Defaults matter. Every time you open a private browsing window, that’s what you’re going to get. Every time you use LibreWolf or Firefox Focus or any other browser that disables/clears cookies by default (which is a good practice), that’s what you’re going to get.

I don’t want anything I search for going into OpenAI. Ever. I’d feel fine about this if they hosted their own models.

Thank you for the correction.

Sender and recipient can’t be encrypted e2e. How would the server know to whom deliver the email if those are encrypted and not visible to it?

“End-to-end” is a bit of a misnomer in this case. Both Proton and Tuta apply encryption after receiving email in the general case, since email is not sent with E2EE across different providers (in general). Both Proton and Tuta can see your incoming email (body and all) from external servers in the general case — they just don’t store it that way. (This is different when sending email between two Proton users or two Tuta users.)

Proton does not use end-to-end encryption for email headers. That includes the subject lines, senders/recipients, and other potentially sensitive information.

Tuta uses E2EE for email contents AND headers.

Consider for a moment what someone with access to your contacts and subject lines would know about you. For me personally, they would know which political campaigns and causes I donate to, and when. They would know when I see various doctors, and who they are. They would know my travel dates and destinations. They would know what newsletters I read (many of which are also political). Etc.

“One mistake” would be if he didn’t double-down on it, and if Proton addressed their customers’ concerns in any meaningful way. Instead, they deleted posts and are now withdrawing from the community entirely, and directing users to three of the worst corporate hell-holes on the internet.

Almost certainly, yes.

People on Mastodon are not happy about those statements, and called Proton out on it relentlessly with every post Proton made. This is Proton running away with their tail between their legs, back to platforms where they have more control and/or are already full of right-wing nutjobs.

If anyone’s looking for secure email, look at tuta.com instead. The email service is very similar in terms of UX and offers better encryption. They don’t offer the rest of Proton’s suite, but…maybe that’s a good thing? I mean, do you want to get locked into an ecosystem?

Lots of recent (meaning past 20 years or so) research shows that our gut bacteria play quite a large role in our mental functions, too.

The concept of “the self” as a single, indivisible, unchanging thing is simply not compatible with observed reality. To be alive is to be in a constant state of flux.

Is there such a thing as an eternal soul? Uh, maybe…but if there is, it’s not going to be responsible for the things we typically associate with individual living people. It’s not going to have your sense of humor, or your memories, or your opinions, or your math skills. We know enough about all of those things to confidently say they are not eternal.

Generally true. You would want to use DNS-over-TLS (DoT) or DNS-over-HTTPS (DoH) to be sure your DNS queries are encrypted in transit.

If someone was uninformed and misinformed enough to think voting for Trump was even remotely in their own self-interest in the first place, then there is almost no disaster Trump can cause that will not be instantly reframed as “just imagine how much worse it would be under Dems!”

Dying of COVID? Well at least you’re not dying from forced vaccination!

Layoffs due to tariffs? LOL what’s a tariff?

Can’t get benefits you need to survive? Well clearly the Welfare Queens left him no choice! It’s their fault!

It’s no coincidence that Trump in particular and Republicans in general relentlessly attack education and free information. They’ve already brainwashed enough of the population to win elections, and they want to make sure the general population has no way out of that hole. This is why they’re attacking Wikipedia and Internet Archive. This is why Project 2025’s first order of business is to eliminate the Department of Education. This is why Musk bought fucking Twitter in the first place, most likely. This is why they’re now trying to repeal Section 230 (with the help of some Judas Dems), so they can bully any web site into taking down any information they don’t like.

The information apocalypse is upon us.

Apple has three realistic options:

1. Submit to the UK’s demands and grant them a backdoor to encrypted backups.
2. Disable encrypted backups in the UK.
3. Leave the UK market entirely.

They went with #2, which is probably the least user-hostile option available.

From 1500GMT on Friday, any Apple user in the UK attempting to turn it on has been met with an error message.

Existing users’ access will be disabled at a later date.

I am very interested in seeing what the UX around this will be. Ideally, they should give users direct notice well in advance, so they have time to plan a migration or mitigation. Of course, Apple makes it basically impossible to perform a full backup through any mechanism except iCloud, so…one more example of how vendor lock-in is inherently a security and privacy risk.

Neat, I didn’t know that. I currently use Joplin this way, synced across my devices with Syncthing. Joplin also supports directly syncing to Google Drive or Dropbox (with optional encryption).

I’m sure there will be workarounds.

I think there are plenty of people who would be pirates if it were more convenient, but I suspect the point of diminishing returns for legislation has already been passed. If you’re savvy and dedicated enough to use a VPN in the first place, then this probably won’t stop you. Non-tech-savvy people are already turned off of torrents for half a dozen different reasons.

DNS, though? That will block a lot of people from accessing things like Z-library, which is currently easy enough to access for anyone who knows how to use Google.

China’s measures have been largely successful, unfortunately. It’s still possible to VPN out, but it’s a risk a lot of people are unwilling to take since it could realistically get them in trouble. I’ve lost contact with some friends in China because we have no shared platforms and the increasing blocking measures over the past 10 years finally passed their tolerance threshold.

I guess I could figure out how to use iMessage, which AFAIK is the only end-to-end encrypted messaging service that still works (or at least the only moderately popular one). Makes me wonder how secure it really is if China hasn’t banned it…

I store a lot of things on external media.

I also use a lot of Flatpaks.

Kill me.

https://www.dictionary.com/browse/whinge

I wonder how much of the location data is actually for sale. Niantic is looking to sell the game, but they are not selling their platform. I’m not sure what that would mean for any buyer; would they then need to pay licensing fees to Niantic for their map/POI/AR APIs and data indefinitely? If so, Niantic will make out like a bandit, getting a fat up-front sale AND a fat ongoing license subscription, with great leverage to increase the subscription price in the future.

At minimum, a sale of the game would include location data from:

• All pokemon caught, which persists on the client side until they are transferred.
• Stops that have been visited, which persist on the client side unless and until the stop is deleted from the game (which is rare).
• Gyms that have been visited and how much they’ve been interacted with in different ways. That persists on the client side indefinitely (only the 1000 gyms you’ve interacted with most recently are visible in the client, but IIRC if you then interact with an older gym you’ll still have the same progress on it).
• Routes followed, with a tally of how many times.
• Any postcards sent that have been saved by either the sender or the recipient.
• Any gifts sent if the recipient got an egg from them and kept the hatched pokemon (it would have the location of the gift along with the sender’s account ID).

That’s just the data that’s visible on the client side, i.e. what is verifiably required to operate the game as-is. That doesn’t mean additional data WON’T be included. It’s anybody’s guess what additional data Niantic retains on the server side, and how much of that would be included in the sale.

I don’t recall specifically bike-powered one, but there’s a hand-crack model that made the news rounds a few years back, called the Divya. Might be a good starting point if you’re looking to build or mod one:

https://www.thewashingmachineproject.org/divyawashingmachine

Some similar models in listicle form here: https://www.outdoorhappens.com/6-off-grid-washing-machines-that-take-the-sweat-out-of-washing-clothes/

Installing apps on Windows is insane though.

Either it’s a custom installer with a dozen pointless steps, or it’s in the Microsoft Store which doesn’t even fucking work without PowerShell workarounds half the time.

Any decent Linux distro is going to be much simpler for simple use cases. Particularly the ones that lean into Flatpak.

About half a day. If it’s really bad, a full day.

But I don’t usually let it get that bad. Hydrating and eating properly before, during, and after a night of drinking will do wonders. Ideally, you should be hydrating all through the evening, not just chugging a liter or two at the end.

I’m not (currently) in a position where others would find it desirable to do so. Potentially in the future?

It’s hard to imagine a scenario where this would happen and your voice would not otherwise be available. For example, if you went into politics, then you’d be a target, but you’d already be speaking in public all the time. It only takes a few seconds of a voice sample to do this nowadays and it’ll only get easier from here.

Maybe just make a point to educate your family and friends on the risk of voice cloning so they don’t fall for phone scams.

I’ve noticed an uptick as well. This isn’t the first time it’s happened over the years, though. Spam is a cat-and-mouse game. Every now and then spammers learn how to break through, and it takes some time for Google to adapt.

I’ve been surprised by the latest wave, because it’s so obviously spam. Mostly phishing attempts full of misspellings and even numbers in place of letters, like F1del1ty instead of Fidelity. Should be pretty easy to filter.

The article keeps referring to “the sport”, but never mentions any particular sport. I don’t think I’ve ever seen “the sport” used to refer to sports in general before. Is this a regional language difference, like how Americans would say “go to the hospital” while Brits would say “go to hospital”?