Tnx!

Sucksung customers, iirc, at least have an option to unlock the bootloader and install a custom ROM that doesn’t phone corporates whatsoever. Iphones, tho, will always phone crapple, so that’s a questionable choice as well.

Except working without play services, that is, and some of us aren’t fans of having those around.

Because cryptography is hard, especially when you’re trying to do it in a user-friendly manner, with syncing encrypted conversations between devices and whatnot. Like, it’s kinda the whole reason why the classic reply to “how do I make my own encryption algorithm” is “don’t”.

Also, with proprietary platforms you can’t make sure stuff’s encrypted the way they say it is

I guess it can be done relatively securely using both the password and the code to derive the encryption key while not storing it on the servers (while 2fa isn’t of any help here given it’s kinda random with shared seed). I, however, doubt it’s done that way: 1st of all, decryption should then only be possible after one enters their account password for the second time, as well as the conversation password (since the password shouldn’t be stored in plaintext after you’ve entered it), and, secondly, that’ll basically drop the chat history as soon as one changes the password, which is neither convenient nor mentioned.

Then, if it works how I assume it does, i.e. the actual encryption key is stored on the xitter’s servers and only retrieved once you enter the encryption password, then they can decrypt your messages (either by immediately using that if the password just tells 'em who they should give the key to, or by bruteforcing the password if it decrypts/derives the actual key), which defeats the whole point of e2ee.

Lmfao, 4 digit password? That’s like 1 femtosecond to bruteforce given whoever tries to access your messages isn’t rate-limited *ahem, feds*

Do people really use DMs there?

Exactly like Facebook

I call bullshit on it being for cops: given valid-ish reasons, they can simply request all the comments left by the user directly from google and ask an llm of their choosing to produce a similar result.

Reddit (as well as lemmy) is a bit simpler in that regard: all you need to find all the posts made by the $username is to visit their profile, while YouTube actually requires scraping.

I mean, transistors and ICs do degrade over time, hovewer, out of all the power supplies I’ve repaired, the vast majority had dead caps, and those kinda tend to dry out with time regardless of whether they’re in use. So, kinda negligible, just like the power consumption in standby.

Good to see there are still viruses in the wild, I was beginning to think those kinda became some ancient forgotten form of art. [I mean proper viruses, not malware in general]

Fair, although AFAIK we’d also need native hls support (outside safari) since it’s quite commonly used as well. Although, that info might be outdated

Most sites use some custom js-based players instead of the native video tag anyways, so I don’t exactly think it’s an issue.

Can’t say I agree, but it’s an interesting perspective for sure. Although, given the problem literally cannot be solved by tightening the DRM and whatnot, why don’t we fight the stigmatization instead? As in, people usually dgaf if they learn their friend is an accountant or paints 40k miniatures in their spare time.

deleted by creator

RSS readers are the way, yes; mail – most of the time: there are pretty nice Foss options I can trust, although it’s not always possible, like with free tier proton mail. As for chat clients, also true for android but not so true on desktops: like, I’m not exactly happy when telegram logs my window manager and so on.

It’s sometimes useful for messengers, tho. I mean, many of those are electron apps anyway, and those that are not are unlikely to have a sandbox as good as what browsers have.

Although, I agree: my default action for notifications is always reject, and then I can manually approve what I think I need.

Not sure if it was a joke 😅 Nextpush uses your nextcloud (~a self-hosted google drive alternative) instance in case you happen to have one, so that would depend on where you’re hosting it. Although, assuming push notifications aren’t exactly resource-intensive (otherwise those would require at least making an account), the difference would be pretty negligible from a performance standpoint

A small addition to already mentioned stuff. There are multiple ways to deliver the notifications without google services. 1st and older one is by simply letting the app hang in the background indefinitely and ping the necessary servers from time to time, that one almost always works, since app developers can’t really rely on gapps being installed; 2nd is UnifiedPush (that’s already mentioned sunup [mozilla], but also ntfy [ntfy], nextpush [nextcloud], gCompat-UP [google firebase], NoProvider2Push [fully local]). AFAIK, it works similarly to the way gapps send notifications and uses less battery, but not all apps support it, so you may need to search for forks. For example, the official and, iirc, Foss telegram clients don’t, but mercury, nagram{,x} and momo do.