Have people who actually understand what they are asking do the interviews. Problem with mist interviews is they are non-technical people asking complex technical questions and expecting a very specific answer that only people whose brains work a certain way will come up with. This often eliminates the mist creative developers because they come up with different solutions than the one the nontechnical person was taught is the right answer. Not to mention often the questions they ask are obsolete things that most people aren't going to know off the top of their heads because it's something they would normally look up in real work not something they need to memorize. Tech interviews are horrible at finding good talent. Good riddance.

KDE if you want to just configure stuff. Gnome if you want to code or manually style stuff.

The problem with all software is adoption. Usually it's trying to get people to adopt a protocol or buy a piece of software that causes less than optimal decisions to be made. There have been lots of good replacements for all of the things you mentioned, they just never caught on. And the problem in the beginning when they didn't have those pressures was the hardware and bandwidth limitations.

"There’s nothing to suggest that these people will be approached with any claims directly."

No, but they'll be pressured to testify with the threat of such a lawsuit. And if the RIAA wins, then ISPs will likely start giving the names to them openly so they can start those lawsuits back up again, at least in the US where it's again no longer considered an essential utility service by the government thanks to Republicans. There's a reason they're not targeting the bigger ISPs that have enough money to fight back anymore. This way they can get a judgment to use against them later.

Yeah I think hashes in the same folder are only valuable as a check to make sure you downloaded the file successfully. Which isn't a big issue for at least the around 80% of internet users who have access to broadband. They are only useful for security if the hash is on the website that you click on and then you download and verify it manually.

Yes. X-ray, MRI, and other complex images are difficult to analyze at a glance and it takes a lot of experience to make a guess on whether something is normal or not. This is exactly what AI is good for. Learning the relationship between some complex set of data points and assigning a probability that it is something based on historical data. AI is just not being used for the correct things most of the time. This is one of those correct things.

AI should not be making decisions, only assisting humans in making decisions. So it depends a lot on how it is interpreted. A doctor can see a 50% probability vs a 75% probability and react appropriately. When someone who doesn't know the topic decides that an 80% probability is yes and lower is no, this is when things like police using facial recognition to determine guilt rather than just seeing that there's an 80% probability of a match and immediately arresting and prosecuting them while telling jurors that it's a match rather than only an 80% probability of a match that AI becomes an issue.

Yeah, IMHO Signal is the right balance of usability and privacy. Problem with not having a user ID is that you can't easily use the application on multiple devices at the same time and if you lose the device, or don't properly migrate to a new device, you will have to start over building your connections to others.

But the real issue with no user ID or centralized platform is discoverability. Same reason things like gpg for email never caught on. You can't just type in a person's phone number, username, or whatever and start talking to them. It only works if you have another line of communication with each person to set up the connection. This is usually the deal-beaker.

But the problem with user IDs is that anyone can create as many as they want and use them to avoid spam and abuse filtering. So that's why phone number is used by Signal as a unique identifier. It's not 100% unique, but it's good enough to deal with all but the most determined abusers.

Can't speak to this incident, but i do agree that in general, free VPNs are not safe because usually they are funded by selling your personal information and web traffic data or performing MITM attacks to inject ads and thus compromising security, even if that's not the intention.

That being said, Rise Up is a donation funded organization and is specifically run by a nonprofit promoting activism, so really it all comes down to your trust that org. The cost of bandwidth required to run a VPN is high, their site mentions it costs them about $60/person/year. So that money has to come from somewhere. If you're paying, and it's a reasonably trustworthy company, then it's unlikely they will be willing to risk selling your data. But if you're not paying, then the incentive to not sell your data just isn't there, thus it requires more trust, IMHO.

Also, if they are a legit org and I take their product without paying, I'm taking that money from activists in places that truly need VPNs to stay safe from arrest or murder, so I generally don't feel it's moral to use it just to save money, but that's me.

Not OP, but for me the issue is if you want to override the default and make it opt-out, especially sine the opt-out process isn't that well documented, then you should realize that support is a necessary part of that process and fix problems as they arise rather than resorting to name calling and hostile behavior when something you published is broken. It's a responsibility of taking on that kind of project. Either that or make it explicitly opt-in and give users a warning like with beta version opt-in notifications that the packages are not official and issues may not be fixed as quickly as the official releases.

Because with stores, the evidence would be missing products. Very easy to see. With bugs like this, a million people could have abused it, or one. Either way that data is likely available to all who want it.

A better comparison is, store posted list of their customer's addresses on the back door. No clue how many people walked by there much less if anyone copied it down.

Problem is that knowing the link between a person's profile and their email now means you know the link between their account and their accounts in many other places. That information could be used to offer the person different prices at stores, attack them for being a minority or activist, to hack their account because their password was leaked from another site that uses that email,or all the other things these cumulative leaks add up to.

Unfortunately, the far-right has been pushing this idea of traditional gender roles a lot lately, so people who follow the media in that space are constantly flooded with conspiracy theories and made up horror stories. It's just one of the current favored ways to keep them distracted and their anger aimed away from the real problem makers.