This misses the point in my opinion. The point of a protocol is to establish a set of rules that need to be followed, that’s it. After this, it can be managed in many ways, it can be open or it can be closed, etc. The fact that ActivityPub is “engineered from the ground up to support multiple apps with different functionality” it’s because ActivityPub is an open protocol. Every protocol is designed to support whoever implements it. This doesn’t have any inherent “the protocol (changes) will suit everyone” or “everyone will be able to keep up with it” property, though. If changes to a protocol happen very fast, apps that are compatible today - and can be compatible tomorrow too - still need to implemented those changes, or at some point they will not be compliant anymore. This is not because the protocol loses the property of supporting multiple apps, but because a protocol still needs to be implemented, which is responsibility of the consumers, which requires time.

So my point was to challenge OC perspective that since ActivityPub is designed to support multiple apps, then there is no risk that it gets messed up and breaks compatibility with those apps (because it’s generic) due to - in this case -Threads influence. This is just nonsense, in my opinion.

which is engineered from the ground up to support multiple apps with differnent functionality (hence me writing this in Kbin and others reading it in Lemmy and being able to link it and follow it from Mastodon)

I mean that’s basically what every protocol is. ActivityPub abstracts concepts, that apps implement in their own way (for example the concept of group). If you manage to deliver changes, even improvements, to the protocol, apps need to keep up and comply with it. This is what means “drifting towards the corporate actor”. I propose changes to the protocol to a rate that only me (the corporate actor) can keep up with. This way only my users will have certain features and eventually some apps will become incompatible with the recent version(s) of the protocol.

I use https://www.chezmoi.io/ for the same purpose of managing dotfiles. There are a bunch of tools to do this that you can pick your poison :)

Ansible is definitely one way to do this. If your machines are VMs, then also building VM images with packer can be the way.

For tmux, vim, etc. You can still use ansible or some specific tool for dotfiles, like chezmoi (there are a bunch). You can even use ansible to run chezmoi!

I think the answer is fairly simpler, from my point of view: because NATO is not a military alliance among peers. It is the military arm of the American empire. This allows US to essentially manage the foreign policies of most of NATO members, but it also comes with the cost of being the one paying the bills. Empires are expensive.

I will skip commenting the rest because, well, you are entitled to your own opinion and you can loathe who you want. I would perhaps simply suggest to look at your own country with an outside perspective and realize that if everyone used your same logic, the world will be a more hateful place than already is.

Thanks for sharing, I was not aware of it, and it worked like a charm.

If you containerize, the application (malware) will run under the user configured in the image, unless you override it, and in a separate mount namespace, unless you change that, which makes the “alias sudo” trick extremely unlikely.

Even running under a separate user anyway prevents almost fully the attack you mention, unless the separate user has root privileges or the DAC_OVERRIDE capability is assigned to the binary (assigning it requires CAP_SYS_ADMIN).

In short, the attack you mention is a common persistence and privilege escalation vector, which is relatively easy to detect (watch for changes to shell profiles), although preventing it requires some care. I just want to point out that in single-user machines (e.g. personal computers) escalating to root is anyway fairly unnecessary, given that all the juicy stuff (ssh keys, data, etc.) is anyway probably running under/owned by that user.

+1 for kagi. I think they have a smaller subscription too. Also not too long ago they changed the 10$ subscription from 700 searches/month to unlimited, which gives hope that they might improve the pricing over time.

As a side note, it is surprising how many searches one does during the month! I thought I did thousands per month, turns out I am always between 200 and 400!

Privacy and anonimity are different things. As long as nobody besides you and the indented destination(s) has access to the content of your communication, that communication maintains privacy, even if everyone sees that it’s you talking.

Also, and this is something I mention all the time, the only information this gives is that you use signal. Besides that, as soon as anybody else registered your phone in their contact list, your phone number is already known and associated with you considering that many apps (like all the meta ones) gain access to the contact list and the chance that anybody who has your phone number uses one of those is almost 100%.

The points you raise are true, but honestly they are not a deal breaker. There are many hosting companies and domain companies, with different policies. Also, a website can be served by anything, changing domain and hosting is a nuisance, but it is something that can be done almost instantly. Of course this is similar to creating a different account on social media platforms, but the difference is that the website runs on an open protocol, which is not the case for some social media.

Also I assume that when people say that websites enable expressions, it also means that you can customize absolutely every aspect of the website, including the look and feel, which it is still part of your expression.

Same here. Surprisingly stable, I have only had one issue couple of years back!

If you read about this matter, you would know very well that the matter is way more complex than “he did not want to stand trial”. The whole matter is very well described by Stefania Maurizi (a journalist who cooperated with Wikileaks) in her book “Secret power”. Both the Swedish and the UK government have huge responsibilities on how (bad) that case was handled.

Plus, the data they gave was minimal, basically just the recovery email address, if I remember. That person got caught because they used the same address on Twitter (or something) and then they could get more data, if I recall correctly.

The whole landscape of health trackers is depressing. I bought a fitbit last year as I could expend it at work, and I ended up leaving it in a drawer exactly for the uneasy feeling of sharing very sensitive data. Health data is probably the most impactful on personal lives (insurances, banks, etc.), and it’s astonishing to me how it’s too much to ask to a company that makes watches to have watches as their mine business model.

I understand sharing data for further analysis etc., but I should be able to use my health tracker locally, only talking to my phone app and nothing else, similar to how gadgetbridge works. I was eyeing banglejs specifically to be able to do this, even though it’s not really a health tracker.

Many people also fail to make a proper distinction between private and anonymous, which is why some people get mad at the phone number thing.

Definitely docker (well, let’s say containers) control the library version, if you didn’t build the image specifically not to do that (e.g. fetching dependencies at runtime, which is generally a bad practice and not the default).

However, at build time if you use things like “apt install …” You will get different versions depending on when you build the image, but once the image is built, you have always the same software inside. Obviously it is very different from nix as they serve very different purposes (one day I will find the motivation to switch to nixOS!).

This is not completely true. Try to look at email from shops (for campaigns etc.), and you will see tons of click-tracking links that go through HTTP. Any of that gets hijacked, and you have an avenue to be phished. DNS integrity is key, and a VPN being a layer 3 control (i.e., at the network level, not the application level) helps preventing some of these attack vectors.

Honestly, as a European, there is no such thing as democratic socialism here. There a handful of countries with a decent welfare system, others who used to have a decent one but which are demolishing it bit-by-bit since the 80s/90s.

There are way less differences between the US system and European systems than between European system and what a Democratic socialism looks like.

Those money are numbers on computers. I guess this is what OC referred to as making money out of thin air.

I confirm what the other comment said, with microg it works fine. I am using /e/OS and I regularly use yubikeys with Firefox, bitwarden and the yubico app.