll give them the benefit of the doubt for now.


  • Small nuance:
    “Later this summer, you’ll see the option to participate in our telemetry system and help improve 1Password. You don’t need to take any action right now, and we won’t collect any usage data without your awareness and consent first. Participation will be optional for Individual and Family plan customers. And at this time, our telemetry system won’t be rolled out to any team or business using 1Password.”

    Aka, it’s an opt-in that you can simply not opt-in to and if you don’t nothing changes and then it won’t be used on you.


  • I guess Matrix would be your best option then. I use Schildichat as client, which is a fork of Element with some extras.

    But if you can’t get a plan, why not get a prepaid burner SIM? You can buy a prepaid card for minimal amount and you generally keep the number at least for a year, and you put in 5~10 euro each year you can keep it active endlessly.

    A lot of things require a phone number. Here, the goverment needs you to have one, but also most workplaces and even the DHL. Getting a cheap trow-away sim isn’t a bad option. Especially since pre-paid SIMs aren’t connected to your name like those on a plan are.


  • Well, while everything tarketed to Europeans (having EU domains is enough) should follow GDPR including the right to be forgotten, the whole issue is a bit more complex than most people seem to think.

    For one, things not marketed to EU citizen don’t count. And the owner of a website, this case the hoster of an instance, is responsible for this. Not the software they use (Lemmy). I don’t think Lemmy tracks you specifically, as the code is open source and people likely would’ve noticed that by now. But servers could theoretically. That’s why you need to choose a server you trust, or host your own.

    An instance aimed at USA people hosted in the USA doesn’t need to be GDPR compliant while a German one hosten in Germany would. An instance aimed at the world hosted in the USA also would, but likely breaks GDPR simply by being hosted in the USA. That’s part of why big social media need EU servers.

    A federated system is not in one place, and another issue is that while deletion requests could be send (and Lemmy supports this accourding to their website), it can’t be as easily enforced to be followed by third parties. Of which, there are a lot in a decentral place.

    Think of this: If I post something on Reddit, it get’s reposted to 4chan, then I remove my original post, then it’s still on 4chan. I could ask them to remove it, but that would likely be declined. Since 4chan has little to do with the EU and it’s citizen, and doesn’t actively market itself, they have little to do with the GDPR. At best you could make a copyright based claim, but that’ll change it into a whole other topic.

    Federated systems similarily take eachothers content. It’s important to note that generally Federated networks don’t push their content to other instances. Instead, other instances grab them from each other. How often has federation not gone smoothly causing deleted Mastodon posts to still show up on otger instances because they grabbed the post but not the deletion request (I’ve seen it happen multiple times already).

    The right to be forgotten forces them to make it anonymous and untracable upon request, but not to delete every word you ever typed. Anonymising your account and deleting traceble info only would be enough. That means, if the server you requested to deletes their part + send a request to third parties they deliberatly send info to themselves, they did their job as far as law is concerned.

    Any third party that grabbed the info by themselves, would require you to send a new request to them. Considering federation works by grabbing other instances, not by pushing your instance to others, any federated post that still has your old info could still be up if changes or deletion requests haven’t been processed.

    So is Lemmy bad for privacy by default? Not anymore than the rest of the web, as long as you understand that the whole point of decentral systems mean it’s not one place. Best to always keep in mind that everything on the internet is forever and public, even if you delete it or use filters on who can see it, as you can never ensure no one copies it and post it elsewhere.