Anthony Martinez @ajmartinez@librem.one

To close out last week I was asked to review an attempt to lock down sudoers rules for a specific user. This included, in a command alias, a wildcard argument. Anyone who has ever had the displeasure of reading the sudoers manpage knows this is dangerous, but at least this opened the door for a conversation about the right way to do what was intended.

If anyone is trying to sell you an app that "enables security" all by itself run the other way quickly. That is all.

For a good piece on my last point, give: https://social.librem.one/@kyle/104848690491569211 a read

Finally, and I think most importantly, we need to be the owners of our devices. Completely. Not just the allowed operators as is so prevalent in the iOS and Android ecosystems. Complete ownership means unrestricted access to the hardware and software. The ability to service the device, and keep it in service for years on end. Much of the mountain of data for sale about you comes from your mobile devices. You should be the one who decides exactly what your device can do, and how.

Purging Facebook from my life hasn't left me with any real desire to replace it. Mastodon could serve as a stand-in there as well, I suppose. #TheSocialDilemma

For replacing Twitter and Instagram, one might suggest moving towards Mastodon on any number of the servers federating services. Without a barrage of AI-driven post promotions you're in the driver's seat of your experience. #TheSocialDilemma

Firing Google is probably second on my list, and full disclosure I fired them because of a failure to deliver services for which I paid a lot of money. My personal issues aside, their entire model hinges on collecting and selling data about every aspect of your online presence in any of their applications or services. Just don't use them. Get a different browser, use a different search engine, take back your email. #TheSocialDilemma

The first, and likely easiest, step I can see towards offsetting the harm done by the direct monetization of your time and data is to simply disable app notifications for anything that isn't critical. Couple this with a reassessment of what is actually critical, and already you're in a pretty good position for reducing the influence these complex algorithms have in your daily life. #TheSocialDilemma

I watched #TheSocialDilemma yesterday and it struck harmonic chord with one that had already been struck earlier in the year. Since I've yet to decide on a longer format platform my reflections will be in a series of posts here. TL;DR - move towards federated FOSS services, turn off your notifications, and take steps to use devices you truly own.

Wandered deeper into the Matrix rabbit hole this morning, creating another user for myself with the matrix.org homeserver. Using the Element.io client from two separate browsers I found myself unable to send messages from my matrix.org acct to librem.one. I could send from librem to matrix, and even receive them on the matrix side, but nothing originating at the matrix side was ever received on the librem side. I hope @purism can sort these issues out for the sake of Librem 5.

Continued my quest for a workable means of using Matrix, but it would appear that the only sure bet is to use the same client and the same homeserver. Verification of users is clunky at best. At worst it makes one wish for the gpg experience.

Made it back to TX. My flight was empty AF. No complaints about that!

About time to drop my bags off and fly back to the US so I can return to NL with my fiancée

Matrix seems really cool, and I really want to like it, but it is extremely difficult to use securely and in some surprising cases encountered today actually just flat out impossible to verify (even in "legacy" mode) all users even from within the same client. All bets are off if two communicating users aren't using the same client. Any element.io/librem chat gurus out there have any tips on verification?

New corporate machine lacks RJ45. No dongle included. Guess they forgot networks are literally what I do. Then again.... I only use my corporate machine to change my pw every 90 days.