Show more

has been moving more towards the deb.debian.org mirror which is provided by a single CDN company, . It works well, but also feeds an enormous amount of to a single company, and it can be used to track computers and maybe even people. And the privacy policy in effect is unclear. Fastly says the policy of the "subscriber" applies, but the privacy policy for deb.debian.org is not listed anywhere I could find. Anyone have any insight here?

This week in F-Droid (TWIF) was published again :fdroid:

We try to explain the "app was developed for an older version of android and can not be upgraded automatically" banner for some apps (including F-Droid itself).

Also, we talk a bit about the current localization problems on our website.

On the apps side:

- new Aurora Store version
- Element and SchildiChat were updated to fix two vulnerabilities.
- OpenKeychain was updated
- sing-box was added

f-droid.org/2024/02/29/twif.ht

#FDroid

🗓 Leap year. Année bissextile. Schaltjahr.

We mark this rare February 29 by celebrating the unique nature of the EU.

Our Union, with 24 EU official languages, shows what being united in diversity means.

Multilingualism is our greatest strength– It breaks barriers and helps us travel, collaborate, and understand each other.

Let's celebrate it every year, every day.

@divested this sounds quite interesting and useful. Is STIR/SHAKEN relevant in places outside of the US and Canada? Also, it seems like this functionality should be built into the OS. Would that make sense?

@orangesunny @fdroidorg We have funding from to do a dev sprint on parallelizing the build infrastructure. We will start before Winter is over. gitlab.com/groups/fdroid/-/mil

I have fond memories of degaussing my old CRT monitor for fun and distraction

Degaussing a CRT at 10,000fps #shorts #slowmo
youtube.com/shorts/Fkshp4Ikk6Y

@r3vilo @fdroidorg If you think its a bug, could you file a bug report on this: gitlab.com/fdroid/fdroidclient

Please provide your Android version, F-Droid version, and which ROM you're running.

@dreua it is indeed a nice feature that the connection is separately maintained from the username. I was responding to the discussion about reusing well known public usernames. For all my public code repos, I use "eighthave". I could claim "eighthave" for Signal then lots of people could easily connect with me via Signal. But then anyone could also send me spam or Pegasus. So I think it was a mistake for Signal to call this a "username" it behaves differently, it is more like an invite link

@mdosch @timbray @element good point, for spammers, they can just generate all the phone numbers. For user names, they can generate all the shorter usernames. I imagine to have a long lived Signal username and avoid spam, it would have to be longer than 16 characters.

@r3vilo @fdroidorg you should only see this message after your base OS has changed. I wonder if there is a bug somewhere in that logic, since you said your Android version hasn't changed.

@austin @dreua @timbray right, just like with an email address or even a phone number. My point is that people should assume that this Signal username has all the same downsides as other systems with user-selected identifiers and treat it accordingly.

This week on F-Droid (TWIF) :fdroid: was published again.

We talk about:
- F-Droid and F-Droid Basic 1.19.1 are now marked as "suggested" and arrive as update for every user
- a blog post from the Guardian Project regarding repos in F-Droid
- TorServices in our repo
- ZipXtract FD with fewer features
- Jami looks better
- Organic Maps was updated again
- Stitch is back again
- and a note about the boring wall of further app updates

f-droid.org/2024/02/22/twif.ht

#FDroid

The US data broker Bazze secretly obtains location and identity data about a hundred million people via smartphone apps, digital advertising and consumer records and sells it to the US military.

NSA-like global mass surveillance, but based on commercial data.

Forbes has now a report about it:
forbes.com/sites/sarahemerson/

Show thread

The and other actions against app stores are based on the idea that an app store companies should not "self-preference" their own apps or services. This makes sense to a certain degree, especially when thinking about business. Ethical reasons must also be considered. preferences apps based on and Anti-Features, which we as a community define. We should always be allowed to preference apps that follow standards of .

@jlou that doesn't sounds possible to make work. I think it is important to stick to the four freedoms with Free Software. Copyright licenses are not an effective tool for trying to enforce other societal values. Such licenses are more likely to harm the people you're actually trying to help because it means they'll have to get lawyers involved in order to understand how and when they can use software with that license. means every individual is free to use it without needing legal help

has a beta that makes it possible to chat without sharing your phone number with the others. This is an important development for privacy in use cases like journalists and activists that have to privately interact with people they do not know. Careful about using a public username for Signal, it could open you up to spam and targeted attacks like Pegasus.

social.librem.one/web/timeline

@timbray Using a well known username for is a recipe for receiving lots of spam. I'll bet that's the main reason why Signal does not currently have much spam. I'm pretty sure I'm not going to use my public handle. Signal does well with smaller numbers of people and less active chats. Very active chats or large groups are quite painful in my experience as compared to @element Signal's use case is communicating with people you know, while are for big/active groups

How Allowing #Copyright On #AI-Generated Works Could Destroy Creative Industries - techdirt.com/2024/02/20/how-al "it is not in the interest of artists to allow copyright on AI-generated works, whatever Big Copyright might have them believe."

Show more
image/svg+xml Librem Chat image/svg+xml