There's a common false dichotomy about #Threads: cut them off, or leave it to user choice.I can't speak to other software, but Mastodon offers a third option: limiting Threads. This can be done for all users of a server....
This doesn’t solve the problem of sending Threads a copy of absolutely every bit of activity that happens on the instance. If I’m on an instance that federates with Threads, even if I put them out of sight/out of mind, they still get a copy of everything I do. A lot of people are on the fediverse for privacy reasons, yet here we are with people begging to hand Facebook this data on a silver platter.
“But why hide information that’s public? They could just scrape it.”
Yes, they could. But a real-time feed of activity is more complete, easier to manage, and doesn’t require them to go and build a scraping tool just for this.
If I don’t want Threads to have any of my data sent to them, I should be able to choose without needing to leave an instance I’ve been on for potentially years.
Ah, I misunderstood what you were saying at first. You’re right, it’s not everything on the instance that gets sent, only those things that federated instances need.
But as a user, unless I run my own instance, I don’t get to decide when my posts or edits get sent out to any federated servers. That’s what I was referring to. All of that stuff gets sent out “like a firehose.”
And over time, as more people on Threads interact with certain ActivityPub instances, the range of communities Threads will be sent updates for might as well be the entire instance. If I block them, that’s just a visual block. My stuff will still be sent to them, and depending on how they set up their federation, my content might be available on “threads.net” as well.
Hello, I successfully rooted my Pixel 8 Pro but I am stuck at “Phone is starting” after enabling Zygisk and rebooting. It does boot fine into safe mode tho. What can cause this issue and how can I fix it? Thx a lot!
Are you on GrapheneOS by chance? Either disable Zygisk or try the build I linked here. They kinda rushed the 26 builds out the door without a lot of testing, which is a shame, considering there will be no more releases until v27
However, be warned: my system was very unstable with Zygisk enabled even with this build. Everything would “work,” but apps would randomly crash, be unresponsive, or just display very strange behavior that all went away when Zygisk was disabled. I leave it disabled for now and will try again in v27.
For apps that have root detection, try web versions of those services when possible. Especially banking services.
Look at the build I linked in my issue there. You will see an artifacts page where you can download a working build as a zip. You need to be logged in to GitHub to see the download link.
But like I said, Zygisk is still pretty broken even with that build. You’ll get “further,” but I wouldn’t recommend running it as a daily driver.
No one has any clue when 27 is coming. I just know 26.4 was the last 26.x build.
I dont want to start a fight or anything like that, I have to decide between these 2 and cant figure out which is the best and why, mostly because if you ask on X they just start swearing to each other without giving any real explanation, can anyone help a person who want to embrace privacy and anonimity?
CalyxOS (and the supported devices) expose you to a classic “evil maid attack” applied to phones.
As usual if you’re looking to have any security (Verified boot) GrapheneOS + Pixel phone is the only options. I really don’t get it how come people(…) are okay with having a phone with all their personal data and logins without verified boot. Stolen / lost phone and game over.
I’ve tried several forks of mobile Firefox over the months and they all (Mull, Fennec, Iceraven) suffered from the same issue of running at 60 Hz while the regular app runs at the native 120. This makes it feel very sluggish especially in comparison to every other app and has kept me on the official app....
The indicator does flicker between 60 and 120 while the page is loading, but it’s not perceptible. However, if what I’m seeing means the FPS goes down to 60 while the app is busy, this may be some kind of performance throttling done to keep resource usage low. If you have lower end specs, this may be the explanation. I’m on a Pixel 6 Pro.
Why are reproducible builds only on one platform (Android)? Desktop version could have a built-in backdoor and data would be transferred not from the phone, but from the PC)
Sorry to be blunt, but you’re not a developer and it shows. Android’s build system was purpose made to be reproducible. Electron was not.
There is so much going on in an Electron build, most of which is out of Signal’s control unless they maintain an entire fork of the Electron build stack. That is an enormous engineering effort for basically zero benefit.
It probably is functionally reproducible, apart from checksums differing due to build dates baked into the artifacts somewhere. It’s not as easy as you think.
If you think it’s as easy as “building it in a Docker container,” then by all means, try.
I’m considering flashing A13 on my phone, PixelOS in particular, but I want to make sure custom launchers (Lawnchair) are able to fully use gestures, including animations without flashing Magisk and installing the Quickswitch module.
Keep in mind that Lawnchair is buggy and consistently 2 years behind the latest version of Android. I’m using their 12.1 beta, and it still crashes with null pointer exceptions about twice a week. And, on Android 13 and 14, integration you would expect between the recents screen and Lawnchair does not work. These are the gestures you’re talking about.
And here we are on the launch of Android 14, with no development of Lawnchair for Android 13 in sight.
I should also point out, these gestures you’re mentioning only work on the stock Pixel launcher, the AOSP launcher, and Lawnchair. This is because starting with Android 9, Google baked the recents switcher directly into the launcher app. And, it has to be a system-level app with a special system config that allows the launcher to perform this function.
This is why root is needed for the Quickswitch module. Lawnchair has the code to do this (at least on Android 12), but you have to overwrite a system config to allow Lawnchair’s package name to be capable of serving the recents screen.
The person you replied to is being downvoted, and yes, expecting support from Google is a meme, and Google deserves 100% of the negativity they’re receiving in this regard.
But, in their defense, they have always kept their word on keeping Pixels updated, and in some cases, have added on an additional year of support when not originally planned, including an extra full Android update for older devices.
So while they eventually kill every new software product they make, they’ve always kept their word on Pixel updates. I think the Pixel team has a lot more resources than the rest of Google, so I’m inclined to believe them for now, but I’ll be one of the first people grabbing a pitchfork if they don’t keep their word.
Be careful, there have been some pretty nasty 0-click exploits in the time Android 11 has been around, so I hope you have still been getting security updates.
In about 5 months, Android 11 will be end of life and won’t get security updates anymore, so definitely keep an eye out for anything you may be vulnerable to.
If you haven’t been getting security updates, I would definitely consider getting a new phone. Especially if you are not one that stays home a lot. The people who will try to exploit things like Bluetooth will be out and about, not walking up to your home.
Of course, Android 11 is still supported as of right now, so if you have been getting security updates when available, then you are good. I just know there are phones running 11 and below that don’t even get security updates, so those are the people that need to watch out. You can check your Security Patch Level in settings to be sure.
It’s not an assumption. The vanilla Signal app has code in it that disables itself after a certain period without updates. Unless they removed that from this app, then this will do the same thing.
While Jitsi is open-source, most people use the platform they provide, meet.jit.si, for immediate conference calls. They have now introduced a “Know Your Customer” policy and require at least one of the attendees to log in with a Facebook, Github (Microsoft), or Google account....
Why is everyone up in arms about this? The abuse of their free service was rampant. This isn’t a core project change, this is just a measure to keep a version of the project up for free without completely taking it down. They don’t even have a way to monetize this. An alternative was to simply shut it down and only allow you to self host it.
I self host my Jitsi instance, but as a privacy nut, I don’t see a problem with this. Absolute privacy cannot always coexist with free anonymous services. Don’t blame Jitsi, blame the people who ruined it for everyone else.
In this case, it sure does sound like abuse. Considering the careful wording, combined with the seemingly kneejerk reaction of requiring authentication, there was likely illegal activity going on:
Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some people merely saying things that others disliked.
Over the past several months we tried multiple strategies in order to end the violations of our terms of service. However in the end, we determined that requiring authentication was a necessary step to continue operating meet.jit.si.
It was a free, anonymous service that let people stream video and send messages. Consider for a moment if that “video” was actually non-video data encoded to be streamed through Jitsi and sent to another location. Or, consider if the video was video, but was so egregious and illegal, that Jitsi had to take action. It doesn’t take a lot of thinking to consider the kinds of activities could have been going on.
Hi, I’ve got a fairly modest computer by today’s standard and I’m looking to upgrade the GPU and perhaps also the CPU. Mostly I use it for playing games and your other typical PC tasks, not much video editing and stuff of that sort. Mostly MMOs, sandbox games, RPGs, CRPGs and the occasional sim or 4X....
I spent a lot upgrading my PC, but I ended up being so busy with other things that I really didn’t have time to play it. The promise of better looking games and better VR performance excited me, but after it was all said and done, I hardly turn the thing on. For a whole month I just wanted to play on my Steam Deck, and even just these past two weeks, I haven’t had time to do any gaming at all.
Maybe your situation is different, maybe not. But think about what your day to day life will be like after you buy it, rather than focusing on game fidelity.
You said you’re saving up for a house. Moving is time consuming and stressful, it will likely be a month, 2 months of making arrangements. Will you have time to game?
By blocking unauthorized emulations on PC, studios are able to increase their revenue during the game launch window, which is the most important period for monetization.
Uh huh, yeah, this will definitely just create money out of thin air from people who couldn’t afford it in the first place.
The Nintendo Switch Emulator Protection will ensure that anyone wishing to play the game has to buy a legitimate copy.
To say nothing of Switches running custom firmware. There is absolutely no way for a game to detect this, so it will still be easy to pirate with those. Games will still leak early. Nothing will change.
This is a grift. Studios will probably spend more to license this “technology” than they stand to “save” by preventing emulation. They are taking advantage of clueless game studio execs and they know it.
I’ve been using Lawnchair for a while, but development is so slow, and they are so consistently behind Android updates, that I think I’ve given up on custom launchers and will just use the stock AOSP launcher.
It is disappointing, but Google has made it so you don’t get the fancy recents carousel unless you use the stock launcher. Lawnchair does support that by pretending to be the stock launcher, but Lawnchair only supports up to Android 12, and Android 14 is about to come out. There hasn’t been a hint of Lawnchair even starting development of Android 13 compatibility, so I’m not confident they’ll be able to keep up with 14 and beyond.
It’s really hard to take calls to action like this seriously, when they unironically talk like this:
You cannot pass this invasive “browser check” without enabling JavaScript. This is a waste of five(or more) seconds of your valuable life.
Most of the other points are either grasping, misleading, or make the classic FOSS-centric assumption that we live in a fantasy land where all hosting is free and companies don’t need to exist.
I’m not out here trying to say Cloudflare is vital to society, but come on, these arguments are toothless.
As the title suggests, Lutris is requiring me to sign in to GOG so that it can verify my ownership of the game. If my memory serves me well, I used to be able to simply click on the GOG version and then link it to the installation executable file that I downloaded from gog-games.com.
This was fixed already, but a new release of Lutris has not been published with the fix included. The exact line in your screenshot was specifically removed in this commit:
Moon Channel, a lawyer who dives into some of the legal topics surrounding the gaming industry, most of them Nintendo related. Really well researched information about emulation legality, modding, even copyright infringement Nintendo themselves committed in the 90’s (in the Mother 3 video), all sorts of stuff.
He also has a few other things, like a REALLY LONG video on JRPGs, or commentary on MMOs.
its not a noble cause to pay some dude who made an app we dont need
Do you think professional independent developers shouldn’t be paid for their work? Do you think this kind of development is effortless?
I don’t understand why people keep parroting this. The app is free. It’s a professionally developed app, where the quality tradeoff is either ads (which can be blocked) or your choice of ad removal payments.
This isn’t some company trying to exploit the community here, this is a full time app developer who just had his livelihood completely cut off. People begged him to make a version for Lemmy, and he did. He deserves to be paid for the hours and work he put in to make it happen. You can’t make an app if you can’t buy food or pay rent.
And if you don’t like that, then don’t use it. He’s never pressured users into paying, and he’s never suggested everyone on Lemmy should just send him money. He isn’t even spamming posts advertising the app, enthusiastic users are.
No one is calling you a cheapskate. It’s just that when you said this:
its not a noble cause to pay some dude who made an app we dont need
…in context, it comes off as “Sync is not necessary to exist, therefore no one should pay him.”
I understand what you mean now, but you worded it terribly.
And by the way, going around in the comments being unnecessarily hostile and calling people “dumbfuck” or “asshole,” when they were just as confused at your poor phrasing, makes you come off as an asshole, so maybe work on that :)
Why YSK: It appears several Lemmy Instances are flagged as suspicious and at least 1 instance intentionally using the name of ransomware. A couple of the big enterprise monitoring suites (Fortiguard, ZScaler) will flag your account and may end up with you being pulled into an office for an explanation, or worse....
I love seeing all the CrossCode recommendations, and on Lemmy of all places. Here I thought no one knew about it!
Easily my favorite game of all time. I don’t think it ever drops the ball, the combat is awesome, the story is incredible, and the characters are so well written that you’ll think they’re actually real people.
The biggest criticism is the game’s puzzles, but they aren’t really as bad as some (very impatient) people make them out to be, and there are options to decrease the difficulty of the puzzles.
I’m not advocating for running containers as root, I was correcting your suggestion that container breakouts are trivial and easy to perform. But let’s walk through those 2022 breakout vulns shall we? I even found one more.
CVE-2022-0847 - DirtyPipe, a Linux kernel vulnerability, and one of the most major and prolific Linux kernel vulns to date. In addition, it wouldn’t have mattered if the container ran as root or not, this was a significant Linux kernel flaw. In fact, the PoC runs the container as an unprivileged user.
CVE-2022-0492 - Needed CAP_SYS_ADMIN to be exploitable, isn’t exploitable anymore, and falls under my remark of “the user doing something stupid.”
CVE-2022-0492 - Vulnerability due to cgroups, and wouldn’t be exploitable as a root container user unless a very specific set of 5 prerequisites were met. “Just being root” was not enough for exploitation.
CVE-2022-23648 - Was a read-only vulnerability relating to volume mounts, root vs non-root was not relevant to the vulnerability, and it only allowed for “breakout” in situations where you’re running in a Kubernetes cluster and the container can read service account tokens. Running as a non root user would not have prevented this.
I’m not saying “running as root doesn’t matter,” running as a non root user is a best practice, yes. But breakout vulns are more rare and harder to exploit than even your response to me is trying suggest.
I’m really not a fan of when features are teased as “coming to Android 14.” There is absolutely no shot this gets upstreamed to AOSP.
Reading between the lines in the article, this is going to end up in an update to Google’s launcher app, or maybe their wallpaper app. At most, their closed source flavor of SystemUI.
But for the growing number of us compiling AOSP from source and using it to get away from Google’s spying, it’s disingenuous to keep advertising these features as “coming to Android 14.”
Heck - if this feature makes it in any of the apps like I said it might, then there’s really no reason to lock it to Android 14. It could easily run on Android 12 and 13. But it won’t, because Google wants you to buy a new phone.
Been running CalyxOS for 3 years. Compile it myself from source with some extra tweaks and such. I’ve even got a nice build server going that automatically compiles builds monthly and pushes updates to my phone via OTAs. It was a little work to get set up, but now it doesn’t feel any different from the stock Android experience.
It started because I was tired of all the unchecked spying Google does, and I wanted to get away from that. But now I can never go back to “regular” Android, because the vendor bloat in “stock” ROMs is incessant, and I am maintaining patches for quite a few features Google has either removed, or never supported in the first place (2-button navigation, AM/PM clock, automatic call recording).
Honestly, there hasn’t been any drawbacks. The phone works perfectly, calls are fine, it runs great, and I haven’t needed Google Play Services for basically anything. My banking app still works. I don’t use Google Pay so I don’t really care that it doesn’t work. Android wearOS doesn’t work, but at this point Google has dropped the ball so severely, I don’t have the motivation to bother with a smartwatch.
Most of my paid apps continue to work without patches, and I get them from Aurora Store. For the ones that don’t work, I just patch them myself to remove the license checks. I paid for them, so I should be able to use them regardless of what ROM I use.
Thanks! But I can’t take all the credit. Calyx maintains the OTA updater and it’s very configurable. Just change the domain name, make sure your webserver has all the right files, and you’re off!
We just need to find a librarian. Then they can access the secret network of librarians and ask about this story. We’ll know what the tale was within 2 hours.
She’s almost 70, spend all day watching q-anon style of videos (but in Spanish) and every day she’s anguished about something new, last week was asking us to start digging a nuclear shelter because Russia was dropped a nuclear bomb over Ukraine. Before that she was begging us to install reinforced doors because the...
We can thank all that tetraethyllead gas that was pumping lead into the air from the 20s to the 70s. Everyone got a nice healthy dose of lead while they were young. Made 'em stupid.
OP’s mom breathed nearly 20 years worth of polluted lead air straight from birth, and OP’s grandmother had been breathing it for 33 years up until OP’s mom was born. Probably not great for early development.
In the past few days, I’ve seen a number of people having trouble getting Lemmy set up on their own servers. That motivated me to create Lemmy-Easy-Deploy, a dead-simple solution to deploying Lemmy using Docker Compose under the hood....
Unfortunately, there is not a lot of information to go off of here. I was able to upgrade to 0.18.4 with no hitches, and I haven’t seen similar reports of this.
Are you using any custom configs? Do the logs for just the Lemmy service show you anything of note?
In the past, Lemmy itself has had some strange edge cases causing crashes, such as an improper audit log value causing the entire audit log to fail. It’s possible this is a similar case, in which case you may need to file a bug on Lemmy’s tracker.
You are welcome to file an issue with some more information and logs, but if this is an issue caused by a bug in Lemmy, unfortunately I won’t be able to fix it.
If you’re still having issues, feel free to give me some more info on my tracker and I can take a look:
In the past few days, I’ve seen a number of people having trouble getting Lemmy set up on their own servers. That motivated me to create Lemmy-Easy-Deploy, a dead-simple solution to deploying Lemmy using Docker Compose under the hood....
Hey there, please note that running behind a reverse proxy is not supported. You can do it if you want, but you are kinda on your own, sorry.
If it helps, you will probably need to disable Caddy’s TLS in the config, and you will need to make sure that the request reaches Caddy via the correct host. You can’t reverse proxy directly to port 80 over an IP, it needs to think it’s coming from an actual domain.
You can also check out my advanced configuration page to learn how to override the Caddyfile template and roll your own config that is more compatible for your use case.
If you’re not already, I recommend trying to host this on a cloud VPS service, such as Vultr, Linode, or DigitalOcean. This would give you a reliable, always online Lemmy instance, which means you won’t miss any federation data. Even a cheap $5 VPS instance would be enough to get you started, though a $10 would give you more breathing room.
If you’re hosting at home, it’s generally not a good idea to do that, especially for an application like Lemmy. Most consumer grade network equipment at home might not be equipped to deal with the unrelenting 24/7 flood of data coming in due to federation. And if your power or internet ever goes out, you will be missing any comments, posts, or votes that were sent out during your downtime.
Erik Moeller on Mastodon: There's a common false dichotomy about Threads [...] (nerdica.net) en-gb
There's a common false dichotomy about #Threads: cut them off, or leave it to user choice.I can't speak to other software, but Mastodon offers a third option: limiting Threads. This can be done for all users of a server....
Pixel 8 Pro Root stuck at "Phone is starting"
Hello, I successfully rooted my Pixel 8 Pro but I am stuck at “Phone is starting” after enabling Zygisk and rebooting. It does boot fine into safe mode tho. What can cause this issue and how can I fix it? Thx a lot!
graphene VS calyx
I dont want to start a fight or anything like that, I have to decide between these 2 and cant figure out which is the best and why, mostly because if you ask on X they just start swearing to each other without giving any real explanation, can anyone help a person who want to embrace privacy and anonimity?
Firefox Android forks running at 60 Hz
I’ve tried several forks of mobile Firefox over the months and they all (Mull, Fennec, Iceraven) suffered from the same issue of running at 60 Hz while the regular app runs at the native 120. This makes it feel very sluggish especially in comparison to every other app and has kept me on the official app....
Why doesn't Signal Desktop support reproducible builds? (upload.wikimedia.org)
Why are reproducible builds only on one platform (Android)? Desktop version could have a built-in backdoor and data would be transferred not from the phone, but from the PC)
Does Android 13 non-root support gestures for custom launchers?
I’m considering flashing A13 on my phone, PixelOS in particular, but I want to make sure custom launchers (Lawnchair) are able to fully use gestures, including animations without flashing Magisk and installing the Quickswitch module.
FOSS alternatives to Tasker?
Hi all,...
Pixel 8 to have seven years of Android updates (www.theverge.com)
Now this is nice. Hopefully 3rd party manufacturers can also provide a longer life span for the device.
Android 14 rolling out to Pixel on October 4 (9to5google.com)
Apollo Justice: Ace Attorney Trilogy - Release Date Trailer (www.youtube.com)
Coming January 25
Molly, Signal fork introduced multiple devices support tablets included, all linked to one single account (github.com)
Jitsi, the open-source video conferencing platform, now requires a Google, Microsoft, or Facebook account for their online service (jitsi.org)
While Jitsi is open-source, most people use the platform they provide, meet.jit.si, for immediate conference calls. They have now introduced a “Know Your Customer” policy and require at least one of the attendees to log in with a Facebook, Github (Microsoft), or Google account....
Request for advice: talk me out of upgrading my PC
Hi, I’ve got a fairly modest computer by today’s standard and I’m looking to upgrade the GPU and perhaps also the CPU. Mostly I use it for playing games and your other typical PC tasks, not much video editing and stuff of that sort. Mostly MMOs, sandbox games, RPGs, CRPGs and the occasional sim or 4X....
Denuvo by Irdeto now registered as authorized Nintendo Switch™ middleware (irdeto.com)
And here we go. Expect your C-tier AAA games to have Denuvo on Switch, stopping players from emulating it.
Which non-standard / unpopular launcher do you use?
Hey c/Android,...
Birb rule (i.imgur.com)
It would appear lemmy.world has blocked this community (sh.itjust.works)
!piracy has also been blocked from lemmy.world....
Piracy > resellers (lemmy.ca)
How does the free version of Cloudflare proxy track users/visitors? (discourse.pi-hole.net)
I have embedded a link into the title where a person is frustrated with Cloudflare....
Lutris Login Requirement for GOG Game Ownership Verification
As the title suggests, Lutris is requiring me to sign in to GOG so that it can verify my ownership of the game. If my memory serves me well, I used to be able to simply click on the GOG version and then link it to the installation executable file that I downloaded from gog-games.com.
My dog (programming.dev)
🙃😵💀 (lemmy.ml)
what are some great YouTube channels worth checking out?
Inbox's spiritual successor Shortwave has finally come to Android (lemdro.id)
androidpolice.com/google-inbox-spiritual-successo…
I like the web app more. (lemmy.world)
I have very important news (sh.itjust.works)
YSK: Browsing "ALL" at work might get you pulled into an office, even with NSFW off.
Why YSK: It appears several Lemmy Instances are flagged as suspicious and at least 1 instance intentionally using the name of ransomware. A couple of the big enterprise monitoring suites (Fortiguard, ZScaler) will flag your account and may end up with you being pulled into an office for an explanation, or worse....
Sea of Stars has completed development and gone gold! (store.steampowered.com)
Release is on-track for the 29th of August. Huzzah!
[Request] FOSS alternative to gfycat?
Is there a FOSS alternative to gfycat for hosting short video clips? With gfycat shutting down, I’m looking for other options.
Photon v0.4.0: Basic moderation and QoL features! (photon.xylight.dev)
Photon is a sleek web UI for Lemmy....
Alphabet reports a rise in earnings, teases generative AI in Android 14 (www.reuters.com)
cross-posted from: lemdro.id/post/178476...
Do you run a Custom ROM?
Simple question really! Are any of you running a Custom ROM? Furthermore, are any of you running a De-Googled ROM?...
libraries are the best (i.imgur.com)
How to de-radicalize my mom's youtube algorithm?
She’s almost 70, spend all day watching q-anon style of videos (but in Spanish) and every day she’s anguished about something new, last week was asking us to start digging a nuclear shelter because Russia was dropped a nuclear bomb over Ukraine. Before that she was begging us to install reinforced doors because the...
[Project] Having trouble deploying Lemmy? Try my new script! Get up and running in minutes! (github.com)
In the past few days, I’ve seen a number of people having trouble getting Lemmy set up on their own servers. That motivated me to create Lemmy-Easy-Deploy, a dead-simple solution to deploying Lemmy using Docker Compose under the hood....
Having trouble deploying Lemmy? Try my new script! Get up and running in minutes! (github.com)
In the past few days, I’ve seen a number of people having trouble getting Lemmy set up on their own servers. That motivated me to create Lemmy-Easy-Deploy, a dead-simple solution to deploying Lemmy using Docker Compose under the hood....