There’s as well !monero!monero@lemmy.ml which I guess halted in favor of !monero!monero@monero.town?
If this is the case, I’m wondering why not locking the community, writing a message in the community information to go to the actual active one (!monero!monero@monero.town)…
I’m missing emoji reactions (not replies), jeje
Sorry about that. I was not aware of other meanings. I’ll try to remember to use the complete “software” word instead of its acronym I was used to since the 90s… Hopefully under the context what I wrote doesn’t get misinterpreted. Thanks !
If talking about non proprietary kernels’ drivers, such as linux, then again, profit is what regulates it. No wonder why now nvidia finally cares about linux, being the most used kernels behind the cloud, behind servers of whatever. Meaning, it’s not profitable not to support linux now a days for Nvidia.
The other fundamental factor is lock-in, which is abused by some big corps, such as MS.
But the profit idea es even wrong, but it’s what we have been educated with. For an OEM, providing FOSS drivers or FOSS FW doesn’t mean to have less profit, but somehow it’s interpreted as such. And there’s also our culture, backed by corps again, that tends to make us believe that everything profitable enough has to be corporate secret, and if not, others would take advantage of you business. That way of thinking really prevents for more FOSS adoption at the OEMs level. I don’t agree with it. It might be the presence or lack of some HW features might be inferred by the drivers/FW, but it doesn’t mean your competitors will know how exactly you provide such feature, and even less how to make it with the performance you do. And usually once released, you really want to show off your features, your innovation and so on, not keep it secret. So in general, really see no issue for OEMs not to offer drivers and FW as FOSS, even as free/libre SW.
I can imagine OEMs offering FOSS drivers and FW, but that not being as convenient for the major players in the market, since that would risk their position in the market. Just a thought…
Remember the lock-in mechanisms by the corps that feel being threatened if open sourcing dirvers… Some of which no longer say it out loud, but still think GPLed licences are a cancer…
I’m not aware of any, do you mind sharing anyone, better if not requiring account?
BTW I can easily find blogs about p2p solutions for whatever, but not about p2p blogging solutions…
The issue with social networks is the account requirement. Even though decentralized, they still require servers with accounts. If you, to prevent not being able to access at some point included an email, and the server gets hacked, then there you go.
Perhaps is a mistake of mine, to think social networks are not anonymous enough. Maybe they are. But tracking mechanisms are so sophisticated now a days, than the need for an account make me think they won’t ever be. That’s why I excluded social networks. Perhaps it’s the only option as of Today though.
I have never bought the idea that free/libre SW in general is just not as easy, including GNU+Linux. I’ll leave out open source initially, and come back to it later, not because it doesn’t experience the same, but because corporate wide it doesn’t suffer the same fate. And linux itself is one of the most widely used kernel if not the most, it happens similarly to openssl, and so many other open source components. So I see no issue with linux adoption, I can’t think of any kernel more adopted than linux…
To me what has really affected free/libre SW is the monopolistic abuse of the corporations, plus their ambitions, and how in Today’s world, they have created the illusion that being a technologist is the same as being a technology consumer, which gets into the hearts of governments and education systems (more hurting, public education systems). Let me try some practical examples:
Paid SW might be more intuitive to use at times, I can understand that. There are paid developers making the UIs more intuitive and attractive, in the end it needs to be bought or massively consumed to get earning through its use. But if you look deeper, perhaps it’s not just that free/libre or open alternatives are non intuitive at all, perhaps people gets used to that UI when attending basic or high school, or college/university. Perhaps even when exposed to mobile devices even when they can barely walk. Everything else, different in nature, will look alien to the future “technologists”…
On a sad (lacking hope) note, I don’t think there’s any indicator of things changing. My only hope is changes in educational systems, which are nowhere happening, and not the parents, as mentioned they are already convinced that using google, ms, apple, oracle or whatever prepare their kids for the future and will make them the technologists of the future.
On a funny note, I would answer the motivating question with: Linux is so good that it’s actually most probably the most used kernel world wide, :)
umap on french servers, and umap is between other things an API on top of open streetmap…
Is that correct?
I see your point, many thanks !
I see, thanks !
Well, there is something mentioned about latest version of omemo:
OMEMO doesn’t attempt to provide even the vaguest rationale for its design choices, and appears to approach cryptography protocol specification with a care-free attitude.
To put it mildly, this is the wrong way to approach cryptography
…
Because there is no rationale given for this sudden square-root reduction in security against existential forgery attacks, we kind of have to fill in the gaps and assume it was because of some kind of performance or bandwidth considerations.
But even that doesn’t really justify it, does it?
You’re only saving 16 bytes of bandwidth by truncating the MAC. Meanwhile, the actual ciphertext blobs are being encoded with base64, which adds 33% of overhead.
For any message larger than 48 bytes, this base64 encoding will dominate the bandwidth consumption more than using the full HMAC tag would.
…
Is truncating the HMAC tag to to 128 bits still secure? According to Signal, yes, it is. And I offer no disagreement to Signal’s assessment here.
The problem is, as I’ve said repeatedly, OMEMO’s specification makes no attempt to justify their design decisions.
Then on one of the comments, there’s an interesting comment on something signal has mentioned it’s working on quantum resistance, that it’s no clear is something omemo will support, and even less when clients might adopt if eventually available:
Indeed quite often someone compares the two protocols and implies OMEMO is as mature as the current state of the art Signal protocol. Allow me to throw in the emerging post-quantum support that Signal is adding or already has in libsignal.
Somehow is implied on the comment that omemo is immature compared to libsignal…
At any rate, dino uses libsignal-protocol-c (on Artix/Arch 2.3.3), not libomemo, and conversations uses libaxolotle-java (according to the “about” section in the settings). So somehow using signal library underneath. Although I have no idea how up to date with regards to the signal library those might be (though the axolotl dependency on conversations allows to think it’s outdated). And for conversations the author mentions:
To be clear: These aren’t separate dependencies that Conversations pulls in to implement plugin supports. They’re first-party cryptographic implementations all within this Android app’s codebase.
I guess by 1st party the author means like copy/paste the code (with local twists, which might be dangerous but perhaps necessary) to have a local version of the libraries. This sounds like a non version related criticism, but it’s client related rather than protocol related, however the author mentions other clients are way worse, leaving no hope…
I don’t see on dino an option to always use omemo BTW, not sure if dino just it implies omemo by default, but it doesn’t have a way to force it. Perhaps a feature to ask dino developers…
At any rate, according the post there’s little hope for xmpp + omemo. Which was actually something I was still hoping for, well, besides getting jami working at some point (but it has crypto issues on its own, including lack of auditing).
betterbird tray solution doesn’t work on wayland, given a bug on common code (affects both, Firefox, Thunderbird and derivatives). Just in case that’s one of the motivations of using betterbird. That by the way was the only feature that really made me look at betterbird, and as it didn’t work, I went back to TB. And if you’re wondering, birdtray doesn’t work on wayland, 😑.
Thunderbird is working on enabling exchange, and meanwhile you can combine it with TBSync plus its provider for exchange AcriveSync extensions. And given TB hadn’t care so far about tray, to at least avoid TB dying by mistake, you can also add Minimize on Close extension. Mail would still be IMap, so it’ll work as long as the outlook provider enables IMap support, but for the company I work it’s enabled. But such support is coming up on TB. Not sure if its solution would be 100% open source, but I hope it is, otherwise, I’m not sure if everyone will want to have a blob proprietary binary inside TB…
Fortunately there’s still Artix GNU+Linux :)
There are several patches under its patches source directory, and there are different sort of packages, one example is the sed
patch to avoid including pocket
in the build. The DRM widevine is not included either on the build, though it can be installed if you want it installed (probably there’s a patch for that somewhere).
But I no longer see removing binary blobs being advertised by Librewolf, it’s been a while since I don’t check on their site…
Not true, FF comes with few binary blobs which are removed from Librewolf. Also there are some things disabled entirely at build time, so they are removed from being an option. So it’s not just the settings, and it’s not plain re-branding. Some distros has gotten it wrong, believing that it’s just a matter of settings, but at least on the case of Librewolf and the Tor browser that’s not the case.
That hey depend on FF continuous development to exist is true, that doesn’t mean they just rebrand.
Yes SMGL is still active. You can try joining one of their channels. There are still people looking for source based distros, not sure while Gentoo is the only thing that pops up for them. I used it for some time, and it’s fantastic. Sadly having to build stuff takes too much time, particularly on old, and not performance oriented HW. They had support for binaries, and actually include a binaries grimoire, so you could install binaries that used to take too much time, like Firefox for example. Still it takes too much to keep a source based distro. And if you go all the way, then when changing parts of the building toolchain, like gcc, the recommendation was to build everything so that everything would be built with the more up to date toolchain, that was cool, since SMGL has tools for it, but those fancy stuff take as well a lot of time. There I learned 1st about ccache, hahaha.
Sooo fun, :)
Regarding android version, I think @boredsquirrel@slrpnk.net already gave a good hint. Currently f-droid version 1.21.0 supports android 6.0+.
According to f-droid basic URL:
I don’t see the target version varying between them, I found both to be 1.21.0 on Android (I have enabled
unstable updates
), and both indicate they support android 6.0+. So if you have LOS or plain android on a version 6.0 or beyond, f-droid should be able to install and work on them.I use F-Droid since it comes pre-installed and with
privileged extension
set by default on LOS for MicroG, so I don’t find it particularly appealing to install F-Droid basic instead, but if that were not the case, I’d go with F-Droid basic, given I don’t set F-Droid to serve nearby devices on any phone, and I haven’t ever thought of using the panic feature. I’m using LOS4uG 21, meaning android 14. with no issues, so perhaps 1.21.0 already target android 14, and not just android 13.So I believe both, the basic and the not basic versions of F-Droid target the same version, and support the same versions, the difference is in basic with a couple of less features. But you can always take a look at the version, and there you can tap on the specific version to see what versions of android are supported.
Greetings !