And now I understand why that weirdo was so hellbent on the corporations of the world supporting this

I know. We have too many guns and nobody can keep track of them to the point they end up with foreign paramilitary organizations. So let’s build even more guns

Even ignoring the ideological reasons to not want facebook integration: There are only so many hours in the day and so many dollars in the donation bucket. If an open source project is dedicating a disproportionate percentage of that on a feature that a significant part of the community actively do not want: That is exactly WHY you fork a project.

And once we consider the ideological and safety related reasons to not want facebook and giant corporate interests involved?

I have a lot of issue with the people who decide the answer is harassment and hate. But if enough development and organizational energy want to fork this? Fuckin’ A.

I can’t speak to their Password Management as I use Bitwarden for that

But I am slowly but surely migrating myself away from gmail to (my own email at my own domain routed to) Proton. The webmail is very much comparable to gmail and, if you communicate with like minded people, it has decent support for signing and even encrypting email both to other proton mail users as well as to complete randos with just a password that you can send later. My only real complaint is that (… for some really good reasons) there is no easy to use exchange server and I need to run their mail bridge to use a desktop client like Thunderbird to send and maanage and (one day) back up emails.

VPN? I switched over to this around the same time I decided I wanted to “take control” of my email and it works pretty well. Very easy to get some openvpn credentials that I can plug into whatever setup I want. And no extra fee for port forwarding unlike SOME providers. That said, my main complaint is that the port is semi-randomized which doesn’t play the nicest with my totally legit linux iso torrenting setup… But a quick docker ps and docker logs and then updating the config is pretty trivial and I only have to do it maybe once a week?

The big elephant in the room is that, as you rightfully understand, you are still putting a LOT of trust. But that is actually why I like Proton. Because other companies pretend they are going to knife fight the CIA and the US Government on your behalf all while actively not acknowledging anything until we get a post mortem. Proton are VERY open about just how far they are willing to go to protect you (not very) and what YOU can do to mean that Proton can’t provide much useful information once the appropriate paperwork and legal actions have been filed.

I wouldn’t trust a paid account with anything more sensitive than what really innovative stuff a friend did with a bun in the dumpster behind the Wendy’s the other night. But, hypothetically, if I needed to send an anonymous email? Third party VPN/Tor, clean hardware, and a free Protonmail account works great and I do trust Proton to give the absolute bare minimum in that case.

And just for a bit of context. My “grand plan” is to migrate the vast majority of my correspondence and accounts to email addresses tied to one or more of my own domains. Currently I plan to use Protonmail for the mail server because I don’t want that smoke. But the point is that I control the email address so I can get my Heat on and walk away in 30 seconds (actually more like a few hours but…).

Which is why the other aspect of that is that I want to back up the emails I actually want to save (rather than just EVERYTHING like those of us with older gmail accounts do) via a local client that I then archive to an encrypted volume on my NAS and (REDACTED) after that.

Not sure if google is particularly different but the way this works for the other services is basically low energy bluetooth scanning coupled with the phones providing their location*. So basically all the devices on that scanning/spy network periodically ping/listen for nearby devices/trackers. When it finds one, it sends a quick message to the servers with that phone’s location and the ID of the tracker. Get enough of those pings and you can triangulate the position of the tracker pretty precisely.

Which… is why this fundamentally does not work with “hacker” solutions that allegedly emphasize privacy. Because you just don’t have enough devices listening. This was painfully obvious with tile back in the day and is still an issue with Samsung in some countries.

*: Via a combination of gps, cell tower, and wifi network scanning. The less obvious part of that being wifi networks which is the majority of how interior positioning works.

Only if one of your parents got it on under the light of a warm menorah that was owned by your other parent.

I mean… bluetooth is literally broadcasting your position (sort of/it depends on the implementation). It is not at all a stretch that you should turn that off if you care about privacy. Same with not scanning for what wifi networks are available or even pinging GPS satellites (because that leaves a log). Hell… cell tower logs are a treat for cops/TLAs for a reason.

Aside from that? Good for you. If you actually follow through on that I can respect it. My point is more that this particular solution seems like the worst of all worlds.

Either you are demolishing your battery with regular phone homes to a server you hopefully control or you are relying on a push via SMS and the hope that you lose your phone somewhere you havea reception. And you still only have YOUR phone and YOUR network to track it which has significant drawbacks if you travel.

If people truly change their lives and focus on it, you can do a lot. But it does not take much, at all, to become compromised to one degree or another and people vastly underestimate the amount of redundancy. Or even the impact of a sibling or partner or even friend.

Instead, the common case is people will tweak one small aspect and think that does anything other than inconvenience them. Or, worse, they’ll watch a youtube and decide to put EVERYTHING through their vpn which… defeats the purpose because they are still one easily collated set of profiles/cookies that can trivially reveal that “Fred Smith in Afghanistan” is really “Fred Smith in North Carolina”

Which is why my approach is that there is data I very much want to protect and data I know I can’t. So I focus on understanding the former while doing what I can with the latter.

And something like this? There are probably specific niche use cases for this. But it is a product/service that fundamentally requires aggregated data. And, depending on the implementation, it is going to fuck with your battery hard.

I guess. But it is really going to depend on where you live and just how frequently it does dial home.

My personal use for these networks is luggage tags. But a friend lost her phone on a hike a few years back and the find my phone stuff was more or less useless due to poor reception and ever dwindling battery.

The real benefit is the low energy bluetooth magic and OTHER devices to do the phoning home. Because maybe I have shit reception but someone hiking a hundred feet away has good reception and updates the ping.

Took a bit to figure out what it was even claiming to do

When enabled your phone constantly sends e2e encrypted your location to the server where you can than access it from a webbrowser.

God no. Just take a hatchet to my battery and be done with it.

Also: Until a month or two ago, sure. But google finally got their shit together-ish and set up a tracking network the same as apple and samsung. And that is what you are sacrificing your privacy for. Yes, you give Big Tech tracking information… that they already have. In exchange you can actually have peace of mind of knowing your luggage is in the same airport or even where you parked. And you can’t really self-host a crowd-sourced network.

Video length is incredibly important to The Algorithm and a LOT of content creators time their videos to the second. Taking away control of that (even if the end result ins the exact same length) is going to ruffle a lot of feathers and lead to a lot of people who want to “be a champion for the viewers who should like, comment, and subscribe and use my referral code for war thunder” as a result.

You act like republicans think pedophelia is a sin

Again. EVERYTHING republicans accuse others of doing is projection. They lack any degree of empathy or shame so if there is something they do then Others are doing it but bad.

It was inevitable (and is arguably the “logical” extension of sponsor segments).

As for what it will do to timestamps: The same thing it does to timestamps in podcasts. Some podcast players have a special way to tag the timestamp to adjust with the inserted ads but NOBODY hosts with those. So they are rendered useless.

On the youtube side? They could potentially be auto-adjusted because youtube will know how many ads were inserted . But considering the goal of this is to serve ads…

I mean… I don’t really disagree in this specific context.

I assume Fortnite has kernel level/rootkit anti-cheat. And Epic make massive amounts of cash from all the goku skins people buy. Unless they have the resources to test at least the major distros and keep aware of possible hacks/bypasses on that side it is just begging for exploits. And it is big enough that the moment one is identified EVERYBODY is grabbing an ubuntu live CD to get some goku dollars.

I still think it is shit that they don’t directly support Linux with the EGS (especially since they distribute Unreal Engine and marketplace stuff via that). But for their “more revenue than the GDP of a small nation” live game? I get it.

A buddy who works on one of the popular live games made the comparison to pokemon cards. Everyone thinks it is a great idea to show them off at school. Until the kid trips, they get scattered on the floor, and it is a god damned feeding frenzy of every single kid losing their minds to scramble and fight over that dog eared pikachu card.

Cheers and good work on the generally mellow instance.

For starters, the horse armor was purely cosmetic.

So… you would rather “So yeah, if you want to find out what Roman Alexander did after he was abducted by this ship, send me ten bucks”? over purely optional RMTs?

I think it was really the first of the AAA first person fantasy genre,

First, Oblivion was very much NOT “AAA”. I know that term has grown to basically mean “anything from a major publisher or that looks pretty” but, for the era, that was games like Medal of Honor (with god damned Steven Spielberg) which tried to “transcend” gaming.

Second: Everyone who even knows what Myst is are either arguing over the definition of “fantasy” or grabbing socks full of nickles to beat you to death right now. You… got some time.

But you more or less keyed in on the reality of it. In the early 2000s, games media was still primarily console based. In large part because most of the PC mags had already gone out of business or went from “Hey, just in case this article on DOOM 2 wasn’t good enough, here is Kerri Hoskins in her panties” to “When you finish wanking to all the girls in this magazine you might want to try out Warcraft”

Its why people think Halo invented combined arms gameplay or… almost the entirety of Nintendo’s “innovative gameplay” even to this day. Release a game with light survival mechanics and aimless progression in the late 2010s and EVERYBODY forgets the entirety of the Eurojank Genre.

And Oblivion is probably the first console game that had RMTs.

It always amuses me when people pretend that RMTs did not exist until Oblivion. Even contemporary games like Neverwinter Nights had already been selling DLC campaigns/“campaigns”. Let alone the early digital distribution games (Strategy First can fuck themselves for the price they sold stuff at but…)

And that also ignores how many “dos” games would have a kill screen that was basically “Send a check to this PO Box and I’ll give you access to the FTP server with more missions”

There have been a number of articles (pop and scholarly) about malicious code being social engineered into codebases over the past few years. And, in this case, the malice is “expected” from one of the long time developers to begin with.

Also: We got INCREDIBLY lucky that Andres Freund detected it when he did. Because that was hitting right around the time a lot of the major distros were preparing their major releases (Fedora basically escaped by the skin of their teeth).

Malicious manipulation of open source projects has always been a concern. And the vast majority of us do the equivalent of signing whatever form we are given because “oh it just looks like a standard contract”.

You… should probably pay more attention to the news.

It is very possible for bad actors to inject malicious code into an open source project. And it is very probable for people to not notice because the vast majority of developers never read a single line of the open source code they claim to value so much.

“Any bad code will be detected by the armies of people who do rigorous code analysis of every single pull request” was always nonsense.

We have decades of proof of chuds brigading and building up hate speech hellfests in these “just let capitalism decide” laissez-faire models.

Moderation free environments just turn places into kiwi farms.