Are actually Bottles secure?
deadcade @ deadcade @lemmy.deadca.de Posts 0Comments 179Joined 2 yr. ago
deadcade @ deadcade @lemmy.deadca.de
Posts
0
Comments
179
Joined
2 yr. ago
For 2, Persona 5 Royal (in its opening hours if I'm not mistaken). The only one available on Steam.
Edit: Didn't realise tactica was already out. I stopped following the releases of the Persona spinoffs literred with Denuvo.
Pick your privacy-invasive poison, or go with a different brand and do some research yourself.
Idk man I don't see Apple going all in on AI like Microsoft right now. You should give them at least a little credit for their own terrible ideas.
WireMin is a massive scam, please don't use it. It's been advertised on several Lemmy communities with unsolicited posts and comments, and it promises things it can't do, like offer any type of privacy.
WireMin markets itself as a decentralized service. The question was "why use this", so I mentioned the pros of using decentralized services. I did not ignore the question. WireMin should not be used. Other (truly) decentralized protocols like Matrix, XMPP, or anything running on ActivityPub have benefits over services owned by companies like Signal or Telegram.
However, most people are locked into a platform by their contacts, and their contacts choice of chat application. If most (or all) of your contacts are already on Signal, there's no good reason to use anything else.
Ah look at what we have here, reposting memes on the twitter account. You are the developer of WireMin, this is a blatant advertisement disguised as a review.
Oct 27, 2023 at 3:51 AM UTC: https://lemmy.deadca.de/post/94628 | https://lemmy.world/post/7388906 | https://archive.ph/f8fY5
Oct 29, 2023 at 4:04 AM UTC: https://nitter.net/WireMin/status/1718478766547324992 | https://twitter.com/WireMin/status/1718478766547324992 | https://archive.ph/u8XxG
As a 3-month user of WireMin, I am quite familiar with the ‘Spaces’ feature; it is definitely their standout feature. Here are a couple of things you can do in the WireMin Space: proceeds to list off features
This is not a review of WireMin, this is blatant advertising. Advertising of a service that is a scam.
There is a great benefit to using decentralized services. They cannot be taken down by any entity, and control over data is in the hands of server hosts, rather than one company. Once running and popular enough, a decentralized service will continue to exist. With so much infrastructure owned by so many different people, no single person can "decide" to take it down.
That said, WireMin is still a scam, please read my other comment for more info. Use whichever chat application works best for you.
(I can't believe I'm replying to a spam account) In case you can't read my linked comment:
It's not open source. There's no way to actually verify any of their claims.
As others pointed out: "Contact Us" with gmail, facebook, twitter, or instagram. Any company (or individual) remotely advocating for privacy would be using (semi-)private services, even when advertising their own alternative.
The terms of service / privacy policy includes:
WireMin establishes a self-organizing network only by a number of active instances of WireMin apps. WireMin, as a protocol, utilizes advanced security and time-tested cryptography to provide a private messaging tool and social network. All of those are achieved in a democratized network without relying on a cloud service or back-end server.
No single bit of user data will be collected. WireMin is not even capable of doing that.
No user information will be provided to us, not a single bit.
however, it also contains
WireMin collects minimum device information
and
Occasionally for WireMin App on mobile devices, an additional device notification token (e.g. iOS devices) may be collected, to enable push notifications. Again, that information is collected without exposing user identity or the device's IP which eliminates the possibility of user tracking.
It is impossible to not receive user information, and impossible to receive such notification token without knowing the device IP. User/device info gets provided to the app developers when someone downloads their app from the app store or play store. To actually use the push notification token, it requires server infrastructure. A push notification token is useless without having a centralized server to use it. Not having any servers means you can't use the token, and having the token spread across different servers to remain decentralized would be dangerous, as the token could be used to fake notifications from the app.
Added to that, the blatant spam and advertising that's happening in posts like these or comments under other posts related to chat applications. Your post is part quoted "update log" and part advertisement written as if it's a review.
WireMin is a scam, unable to deliver on their promises. I already explained this on one of the previous ads that was posted: https://lemmy.deadca.de/comment/599111
Please use FOSS decentralized software, such as Matrix.
Depends on how it's implemented. Anyone using a "media proxy" will see their discord bridged media probably fail to load (outside of possible caches) after a day. Anyone who has their bridge configured to reupload discord media to their homeserver should see no change.
And the reason you mentioned Ubuntu is "finicky" was explained above. It is not a good "just works" distro, there's much better options than Ubuntu.
It used to be (one of) the best "just works" distros, but is somehow one of the worst now. Outdated blogposts still recommend it, and Canonical still calls themselves the "most used" desktop distro. The alternatives are just better.
This isn't about "making the game work", or "adding Linux support". This is about toggling a checkbox to stop explicitly preventing Linux from working.
The games that already did never faced a massive cheater problem because of it. The games that have stopped development long ago or "don't care about Linux" (without preventing it with anti cheat) were still made playable by Wine and Proton.
If the developer wants, they can add system info to their ticket system and filter out any Linux tickets. It costs a game developer barely anything to decide to allow Linux users. Linux support costs a lot, but valve, wine, and the community has been putting a lot of effort in so game developers don't have to change anything about their game.
(Not so) fun fact, a lot of Windows viruses work under Wine on Linux. If you have ransomware bundled with your pirated media, it will likely also encrypt your Linux files.
Use Bottles as a Flatpak, isolate all your applications from each other and from your host system.
I did buy an index and I wouldn't be able to go back to full "inside-out" camera tracking. Just doesn't work for some games.
This is a very rushed update. SteamVR on Windows will be lacking some features a lot of people got used to, but it runs. (Main one I ran into so far is screenshot management, but a lot of the big picture mode UI is not accessible due to a controller being required to push buttons)
SteamVR on Linux however, is a complete mess. It was also a mess on SteamVR 1.x, but 2.0 broke so many things. Launching any of the included apps such as room setup, changing settings, taking screenshots. I really hope they add the last 1.x version as an update branch for compatibility reasons, 2.0 is simply not ready on Linux.
Also, good luck everyone on the keyboard. It's supposed to have support for using multiple controllers, but it has been dropping and duplicating keypresses for me.
Short answer: you don't. It's either privacy or a facebook app, not both.
Longer answer: Don't use the facebook app https://github.com/mautrix/facebook (requires your own Matrix homeserver)
It is much more complicated to host a Matrix homeserver and Facebook Messenger bridge, however, it allows you to use a FOSS chat app on your Android phone. With notifications and if needed, fully outside google infrastructure, or even fully selfhosted, with ntfy.sh for example. Without running any proprietary Facebook code, and without directly connecting to Facebook servers on your Android device.
It is of course unavoidable to have complete privacy, as your messages will still be sent to Facebook, but you avoid almost all telemetry (and all on-device telemetry) by using a Matrix bridge rather than the official website/app.
Another option is Beeper, although privacy with them is questionable, since you're fully trusting them with your account, and any incoming/outgoing messages. It does avoid Facebook telemetry on device, and is much easier than hosting a Matrix homeserver.
Please use up to date sources. (Disclaimer: Apple has continued and cancelled this "feature" enough times I'm not 100% sure if it's currently in iOS, but I'm certain enough to not trust any Apple devices with any photos.)
The hashing algorithm they used had manually craftable hash collisions. Apple did state they would be using a different hashing algorithm, but it likely contains similar flaws. This would allow anyone to get your iPhone at least partially flagged, and have your photos sent to Apple for "human verification". Knowing how this algorithm works also allows people to circumvent any detection methods Apple uses.
Not every iPhone is going to include a list of hashes of all illegal material, which means the hash of every image you view is sent to Apple. Even if you trust them to not run any other tracking/telemetry on your iPhone, this alone gives them the ability to track who viewed any image, by only having a copy of the image themselves. This is a very powerful surveillance tool, and can be used for censorship of nearly anything.
Some programs may use libraries or tools specific to a distributions package manager. For example, yay, an AUR helper/pacman wrapper. You would have a very hard time getting it to work on Debian.
Other programs might only include build scripts for a distro specific build system. For example, a program might skip using a Makefile, and do everything in the Arch-specific PKGBUILD.
Generally though, most software uses a standard cross-distro (or even OS) build system. In this case, compiling from source would be an option on any distro. The program might still only be packaged for Arch/NixOS/Gentoo (or others), as it is a very simple process to do so.
Most malware is written for Windows, especially when it's distributed as a Windows executable. (Almost) no Windows malware targets Wine specifically. However, Wine on its own is not a sandboxing tool, and Windows ransomware will ruin your day.
Bottles does two things for security:
By separating wineprefixes, as long as the host filesystem is not directly exposed (which iirc is default for bottles), any malware not written with Wine in mind will only affect its own "bottle".
By being a flatpak, even if some Windows malware specifically targets Wine, it would still have to escape the flatpak sandbox for elevated permissions. If the bottles flatpak has no access to personal files, "Wine-aware" malware won't either.
Although malware can still do damage, even in its own sandbox. For example, botnet type malware would still function. The host system is "safe", but the damage can still be done externally. Usually application-defined "autostarting" of applications is broken under Wine (iirc), which means all non "Wine-aware" malware will only start when an infected windows application is started in bottles.
Any sandbox will eventually be escaped, and malware sophisticated enough will be able to get access to everything on the host system. The chances of running into malware like this in the wild are extremely small.