Todd Bonzalez

Anyone who wants to fix this can help fix it, but people are just making demands of an unpaid maintainer. The devs can run this project the way they want to. If you don’t like it, don’t use Ventoy.

The people comparing this to the xz exploit are out of line. xz was a library that was deeply embedded in a lot of software. Ventoy is an IT tool used to boot live OSes. Not even remotely the same attack surface.

Blobs in the source tree are not ideal, but people need to pick their battles.

Yeah, it works, but it’s really quite clunky…

The issue is that the digital tap-to-pay cards are actually reissued cards with their own unique numbers. They also require significant security measures to protect from cloning attacks.

So banks need a party that they can safely issue a digital card to, knowing that the card data will be stored safely.

Even a FOSS app that covers all the user’s needs is going to have a lot of trouble actually getting a card loaded into it under current standards.

I hate to say it, but crypto wallets are likely the closest thing we’re ever going to get to a FOSS tap-to-pay system. Banks are inherently corporate and capitalist, so it’s not really in their nature to make things open source.

Perhaps if there were an industry standard for issuing digital cards, instead of banks partnering with centralized wallet apps, we could procure our own digital cards to load onto our phones and watches, or integrate into other devices. But that’s a whole other battle that nobody is fighting right now.

File Manager Plus:

It connects to all my SFTP servers effortlessly, and it’s an absolutely stellar file Manager.

JuiceSSH:

Manages all my SSH servers and identities, and has an extremely usable terminal. It’s got extensions too.

SIMlink 4G

Are these sensors connected to a cell network? What the hell? More than half my life ago, when I was in high school, we had wifi…

lmao, just now reading this incredible response to me calling you paranoid.

Hopefully it will be asked by the very smart people who actually develop TOR, and not just paranoid Internet randos like OP.

I went one step further than OP and actually read the article.

Web-based generative AI tools/chatbots

…

he created fake AI CSAM—but using imagery of real kids.

All the privacy apps in the world won’t save you if you’re uploading pics to a subscription cloud service.

Ask him for his passwords, and when he says no, ask him to explain why. He’ll surely have things he doesn’t want you to access. Then explain that other people he doesn’t even know have that access right now, because he keeps thoughtlessly giving away digital access using apps and linked accounts.

If he gives you his passwords, log into his stuff and print his browser history or something. Stick it to his fridge.

Remember when they passed laws protecting our library and video store rental histories instead of letting data brokers hoover up every song you listen to and every news article you read?

Russia and Venezuela are huge hotbeds of piracy from populations without access or capital to access most forms of entertainment.

Breaking P2P in this manner would basically be getting rid of the circus part of bread and circuses. Not a good move for an authoritarian.

I’m going to get excited about it now, and report bugs for it, because I actually want it to be production ready without pretending the few maintainers this has are gods.

Because Mozilla promised us privacy, and “privacy-friendly” ad tracking is still worse privacy than not baking ad tracking into the browser in the first place.

And they tried to sneak it in under the radar because they knew they were being sketchy.

I recently set up Synapse just to play around with the protocol, and I do not remember this instruction at all. Where did you get this?

I’m pretty sure you can get a hijab for under €3k…

At least I hope so, they don’t seem very expensive.

Are you implying that all Lemmy post titles are demonstrably true?

How’s your object permanence?

If encryption doesn’t matter to them, then at least one of these statements must be true of every phone they unlock:

1. The device wasn’t actually encrypted.
2. The device was already in a decrypted state and we bypassed the screen lock and not drive encryption.
3. We acquired the decryption keys somehow.
4. We have technology that can break modern encryption without learning keys from another source or brute forcing.
5. We have enough processing power to brute force a modern encryption algorithm.

#1 and #2 are possible because government contractors lie all the time about what they actually do. Pretending to decrypt stuff isn’t outside the realm of possibility.

#3 is the biggest concern, especially if they are able to infer what the key is by uncapping silicon or something, because that would mean that any phone that could be unlocked by this company is as good as unencrypted since the device contains the keys in a retrievable format for some reason.

#5 and #6 are pretty much impossible, and such abilities would be far more profitable if used for just about anything but unlocking phones.

Okay so a company whose entire business model relys on their ability to bypass smartphone security is going to start an arms race with the security community that will lead to their own product losing viability?

There’s absolutely no incentive to do this. They have absolutely no reason to want smartphone security to improve, or to show off how they do what they do.

Because they would have to possess technology that doesn’t exist in order to circumvent actual encryption without a key.

If I adequately encrypt my own data, and keep the keys a secret, I could hand my hard drive off to Microsoft and they could spend billions running all their AI clusters trying to crack it, and it would be a futile endeavor.

If the government had the technology to bypass encryption or quickly and inexpensively crack it, they’d use it for a whole lot more than unlocking smartphones. They could basically control the flow of Bitcoin on a whim with such tech.

Watching Republicans ban 4chan would be funny.