Hans-Christoph Steiner @eighthave@librem.one
Joined Aug 2019
@stf because #Microsoft wants all the data they can gather on developers, that's why they bought GitHub. They have some #SurveillanceCapitalism business, and now, they want it to feed all of their #AI #LLM systems.
Hans-Christoph Steiner
boosted
This week in F-Droid (TWIF) was just published.
We have new mirrors and some news about Simple Mobile Tools.
Also, we wrote about DiskUsage, Sithakuru and Karma Firewall.
Hans-Christoph Steiner
boosted
We are pleased to announce the new 27M€ NGI0 commons fund project let by @nlnetfdn that will support hundreds of new projects and innovators driving a human-centric internet. The innovators will be supported by a strong consortium comprising: @OpenForumEurope
APELL
Swiss chapter of the @internetsociety
@ow2
@fsfe
@ros @fsi
Tolerant Networks
HAN University
@APC
@techcultivation
Commons Caretakers
@nixos_org
#OpenSource
Hans-Christoph Steiner
boosted
We invite you to nominate a FOSS project for the Bluehats prize. There are four prizes of €10.000 each, to be spent freely.
Bluehats are civil servants who promote the use and development of Free Software in public administrations.
The French public administration has established the Bluehats prize for maintainers of critical Free Software. To be eligible the software must be in use by at least one agency of the French administration.
Hans-Christoph Steiner
boosted
Seems google/apple's push notifications services are regularly queried by state authorities for obtaining user data -- see this german #netzpolitik article https://netzpolitik.org/2023/push-dienste-behoerden-fragen-apple-und-google-nach-nutzern-von-messenger-apps/ --
#deltachat only uses apple's push notifications on iOS for "heartbeat" services -- otherwise it's too hard to ensure the app can show messages for their user (and many users are asking for tighter integration). On Android and Desktop platforms no push notifications are used or needed, also no heartbeat ones.
Hans-Christoph Steiner
boosted
"Unidentified governments are surveilling smartphone users via their apps' push notifications".
https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/
#Push services from #Google and #Apple are used in many messaging apps, letting those companies see a lot of about what the users are doing on their #mobile devices. It is clearly a rich source of #metadata with huge #privacy concerns.
Hans-Christoph Steiner
boosted
Been a good day in #Brussels. Attending the #DigitalCompetitionDay event.
I believe that the Digital Markets Act (#DMA), has the potential to make a significant difference.
Explained a bit what I have experienced over the years with #Microsoft , #Apple and #Google.
Talked about the importance of not leaving holes through not designating products, such as #edge
Talked about the importance of regulating use of data. Data may be the new oil and oil is ruining the planet. We can allow use of data for services, without saying that the data can be used for profiling and marketing as well!
Got great feedback, so happy about that.
@vitriolix that's a lot of hair
Hans-Christoph Steiner
boosted
All you need to know about #oil & #climate is the Saudis opening the spigot by another 1m barrels/day last week, and Putin getting the royal treatment in Abu Dhabi today, all while Dubai is hosting #COP28
https://www.axios.com/2023/12/06/oil-production-biden
Hans-Christoph Steiner
boosted
Upcoming releases of F-Droid will change how repositories are added. We are interested in feedback about this overhaul.
Please tell us (if you already have the latest F-Droid or F-Droid Basic 1.19.0-alpha installed):
* Does adding repos still work for you?
* And did adding repos became easier or harder?
If you don't have 1.19.0 yet: Note that this is still in beta, so brave users need to install this manually (enable Beta updates for the app or from Client expert settings).
@U039b yeah, that's understandable. If there is any subset that you would like to receive, we could look into implementing that. For example, new releases for a specific app or a handful of apps.
Hans-Christoph Steiner
boosted
We hit a major new milestone our DEfO partnership project to accelerate adoption of #TLS Encrypted ClientHello (#ECH): Stephen Farrell made a pull request to #OpenSSL with a complete, working implementation: https://github.com/openssl/openssl/pull/22938
Hans-Christoph Steiner
boosted
Google's war on ad-blockers continues! Google will slow down the update process for third-party extensions by requiring them to be reviewed by the Chrome Web Store. 🚫
This means YouTube can counter ad-blockers while slowing their release of workarounds. 🤢
This David and Goliath situation looks to be even more unbalanced than previously thought.
👉 https://tuta.com/blog/google-search-monopoly
@fennek @fdroidorg F-Droid is alive and well, but unfortunately the Community Council did not get off the ground. We'll still be moderating our forums of course, and welcome volunteers interested in helping there. I wish the two that left well, they both have contributed a lot.
Hans-Christoph Steiner
boosted
Delta chat and end-to-end encryption https://f-droid.org/en/2023/11/30/twif-delta-chat-e2e-encryption.html
@U039b FYI it should be possible for MITMproxy or things like it to work with ECH, but they will need to intercept the DNS and know how to process HTTPS RR types.
@U039b For HTTP that would require things work without the Host: header, I wonder if any CDNs would use the domain name from ClientHelloInner if Host: was missing?
@U039b ECH just affects ClientHello, the rest of the TLS session should remain the same. If the ClientHelloInner cannot be decrypted, then the actual domain name remains hidden. That could be important with CDNs, e.g. is the client app connecting to badtracker.com or cloudflare-ech.com? In that case, it might be possible to get the domain name by MITMing the DNS but not guaranteed. The client could store IP addresses to avoid leaking DNS to avoid detection. I think Facebook's app does this.
Joined Aug 2019
