This is a good article, especially if you’re the lucky 10,000.

vim/neovim

You’d still need “developer mode” to install f-droid or epic games apk.

People shouldn’t be scared or intimidated out of installing non-google store fronts.

…but yes, Grandma should avoid random apks pulled from the internet.

I understand and agree with your sentiment, but try explaining how ”developer mode" does not make you a developer to my Grandma.

It’s the same b.s. optics that invented “sideloading” as some technically shady practice, when it has always been: just installing the stupid app.

Enjoy it while it lasts. With Google forcing developers to register their Android apps (or they’re not allowed to be installed, unless you’re a developer), it puts pressure on applications like Firefox (or ublock origin) to tow-the-line.

This won’t happen tomorrow or next year, but the writing is on the wall, unless people push back or the government begins to push back on Big Tech.

The removal of device owner rights has always been a slow boil.

edit: fixed typo

That’s the strength of public/private key encryption.

The application (or OS) knows what the hardware vendors public key is. Thus ,it can verify that any message (or application key) claiming to come from that hardware (TPM) is legitimate or not. Thus, the OS is just a proxy or the middle man.

Now what you could do (in theory) is to start modifying the application and replace the hardware vendor public key with your own. …but you’d need to do this with every application and they’ll probably have some sort of anti-tampering or (more likely) you won’t even be allowed to install the application because your OS isn’t “safe/secure”.

disclaimer: I’m a bit hazy on some of these details. There are probably more elegant solutions.

To expand on this a bit:

It’s all built on top of the concept of “a chain of trust”, starting at the hardware level.

(as mentioned) TPM is a chip that’ll store encryption keys at a hardware level and retrieval of these keys can only happen if the hardware is unmodified.

I assume that part of this key is derived from aspects of your OS (ie: all device drivers are signed by MS).

The OS will fetch this key, if it’s valid - the OS knows that the hardware is untampered, it can then verify that the OS is unmodified, which can then be used by application to determine that their not modified, etc.

Now you could spoof your own TPM chip (similar to how Switch 1’s are chipped/nodded), but the deal-breaker is that when you add your key to the TPM chip, you sign it with a hardware vendor specific public key. And that vendor private key is baked into the hardware (often into the CPU, so the private key never crosses the hardware bus).

It’s totally possible to achieve. TPM is the desktop equivalent of the technology that runs on your cellphone to have apps detect if you have an unlocked bootloader or root. It’s the same technology prevents your favorite concole (ie: switch 2, ect) from running pirated games.

This improved security does come at a price: we/the users are the enemy and cannot be trusted. This means modifying your system will be prohibited and we (the consumer) will have to trust that Big Tech has our best interests in mind. /s

They forgot to add “… otherwise, my boss will fire me” /s

As far as I understand that’s exactly what this project has done. They took the leaked node code as “inspiration” and had it converted to python. Now they’re converting that python code in rust.

I’m curious how that’ll play out, but as github is owned by microslop - I’m guessing it’ll be shutdown all the same.

Would you have a recommendation where I could use minimax m2.5 for cheap (I don’t have the hardware to host it myself)?

I was experimenting with Kiro-cli (not to be confused with kiro-ide) and I really enjoyed the work flow: changes being communicated and reiterated as in memory diffs. Plus it really worked nicely from within neovim (so no ide or tui to get in the way). But I really want an OSS solution, maybe opencode is that solution.

I’m sure Anthropic will be including “Please, don’t include our source code” as part of their future release prompts.

While the BitTorrent angle is not new, the authors previously only included a ‘distribution’ claim based on direct copyright infringement. This claim has a higher evidence standard, as it typically requires evidence that the infringer shares a whole work with a third party.

Since BitTorrent transfers break up files into smaller chunks before they are shared, it might be difficult to prove that a whole work is shared.

If the case sides with Meta, I can see future defenses pouring in “Ya, see your honor - I’m innocent cause I only seeded 99.99% of that movie.”

Not really. If I’m running as root or with a custom firmware, I can easily fake that my phones bootloader is locked, when in fact it isn’t.

Attestation creates a “chain of trust”, starting at the hardware level. So, an external website can verify that the hardware -> operating system -> application software are all “intact”.

“intact” is a very subjective term (which is why many technical people are against it), but that definition of “intact” will be defined by Google, Apple, Microsoft, or (possibly) whatever this EU Governing Body is.

However, it will not be defined by you the device owner.

Ahh, okay. I understand. Thank you for the clarification.

Considering he’s made $400B since acquiring Twitter…

Serious question: How?

AFAIK, Twitter wasn’t terribly profitable before they sold to Musk. Then after he purchased it, the enshittification accelerated.

How on earth does this result in $400 Billions in profit?!?

I totally agree.

I am so tired of this “slow boil”, bs.

lol - for the people who up voted this: Did you actually read the 50 pages of this article?

I gotta admit, that I dozed off after the first 5 minutes, skipped through bits of the middle, looked at the end for something meaningful, something to act on - but left disappointed.

Weight - imperial when weighing people, fruit and veg (from a market)

… wait… What about stones (as a unit of weight)? Or is this just a Scotland thing? (People were asking my weight. I had kilos, I had pounds, but they were wanting stones. … Like really?!?)

Perhaps you’d like DeluxHost.

You can pay with crypto (I never tried it).

And they use to offer but only through this website.

• 2 cores
• 8 GB Ram
• 80 GB disk
• 10 gbps network (symmetrical)
• “fair-use” bandwidth (15 TB/month)
• a static IPv4 address
• a /64 static IPv6 block
• located in Europe

For 18 Euros per year.

Now, to set some expectations. For 18 EUR per YEAR:

1. You’re NOT getting 99.999% uptime
2. That said, they are pretty reliable (especially as a hobbist platform)
3. For this price point, you’re not getting blazing fast hardware.
4. The reliability does depend a lot on your neighbors
5. The biggest problem I’ve had is with IO (and high/unusable IO-waits). I’ve had IO operations blocked for 5 minutes.
6. However, their Support is really helpful, if you’re not a jerk nor expecting 99.999% uptime with SLA’s. And you can provide timestamps when issues occur, they will go out of their way to try to improve the situation.
7. I did have issues with their network 6 months ago, but they did some migrations and I haven’t noticed any issues.
8. You will want to look at their Fair-use document, to see what you’re allowed and not allowed to do with your bandwidth.

That said, I’m very satisfied with them… but, at this price point, I won’t be surprised if they “disappear in a year”.

When I look at what other VPS companies are offering for 18 Eur: I feel I’m getting a much better value from DeluxHost.

edit: formatting and words