“Ah yes, but think about how much faster they shipped that code with Copilot doing all the heavy lifting.”

• Some Microsoft exec, probably

It’s intended to be a successor to the current reCAPTCHA, sold as harder to spoof than current picture-based versions. Now, almost from its start, CAPTCHA existed to train AI vision models. So Google basically painted themselves into a corner using free labor to train models good enough to recognize images, now they are switching to device signals.

That said, they’re going to have to provide a compatibility layer for iOS which AFAIK doesn’t come with Google Play Services right now. So I have some faith in the smart folks who make these de-shittified OSes working something out via microG or the like.

Same with Nolan’s Batman

Hey now, the US has its own low-cost drone reverse engineered from an Iranian one-way attack drone.

Does that mean they’ll stop building Tomahawks? Of course not, now two companies can benefit instead of one. That’s 2x the military-industrial complex baby!

This is fundamentally not how Signal works, but you are generally correct in that a phone number has been shown to provide a lot of context for a person (or a device, at least). But Signal (the app) only uses a phone number for initial verification of an account. You have a lot of options to break that association with you - use a landline and get a call verification code, use a VoIP number (assuming you trust the provider), use a burner SIM, etc.

Once you have an account, you can choose to identify yourself on the network solely via username so the registration number is not presented to other users. The Signal protocol itself is well-audited and generally secure.

If your issue is with Signal the American company, use an open source fork like Molly with your own UnifiedPush instance. Then you’re only trusting them with transport of your encrypted messages, which again have shown to be secure at least in public audits.

In the US, I largely agree with you. Or use a website from a mobile browser. Different story in different countries where a smartphone might be the only compute the average person has, or where state services are tied to a mobile ID or bank app.

Not saying that should be the case, but if the choice is between running niche FOSS apps and removing yourself from societal benefits structures, I know what most people will pick. That’s the real danger of allowing one company to own an entire ecosystem and have enough power that they have conversations directly with governments about their people instead of with their people.

Some VPNs can block trackers in a very narrow sense. If they are set up to prevent DNS leaks and provide an internal DNS service, that can blackhole ads and trackers just like PiHole, Adguard Home, et al.

There’s still a bunch of other ways to fingerprint people online, but I wouldn’t say using a VPN at home offers no benefits.

Well I’ll be got-damned, looks like Search Party is a feature native to the Ring Neighbors platform and separate from the whole Flock partnership. https://www.cnet.com/home/security/what-does-rings-search-party-ai-pet-tracking-do-to-your-privacy-i-got-the-details/

Specifically, this feature appears opt-out, so if someone does have a Ring camera, good idea to take a spin through the settings. Or, the easiest remediation was my original suggestion, chuck it in the bin (or responsibly dispose of it, if you can).

FWIW, Ring announced they were canceling their partnership with Flock a few days ago following the Superbowl ad where they were universally dragged. https://blog.ring.com/about-ring/ring-and-flock-cancel-partnership/

Do I think Ring is still running some sort of analytics on video feeds? Probably. Should you put anything from Amazon directly in the trash? Absolutely.

Silver lining I guess is that public pressure still works at least a little when companies try to go straight dystopian.

Did you muck with Logseq at all? That’s my preferred note taking app and it checks a lot of your boxes, the biggest miss probably being the Electron app part. That said, I’ve never noticed any slow downs.

But this is great to have options and a larger ecosystem. I’ll have to check it out.

100% it’s always a question of your resources vs theirs, but you’re dead on to make it harder.

I’ll just add to also turn it off, pull the SIM, and show in a Faraday bag on your way back too. If the recent reporting about ICE buying location data from ad networks shows anything, it’s that they are interested in a capability of following people to and from protests. Graphene should obviate this by disabling Google Play services by default anyway.

You should leave your regular phone at home, go to another place, power on your other device, speak your part in public, then travel another location and power off. This provides no consistent start or end location to work with for a particular device.

Alright, I already “umm, ackshually’d” someone in this thread but this post in particular hit a nerve with me. The Tor security model is based on 3 hops but does not guarantee 3 different jurisdictions. Their circuit building only takes into account “jurisdiction” in the way we’re using it here if you use guard nodes or specific cases when you cannot access the network directly or look like you’re exiting from a Tor node.

That said, it’s still a very strong project and security model. And everything you said about spreading out your providers without a single point of failure (or pressure) applies.

I know this was in jest but seems on topic with the post - please switch from pattern to PIN (or better still, password). Pattern is orders of magnitude easier to crack than PIN.

Sorry, I wasn’t as clear in my original post.

At the bottom of the settings page you can generate a “bookmarklet” that includes the config options in your URL. So https://duckduckgo.com/ becomes https://duckduckgo.com/?kae=t if I want the Terminal color scheme. And this works without cookies. And this applies for all possible settings.

Interestingly I set my home page to a string that should disable all the AI features and I still got summaries sometimes so not sure if that’s a bug, user error, or hostile UI. In either case, something like you suggest with https://noai.duckduckgo.com/?kae=t&etc=… should give you the best of both worlds.

For you and whomever else needs to hear it, you can solve the second part by going to https://duckduckgo.com/settings and saving the bookmark with all the options included. Then you can clear all the cookies you want and it’ll always load the same settings.

This is a fundamental misunderstanding of how the FIDO2 standard works. It is not designed to be vendor specific and as other people in this thread point out, plenty of open-source secrets managers and hardware implement passkeys.

What we’ve seen is the typical Silicon Valley model of “embrace, extend, extinguish” so you’re right to be wary of any implementation by Google or Microsoft.

Same goes for biometrics - how you unlock the passkey isn’t specified in the standard. It is left up to the implementation. If you don’t want to use biometrics, you don’t have to.

For anyone unaware, there is a community effort to map these cameras. https://deflock.me/

I think you are overestimating the amount people will pay for convenience or cling to their old ways.

Did e-readers kill the bookstore? Some people will always prefer to cook out of a book or dive into docs to write code.

Or look at the modern streaming landscape. In the beginning there was basically Netflix and everyone was fine paying that monthly fee for the convenience of streaming basically everything. Now we have 20+ vendors all charging for some subset of content. And we have seen a corresponding loss in subscribers as people hit the limit of what they are willing to pay for convenience.

I’ll play devil’s advocate here: agreed that the rest of the (US) economy seems to be slowing or shrinking but remains buoyed by AI / Mag 7 stocks. That said, a lot of the investment reflected above is in data centers and hardware (Nvidia, Coreweave, Oracle, Microsoft).

The bubble pop will hinge on whether there is value in this data center buildup beyond AI. Unless everyone starts paying fistfulls of cash for AI chat, these companies may be able to find another use for all that compute and avoid a total crash. That could be a target for all that investment you mention.