cmhe @ cmhe @lemmy.world

Posts

0

Comments

350

Joined

2 yr. ago

Exactly right. However all the downsides you have when doing that sort of defeats the purpose. So a GrapheneOS native way to control your device would be nice.

Well, I never really missed being able to pay via NFC on a phone, but I also never done it. My NFC chip in my card works fine.

When my baking app started detecting my rooted phone, I just switched to using their web-app via Firefox, which allows you to create a direct link to it as an "App". Which is probably better anyway, than installing random proprietary apps on a phone. And logging into it every time is also easy with a password manager.

So I guess, as long as the banks still offer a website, I am good.

I am currently using a rooted LOS with MicroG. It certainly is not as secure as GrapheneOS in terms of app sandboxing, encryption, regular security updates, etc., but I have control of the system, in case I need it, for instance ACC, F-droid privilege extension (F-Droid auto updates), ReVanced Manager (not using it currently) etc.

I trust GrapheneOS much more than Apple, but both go into a similar direction with their understanding of security. IMO taking control away from the user might be a good option, if you are dealing with just regular consumers, but I don't really like the "one-size-fits-all" approach of it. And it is my device, I should be allowed to decide what I want to do with it.

BTW, this is just a personal annoyance of mine. The GrapheneOS devs do a very good job.

I would like to switch, but there are a couple of points that are still holding me back right now:

• Charge limits, on LOS I can root the phone, install ACC and still use the OTA updates, if I apply the patch afterwards. (Will be resolved in A15)
• Option for sandboxed MicroG, IMO privacy is also very important for security, and people should be able to decide if they like more privacy or more security.
• Option for rooting sandboxed apps from outside. IMO I, and a person, like to have full control over my phone. Trust often comes with control. If I choose to trust one app to have root access to another app in order to inspect it, then this should be possible. Sandboxing could allow one app to have root access to individually chosen other apps, thus limiting the impact compared to system-wide root access. Maybe offer rooting gated behind a separate hardware token authentication. (sudo like) A lot there can be improved IMO, while still providing it and making it more secure in general.

I know that my understanding of security and privacy might be different from what GrapheneOS understands, but as a long time Linux Admin, I don't like black boxes, I like to peek into them, modify or patch them, when they do something I don't want them to do, etc. So that when I enter personal information into them, I am still in control what happens to them, at least that is my desire.

Taking control away from the user in order to "improve security" might be a valid approach to some, but it is not something I have much trust in.

"Some firefox users like firefox" vs "many chrome users enjoy what they have" sounds to me like something that could have a source. Many sound to me more than some, so this is a comparison, which can be given a better foundation by supplying some numbers.

• Just as some Firefox users like Firefox, many Chrome users enjoy what they have too. They don't want to lose that.

Do you have some source for that? IIUC, you mean that more Chrome users like Chrome than Firefox users like Firefox, right?

So generally the pro of coreboot is that it is open source, but the con is that it is open source.

What I mean by that, you can fix any issues yourself, however, if you are unable to do it yourself, you have to wait until someone does it for you and often what features are available and stable are a hit and miss.

Compared to proprietary bioses, the company has some kind of standardized process for developing the bios. So you often get want you would expect. However, if the money flow from the pc vendor to the bios vendor drys up, you, or the community of owners. will not be able to fix any issues.

Linux support should be the same, regardless if you choose proprietary or open source bios. But that depends on how well the coreboot was ported to the platform. So officially supported coreboot bioses are likely better than others.

Personally, if all other attributes are equal, would go with coreboot, because I like to support vendors that offer that choice, and IMO a open source solution, that you can review and build yourself is intrinsically more secure than a binary blob, where you have to blindly trust some corporation. But other security minded people might disagree, which is fine.

IT guys will stop using it...

No, they will not, if they didn't already. Because convenience it key.

The browser war is over, and humans lost, corporations won. Google and other huge corporations control the biggest websites and most of the access to content on the internet.

They just need to make it inconvenient to use ad-blocking browsers.

They built their business on advertiser gambling, which seem to be flawed concept, because they keep on squeezing that tube for every penny more and more, in a race to the bottom.

But they are still in control of both browers and content so they have options to keep squeezing more.

So you want to use a ad blocker? Well, the browser that supports them might not be white listed (anymore) by the bot detector, and you have to solve captchas on every site you visit, until you come to your senses and use a browser, where ad blocking is no longer possible.

Oh, and all that is ok, because of "security". Because letting the users be in control of their devices and applications is "in-secure". They are just doing that to protect you from spam and scams, just trust them! Trust them, because they don't trust you!

That is how capitalism works, privatize earning and nationalize losses.

Capitalism needs the deep pockets of the government to not collapse into itself.

Sure, it is largely the fanbase, however I also think that the game industry seems to sometimes do somewhat of a "woke-washing", meaning opically supporting the LGBTQIA movement because of financial, shitstorm-prevention or other reasons than just wanting to create more diverse and inclusive games.

For instance I like Hogwarts Legacy, but it also takes place in the Victorian era, and it seems to project the modern tolerant society ideals onto the wizarding world of that time.

Depicting the society as inclusive and diverse is somewhat history revisionist. If you play as a non-binary or trans person at that time, then you should have to deal with prejudice and marginalization, otherwise it is just "woke-wash" the history.

So, IMO there are some cases, especially in historic (fantasy) games, where injecting modern ideals and standards might not fit or needs to be better addressed, than just let it be cosmetic.

They shouldn't do a halfhearted job.

Well... cults with an exit are just groups of people.

Apple looks more like a cult, similar to Scientology. Linux user as well.

I would be careful about assuming knowledge based on age. Young people might use technology without understanding it, and old people might understand it and don't want to use it.

Technology needs to be regulated, and I would not trust people with profit incentives to do so.

IMO, it is always important to investigate if a regulation wants to prevent a real issue or if they just mention some populist reasons for doing whatever they want.

Hmm... Gordon Freemann having no lines was much more jarring that the silent protagonist in the Portal series.

Gordon is supposedly a brilliant scientist, but gets ordered around by NPCs that do nothing.

Portal protagonist has likely brain damage from being in stasis for a while, so I can assume they are just mute.

So it really depends on the game, setting and story, if a silent protagonist works or not. But having some character with emotions and agency would be good anyway, without requiring them to speak.

But to install from local storage, you first download or fetch a storage medium from a remote location with the file on it. There isn't that much of a difference IMO.

I would not call it side-loading when I download a file and then install it on the same device. Because that is how it has always worked. I never before heard people describing downloading and executing a setup.exe as "side-loading".

Until some time ago, I always though that "side-loading" is something different. Since I first saw "side-loading" used in ADB, so I thought that it means using another system on the side to load and install software onto a target system.

So to me that seems fitting, but now it seems to be used differently. How is installing software using just one device "side-loading". What side do they mean?

It is Oblivion, so the crash might be unrelated.

Sure. However there is a difference between "NEWS is a acroym for something" and much more hurtful and/or political/commercial motivated spread of misinformation.

JUSTIZWACHTMEISTEREI

This is why we don't have nice things... we rather think that an incorrect statement from a random unknown person on the internet comes from someone lazy or nefarious, that from someone just making a joke.

I think it is funny to think of 'NEWS' as a abbreviation, why else would so many news media print it in capitals.