copygirl

I already left !programming@programming.dev because I was sick of seeing AI related posts. I would appreciate it if this didn’t also become a place where people talk about AI constantly, whether it’s related to FOSS or not. My ask is: Move the AI related posts to an AI-adjacent community or create one. Perhaps I’m not the only one who shares this wish.

Selhosting and a vpn are optional depending on your use case; the app works with niether to help users try it out and get started. Like all secure messaging apps, its better to selfhost given the option.

I’d say self-hosting is done for control over your data, not security. A typical end user will not know how to self-host, how to pick a privacy-respecting VPN, let alone secure their system. If your aim is to get to that same level of security, then I feel like the current direction is flawed, at least from what I took away from the readme.

Or, in other words, “self-hosting is more secure given the option” sounds kind of like “writing your own software is more secure”.

This project is aiming to create the most secure and private chat app. It will heavily depend on how you use it. Here are some reccomended security optimizations/advice to keep your data secure and private:

• Use a self-hosted instance of the app.
• Use a VPN to protect your data from being intercepted.
• Only connect to trusted peers.
• Validate public key hashes.
• You and your peer should use a secure device/os/browser with the latest updates.
• use general security practices like not sharing sensitive information, not clicking on suspicious links, etc.

These recommendations are bizarre.

• Is it really P2P if you need to a host your own instance?
• Use a VPN? So a company can now track you instead of the ISP?
• If it’s aiming to be safe, then why not share sensitive information?

If you want secure and private, then I would first look at Session.

most of the the Arch cult forget to mention that

The “Arch cult’s” holy book, the ArchWiki, states the following pretty clearly:

Warning: AUR packages are user-produced content. These PKGBUILDs are completely unofficial and have not been thoroughly vetted. Any use of the provided files is at your own risk.

Mention of one’s use of the AUR for their needs doesn’t need to come with a disclaimer.
People who don’t read or don’t use their brain are going to keep not doing so, regardless.

From what I read online, Matrix is not very good with its federated moderation tools. Apparently, a quirk of it can cause the state of a federated channel to reset in time, thus also undoing removing of messages. Here is a blog post criticizing Matrix.

A lot of contributors of FOSS projects make small changes that aren’t copyrightable.

The real question is not what the algorithm pushes to you, but whether their moderation actually bans bigots and removes their posts. Any other instance would lose their “right” to federate with a queer-friendly instance if they didn’t do that, so why would Threads get an exception?

Isn’t “queer friendly” and “federates with Threads” an oxymoron?

I don’t think that’s how it works and it would likely not be legal. By explicitly blocking Threads, you make a big statement about not wanting your instance’s posts to show up there. Also from a technical standpoint, I don’t think a “middle-man” instance will push posts from another instance to a third one. You’d have to explicitly scrape data that’s not available via the API. Please correct me if I’m wrong.

I did decide to delete all my comments and posts on Reddit. Sure, maybe I’ve posted some helpful comments, but why support Reddit with their continued existence? Remove content, and people might move to other sites to get their information.

I also decided to keep my account. Turns out some content stayed around, because I could not see and therefore delete it in locked subreddits. So when they came back, the comments came back too, and I was able to delete them, still.

What I’m saying is that Microsoft is, in fact, being hostile by limiting OSS builds such as Codium in the ways I’ve mentioned above. I guess that’s how they try to get people to keep using their proprietary build instead.

except for visual studio code

But also:

• Telemetry everywhere
• Not permitted to use the official marketplace with OSS builds
• Not able to use certain extensions (like C# debugger) with OSS builds

Though I’ve been very happy about the direction .NET and C# have been going, especially the licensing.

1. There is the --download-sections option. Looking at it, you might want to use --download-sections "*0:00-1:00".
2. I briefly checked with --list-thumbnails and it doesn’t look like YouTube offers any square ones, so I would look into using ImageMagick to edit the image with a command. I doubt yt-dlp allows you to do any sort of image manipulation out of the box.

Not to be pedantic but I think the headline is fine.

If you simulated a fire in a building for training purposes and upon activating the fire alarm, it got broadcast to emergency services when it shouldn’t, you did accidentally broadcast the fire alarm, simulated or not.

The “accidentally” already implies it was done in error, suggesting it was not an emergency. On the other hand, if it was a real emergency, and just wasn’t meant to be publicly broadcasted, I feel like the headline would’ve looked different.