Hans-Christoph Steiner @eighthave@librem.one
Joined Aug 2019
Hans-Christoph Steiner
boosted
Tech giants are now spending hundreds of millions to systematically shape policy across the world, including donations and funding to policymakers, civil society orgs, media orgs and academia.
A decade ago, this may not have been clear to everyone. Now it really should be.
We welcome help for bumping the #targetSdkVersionfor #FDroid and have mapped out what needs to be done:
* https://gitlab.com/fdroid/fdroidclient/-/issues/2037
* https://gitlab.com/fdroid/fdroidclient/-/issues/1440
Given our limited resources, I have chosen to focus my time on concrete improvements for #FreeSoftware. The only thing I'm opposed to in all this is removing functionality in order to bump targetSdkVersion. Google's recent changes there have removed functionality that many rely on.
When #FDroid is built into a #FreeSoftware ROM, like #CalyxOS, #lineageos for #microg, etc there is no popup warning with fdroidclient. That comes from "Play Protect", which is #Google proprietary software that flags things based on automated rules, it does not point to real world security concerns for apps like #FDroid. I have nothing against the #targetSdkVersion sandbox, I just think it is important to note what it is good for, and what it cannot do well 2/2
As lead maintainer of the official #FDroid client, I hear a lot of criticism that #targetSdkVersion is still at 25. fdroidclient is #FreeSoftware, publicly audited, with #ReproducibleBuilds, written in memory safe languages, with a proven record of respecting #privacy and delivering #security. The source and binaries also receive human and machine review. #targetSdkVersion is designed around untrusted proprietary software with non-memory safe code where the binary only gets machine review. 1/2
@guardianproject @lauren And of course #ReproducibleBuilds is a key part of this whole picture, allowing anyone to confirm that the exact binary that is running on their device matches the source code as published and audited.
Hans-Christoph Steiner
boosted
@lauren #FreeSoftware and audits are the only way to provide trustworthy #E2EE. Apps like #DeltaChat, #Matrix with #Olm/#Megolm, #XMPP with #OMEMO, #Signal, #Threema provide trustworthy E2EE because they are built on open standards, free software, and have been publicly audited. That is the standard all services should be held to in order to be labeled trustworthy. Anything else just means you have to trust the service operator. 2/2
Hans-Christoph Steiner
boosted
@lauren It is important to describe the limitations here. E2EE here would be useful when emailing with third parties. Since #Gmail is proprietary software, users just have to trust #Google to do the right thing. Technically, it is easy to build E2EE where the service can get the private keys and decrypt as they like. Given participation in #PRISM etc, proprietary Gmail cannot provide trustworthy E2EE, especially considering most emails stay within Gmail 1/2
Hans-Christoph Steiner
boosted
We may never be able to match the incredible achievements of #JohnMastodon, but the European Union still plays its part!
We are proud funders of Mastodon through the Next Generation Internet initiative (@EC_NGI).
Open,
Interoperable,
Decentralised,
Trust based.
Hans-Christoph Steiner
boosted
People rocking up on this platform and expecting it to be as rich and diverse and mature as their carefully nurtured Twitter feed, fine-tuned over a decade to reflect their interests and values, maybe give it a few weeks of actually investing in finding the accounts that interest you before writing the whole thing off as a howling wasteland.
Hans-Christoph Steiner
boosted
Hans-Christoph Steiner
boosted
Why curation and #decentralization is better than millions of #apps.
Hans-Christoph Steiner
boosted
🇺🇦 🇹🇼
Happy to have our last version of "The Android Platform Security Model" now included in the official August 2021 edition of ACM Transactions on Privacy and Security: https://dl.acm.org/doi/10.1145/3448609.
Fully open access - download, read, share, feel free to use however it's helpful ;-)
@n8fr8 @vitriolix I would have liked a content warning on that 😜 At least this web client handles GIFs well, only starting when I click it, easy to stop, etc. Element kills me because the GIFs just keep going and going.
@vitriolix I think a lot of Mastodon users want to drive towards conversations and more engagements, and make things less flashy in general. I think that's one reason.
@kravietz @rysiek all energy sources can cause horrific accidents. Fission is the only one that causes problems with a timescale of millenia, both the waste from normal operation and the outcomes from accidents. Human society does not deal with well with that kind of timescale, particularly when the implementers are corporations who focus on yearly profits.
@Aurimas I tried updating to 7.5.1, and it seemed to have fixed it for a while. But it came back... 😭 its an intermittent bug, so hard to predict.
It makes the most Java error message ever:
"Caused by: java.lang.IllegalStateException: Unexpected state for resolution: Unknown"
@rysiek
3) Because nuclear is better than bad options still does not make it good. Baseload power can come from hydro, tidal, batteries, and other potential sources. That is where research should go, not fission.
@rysiek sure, and nature is thriving in the Chernobyl zone, with black frogs that have evolved to manage the high levels of radiation. So we could expand nuclear, have more meltdowns, and thereby expand nature to prevent climate change! 😉 https://pubmed.ncbi.nlm.nih.gov/35233243/
2) Part of why nuclear development stopped is because there was widespread agreement that fission could not be done safely.
@rysiek @oblomov @cinebox @scotclose perhaps we could have had safer fission power by now, but that is unfortunately speculation. Other facts get in the way, like the waste products have to be managed for thousands of years, and no one has proven they can manage them for decades, let alone centuries or millenia. Fission is a dead end that at best will always just be less bad than fossil fuels. Solutions like expanding nature, eating less meat, making cities work without cars are all proven.
@rysiek If the Japanese cannot run them safely, then no one can, IMHO. Chernobyl and Fukushima will be no go zones for humans for thousands of years. Pretending that nuclear power is now alright will only serve to reduce the pressure that is needed to force through the real solutions.
Joined Aug 2019
