This argument implies there's an easy way for you to perform the reproducible builds on iOS, but it's quite involved and requires a jailbroken iPhone. Overall this is more a limitation of apple and not signal.
Even if you were able to perform a reproducible build of Signal on a jailbroken iPhone, there's no way to confirm that the stock iOS Signal app will match, or has a backdoor that got added in a supply chain attack that only is delivered to non jailbroken phones. You could use a jailbroken iOS device, but then it could be lagging behind updates and be even more vulnerable from zero days.
The real pressure here should be on Apple to provide a way to verify a build of an open source app matches what is being installed via the app store, but for some reason this is being framed as a Signal issue, which is disingenuous.
I thought $0.50 was low for this math to work out, but turns out 30 million copies of Stardew Valley have been sold, so that's $15 million, which over 60 years is $250k/year.
Still though I have no clue if $0.50 is normal take home per copy sold for a self published game (it seems low), but I'm very happy he's doing well for himself and hopes he makes more per copy sold. I've bought the game 4 times, so I'm doing my part!
I feel like there are many devs out there who expose a lot of personal details and opinions all over the web. Maybe it's just me, but when starting out with the internet I tried my best to separate my personal details (name, age, sex, country, ethnicity, family ties, relationship status,...) from usernames in public....
Exactly, with Nintendo's existing IP and old gamers dying, they need a way to get younger generation exposed to what kids in the 80s and 90s grew up with and make sure that it's plastered on all the streaming websites to get maximum exposure.
Not having reproducible builds is definitely weird though. Does anybody have more information on that?
They boast this as a feature, but on the instructions for how to do this for iOS, even Telegram admits "As things stand now, you'll need a jailbroken device, at least 1,5 hours and approximately 90GB of free space to properly set up a virtual machine for the verification process". Browsing the steps, it's extremely complex, and doesn't seem like something that is very user friendly and that you'd do weekly or monthly when a new version is released.
On the GitHub issue linked to in the body, it's disingenuous to claim they refused to implement this, and that the technical hurdles Apple has in place make this extremely difficult which halted progress. In the community forums where the conversation was moved to, someone pointed out that even if you were to reproduce it on a jailbroken iPhone, that there's no way to confirm that non-jailbroken iPhones aren't receiving a version with a backdoor.
And even if you are using a jailbroken device exclusively and can confirm the reproducibility of the iOS app, then the risk becomes the latest available jailbroken iOS could be outdated from the real versions, and you'd have other issues with not receiving timely security updates. This same issue applies to Telegram also.
I've been on flights where they have announced to the cabin about someone with a severe nut allergy, and based on anecdotal evidence of a sample size of 3 or 4, nothing bad happened on the flight.
Seriously, now that this is more widely known, it'll for sure be taken advantage of a lot, to the point AWS will begrudgingly protect their customers once the damage is done.
Say what you will about Apple, they are masters of spinning their shortcomings as groundbreaking achievements. When they refused to unlock the iPhone of the san bernardino terrorist attack, it was framed as an act of preserving user privacy, but brushed over how willing they were to hand over the iCloud backups if the police would have brought the iPhone to a known WiFi network for the backup to be uploaded.
I've been pretty happy with how Automattic has handled PocketCasts and the premium features feel like what you'd expect, while the main product is perfectly usable for 90% of people and use cases. I hope with their acquisition of Beeper, they continue this mindset and add premium features (extra themes, premium stickers, etc) without compromising the main app.
ByteDance has 270 days (+90 days at president discretion) to divest of TikTok and sell to an entity not affiliated with an "adversary country" (China, Iran, Russia, N. Korea).
If they don't sell, hosting providers of TikTok application (servers, storage, app store, etc) will be fined up to $500 times the number of users in the US if they continue to host the application
So basically, the law will impose a fine of US hosting providers of the app. If the app moves all services overseas to foreign entities, then the app presumably will continue to work even if banned if already installed (plus the website if hosted overseas).
ISPs and search engines are explicitly exempt from the bill so there is no mechanism to ban connections to TilTok servers or links to TikTok.
I am trying to figure out how I can retain personal SSH keys (probably the most important part, or at least important to have an alternative connection method) while also having modern tools like SSO or at least SAML, some way to federate to different ADs....
It's my understanding that FreeIPA can federate with Active Directory, but personally I haven't tried that myself. As for Authentik, it looks interesting but it's the first I've heard of it. I also rely on FreeIPA's certmonger implementation, so I wonder if Authentik could replace that?
Just to understand your use case, you have users in Active Directory where you want to manage SSH keys and be able to login via SSH to linux machines?
ByteDance has 270 days (+90 days at president discretion) to divest of TikTok and sell to an entity not affiliated with an "adversary country" (China, Iran, Russia, N. Korea).
If they don't sell, hosting providers of TikTok application (servers, storage, app store, etc) will be fined up to $500 times the number of users in the US if they continue to host the application
ISPs are explicitly excluded from the bill, and not considered data brokers, which is what the restrictions apply to.
So basically, the law will not require ISPs to block access to TikTok domains and IP addresses. Google search results are also explicitly excluded from the term data broker, and exempt from the restrictions. The only requirement is for app stores to stop hosting the application, so existing installations of the app (after January 2025 assuming ByteDance doesn't sell) will presumably persist and can be used, even if TikTok is banned.
Does is specify ISP blocking directly in the bill?? It was my understanding that it would just prevent US based app stores (Apple, Google) from distributing the app in their stores.
I'm not even sure how ISP blocking would work, unless it was to just blackhole DNS queries to tiktok.com. Having attempted to block DNS lookups for TikTok on my own home router via PiHole, I can say that the app either hard codes IP addresses, or resolves DNS over HTTPS independently of the system DNS settings, so I doubt a DNS based ISP block would be feasible.
(5) INTERNET HOSTING SERVICE.—The term “internet hosting service” means a service through which storage and computing resources are provided to an individual or organization for the accommodation and maintenance of 1 or more websites or online services, and which may include file hosting, domain name server hosting, cloud hosting, and virtual private server hosting.
So this would prevent a US organization like AWS, Oracle, etc from hosting the TikTok user data as long as TikTok is owned or a subsidiary of ByteDance or another "foreign adversary".
Elsewhere in the text, they exclude "service providers" from restrictions, so it seems like ISPs are not going to block requests to TikTok.
If ByteDance doesn’t divest of TikTok 9 months, then it will be blocked from being distributed from App Stores. Nothing will be blocked before the election, so it’s not really something which will affect the typical voter who isn’t following the news, causing them to change their vote.
Not who you were replying to, and not an interview, but here’s an NPR article that explains that the content-recommendation algorithms would be difficult to sell
Chinese officials have placed content-recommendation algorithms on what is known as an export-control list, meaning the government has additional say over how the technology is ever sold.
Seriously, going through these comments, it’s clear most people didn’t read the article or didn’t learn how calendars work in school (or are part of the Russian Internet Research Agency and trying to sow doubt in Biden).
Based on the timeline, it’s clear the intention wasn’t to protect against the 2024 election, since the potential ban would go in place after the election happens.
A North Texas man has filed a class action lawsuit against Cinemark, claiming the movie theater chain is lying to customers about the size of its drinks....
Wouldn’t this mean that beer would need to be 8% more dense than water for this to work out? Quickly searching online, it seems like beer is more like 1% more dense than water, depending on the type of beer, so not sure this is possible.
My gf and I have had discussions about teaching morals to kids. In that vein, I asked myself, would I teach piracy to my kids? Yes, it’s technically illegal and carries inherent risks. But so does teenage sex carry the risks of teenage pregnancy, and so we have an obligation to children to teach them how to practice safe sex....
Windows is banned in my household, so l’m not worried about malware.
This is a false sense of security and just because you’re not running Windows doesn’t mean you’re immune to everything and can let your defenses down. For example, KDE recently had to announce that downloading themes will execute arbitrary code and cited someone who had personal information deleted because of downloading a theme.
I do the same thing, and one morning, I woke before my alarm and left my phone in the bedroom to take a shower. Learned that day that my wife doesn’t know PEMDAS.
I realise this is a known issue and that lemmy.world isn’t the only instance that does this. Also, I’m aware that there are other things affecting federation. But I’m seeing some things not federate, and can’t help thinking that things would be going smoother if all the output from the biggest lemmy instance wasn’t 50%...
Are you able to include the HTTP Method being called and the amount of data transferred per request? It’s possible that the first request is an OPTION request and then the second request is a POST.
If you can see the amount of data transferred, then you can have some more indication that double the requests are being sent and quantity the bandwidth impact at least.
State legislators from the area passed a law allowing Schlitterbahn to self-inspect its attractions without state oversight as it did in Texas, unlike all other amusement parks in Kansas, which were subject to state inspection.
Verrückt permanently closed in 2016 following a fatal incident involving the decapitation of Caleb Schwab, the 10-year-old son of Kansas state legislator Scott Schwab.
If your services are not stateless, work to make them such so you can learn about scaling in the cloud, which can even be done w/ VM-based services. how much more agility using cloud vs a DC gives you
This can’t be understated. Embracing elastic idology to remove single points of failure and decoupling stateful aspects of applications has been the biggest takeaway of being part of several migrations of services to AWS. Implementing these into your practices as you grow is a huge benefit that may is worth the cost.
Over time, if the scale you’re operating at grows, using experience/knowledge from AWS and applying it to running services in a datacenter could be beneficial. In my experience, if you have a large, consistent, asynchronous workload which you’ve maxed out on reserved instances or savings plans, it is likely cheaper to operate on your own hardware than in the cloud (or get credits from GCP or Azure to migrate services to reduce costs). This is where avoiding vendor lock-in is key.
have y’all factored in all the time/money spent on maintaining the server hardware, power, DC cooling, etc. too?
For sure, this isn’t 2007 where you need to purchase servers and network equipment to start a website. For most startups and small businesses, operating in the cloud will be less expensive upfront and likely over the first 3 years. This isn’t a one size fits all approach though, and it’d be prudent to evaluate the cloud spend periodically and compare with what’d it’d cost to manage it entirely. Obviously you’d need a team competent enough to manage this, without it going to shit.
Still this requires different directories for the hardlinks to be in the filesystem, and there’s not an easy way given a file to list all “labels” that file has, without checking other directories for files with the same inode.
Found this wondering town ( lemmy.world )
I didn't know my city was cool enough to put signal flyers.
Eric “ConcernedApe” Barone Can’t Let Go Of Stardew Valley ( aftermath.site )
‘Happy Gilmore’ is getting a sequel, Netflix announces ( www.cnn.com )
Fabio and the Goose - Bobby Fingers ( www.youtube.com )
Hilarious story of the making of a diorama showing the moment before a goose famously struck Fabio on a roller coaster
Ben Carson calls for making divorce harder ( www.nbcnews.com )
Public personal dev accounts: opinions?
I feel like there are many devs out there who expose a lot of personal details and opinions all over the web. Maybe it's just me, but when starting out with the internet I tried my best to separate my personal details (name, age, sex, country, ethnicity, family ties, relationship status,...) from usernames in public....
Comcast Unveils Peacock, Netflix, Apple TV+ Streaming Bundle ( www.hollywoodreporter.com )
Cable is dead. Long live the cable bundle. Curious to see the pricing and if the bundle only includes ad tiered options.
Happy Mother's Day! ( www.youtube.com )
I don't understand Temu. ( lemmy.world )
Nearly all Nintendo 64 games can now be recompiled into native PC ports to add proper ray tracing, ultrawide, high FPS, and more ( www.tomshardware.com )
Every time I live the dream of reluctantly going to work ( i.imgur.com )
Rule ( lemmy.dbzer0.com )
Pepper Conspiracy Rules your Peppers ( sh.itjust.works )
What is a privacy-friendly app or service that more people should know about?
Telegram founder and CEO alledges signal has backdoors, they don't provide reproduceible builds, etc.
Here's what he said in a post on his telegram channel:...
Caffeine Addiction Is Real [OC Edit] ( files.catbox.moe )
PeerTube link: https://peertube.otakufarms.com/w/19vRgbKjg3YPhEbhWnE8r8...
If you or somebody you know ever fell for a romance scam, how did you or the person fall for it?
And when did you / the person you know realize he was scammed?...
Bitwarden has launched a new authenticator app ( bitwarden.com )
Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers....
[Thread, post or comment was deleted by the author]
How an empty S3 bucket can make your AWS bill explode ( medium.com )
The walls of Apple’s garden are tumbling down ( www.theverge.com )
If it works, kill it. ( lemmy.world )
Rule of Google: if it works, kill it....
ByteDance won't sell TikTok, would rather pull it from the US ( www.androidauthority.com )
Modern alternatives to FreeIPA
I am trying to figure out how I can retain personal SSH keys (probably the most important part, or at least important to have an alternative connection method) while also having modern tools like SSO or at least SAML, some way to federate to different ADs....
ByteDance prefers TikTok shutdown in U.S. if legal options fail, Reuters sources say ( www.ctvnews.ca )
ByteDance prefers TikTok shutdown in US if legal options fail, sources say ( www.reuters.com )
Senate passes TikTok ban bill, sending it to Biden, who has already committed to signing it ( www.theverge.com )
North Texas man sues Cinemark claiming 24-ounce beer cups can't hold 24 ounces ( www.fox4news.com )
A North Texas man has filed a class action lawsuit against Cinemark, claiming the movie theater chain is lying to customers about the size of its drinks....
Would you teach your kids how to pirate?
My gf and I have had discussions about teaching morals to kids. In that vein, I asked myself, would I teach piracy to my kids? Yes, it’s technically illegal and carries inherent risks. But so does teenage sex carry the risks of teenage pregnancy, and so we have an obligation to children to teach them how to practice safe sex....
*I now know why you cry* ( lemmy.world )
What's the best morning habit/routine you were able to adopt?
Code interviews for a PHP developer roles
Hamas tells negotiators it doesn’t have 40 Israeli hostages needed for first round of ceasefire ( www.cnn.com )
Quick video demonstrating that lemmy.world sends every activity out twice ( i.imgur.com )
I realise this is a known issue and that lemmy.world isn’t the only instance that does this. Also, I’m aware that there are other things affecting federation. But I’m seeing some things not federate, and can’t help thinking that things would be going smoother if all the output from the biggest lemmy instance wasn’t 50%...
action park rule ( lemmy.blahaj.zone )
Go cloud native they said... ( lemmy.world )
Original Template-Video
Rebase Supremacy ( programming.dev )
Unsmart a smart TV ( lemmy.sdf.org )
How standardized a lcd panels? Could I replace the controller in a smart TV with one of these HDMI to LCD controllers?...
20 years of Gmail ( www.theverge.com )
Choose wisely ( lemmy.world )
Project Ghostbusters: Facebook Accused of Using Your Phone to Wiretap Snapchat ( gizmodo.com )
Archive.org link...