[-] _Nemo_@lemmy.ml 1 points 5 hours ago

"First lesson: Geography with Mr Longdong. Second lesson: Physical education with Mrs D. D. Hooters. Third lesson:..."

[-] _Nemo_@lemmy.ml 6 points 10 hours ago

If you set up a trough, expect to find pigs.

[-] _Nemo_@lemmy.ml 2 points 1 day ago* (last edited 1 day ago)

Well, they do have that fruit basket, so...

[-] _Nemo_@lemmy.ml 2 points 6 days ago* (last edited 6 days ago)

Thanks for providing some evidence at last. You're not wrong on many of those points, but not entirely right either.

Phone numbers are an issue, true, though you can get around that using a burner SIM or even a virtual phone number. Also, contact discovery has been working without exposing your phone number for over a year now.

a phone from Google or Apple

The phone can be made by anyone. The OS needs to be Android or iOS at some point, which is unfortunate; pure (desktop) Linux usage isn't possible. That said, deGoogled Android has been around for more than a decade, allowing you to use Android in a privacy-friendly way. So if you want, you absolutely can avoid being tied to Google and use Signal.

As you can see, there's a lot more nuance here than "Signal isn't private"; privacy, after all, isn't binary, but rather a gradient. For what it's worth, Signal is more private than many messengers out there by a long shot, and it allows you to use it in more privacy-friendly ways if you so desire. While there are messengers out there that go even further in terms of security, privacy and decentralisation, a lot of them come with usability and convenience drawbacks. The way I see it, Signal sits in a Goldilocks Zone of "private enough" (for most threat models) and "convenient enough" for mainstream adoption. You can have the most secure and air-tight messenger; if there's nobody there to talk to, it's no more than a technically sophisticated brick. For now, Signal may be our best shot for mainstream adoption of reasonably private and secure messaging. If your threat model is higher than that of average Joe, by all means, go for Briar, SimpleX chat or any of the more hardcore options.

[-] _Nemo_@lemmy.ml 10 points 1 week ago

I'll reply to you since you first brought it up, but it's a question to anyone here recommending Molly: what makes you cofident that Molly is secure (i.e. they're not fucking up Signal's cryptography by accident) and maintained by trustworthy people. Signal does get audits from time to time, Molly doesn't.

Mind you, I'm not trying to shit all over Molly; Unified Push looks great. I'm trying to approach this with due caution though.

[-] _Nemo_@lemmy.ml 5 points 1 week ago

Like showing up to the bank heist in a neon pink monster truck.

16
submitted 1 week ago* (last edited 1 week ago) by _Nemo_@lemmy.ml to c/degoogle@lemmy.ml

I'll cut straight to the chase: updating the Signal app annoys me and I'd like to know your best practices.

As far as I know, there are three ways of updating Signal:

  1. From the Play Store. This works quite reliably, yet comes at the cost of trusting and connecting to Google's servers.
  2. Via the app's built-in auto-updater that will, after a while, suggest an update through a notification. However, the frequency of these updates is really lackluster and thus unreliable, and there's no way to trigger an update check manually.
  3. Via the APK on Signal's website. In order for this to work, you need to have done the initial installation of the app from an APK already. Also, as far as I know, this version will not use GCM / Push notifications, but rather deliver notifications through a web socket, which is a huge drain on battery. Also, you'll have to constantly check for updates yourself or rely on the (unreliable) self-updating mechanism (see 2).
  4. //Edit a fourth way might be to just update via Obtainium and pulling APKs off their Github. I'm not sure what that does to GCM/Websocket usage, see 3.

Let me know how you do it, and if there's something I've overlooked.

[-] _Nemo_@lemmy.ml 6 points 2 weeks ago

Nextcloud + Calendar w/ tasks support or Joplin (Server) can both do this.

[-] _Nemo_@lemmy.ml 37 points 2 weeks ago* (last edited 2 weeks ago)

Man, your basement has the weirdest carpet I've ever seen. Also, much too bright for my taste. If you can see the keycaps without backlight, you're doing the lighting wrong.

[-] _Nemo_@lemmy.ml 7 points 2 weeks ago

unless you rip the movie out into a single file first

I don't see the problem with that. It's what I've done with every single disk I own. Why would I bother with badly-written menus, pointless extra content and tons of ads and copyright warnings I need to sit through before I can watch what I paid for?

[-] _Nemo_@lemmy.ml 10 points 2 weeks ago* (last edited 2 weeks ago)

You patched the annoying "crash-on-start" bug! ๐Ÿ˜ I was collecting diagnostics to help nail it down, but you guys were faster. Keep up the great work! ๐Ÿ‘๐Ÿ‘๐Ÿ‘

24
submitted 2 weeks ago by _Nemo_@lemmy.ml to c/selfhosted@lemmy.world

Apologies if this is a rookie question, but I keep wondering what the vulnerabilities section on DockerHub is trying to tell me. Take nextcloud images for instance: The most current images seem to list 3 critical and 22 severe vulnerabilities. Does that mean those vulns are part of the image? If so, why would anyone want to run this?

[-] _Nemo_@lemmy.ml 5 points 2 weeks ago
[-] _Nemo_@lemmy.ml 6 points 2 weeks ago

Is it Shitpost Saturday already?

view more: next โ€บ

_Nemo_

joined 2 weeks ago