Hans-Christoph Steiner @eighthave@librem.one

@Bubu @uniqx The key rotation is the hack to provide something like Perfect Forward Secrecy. It is not a requirement though, a web server could run with a static #ECH key and all would work just fine.

It seems like the #EU #DigitalMarketsAct is already having an effect on #GooglePlay: now that they might actually have some real competition, they seem to be ramping up efforts to clean up their app store:

https://techcrunch.com/2023/11/09/google-play-tightens-up-rules-for-android-app-developers-to-require-testing-increased-app-review/

I've been getting a flood of #spam from #UK companies, but the kind where they are actual companies, not weird phishing things. They seem to provide proper unsubscribe links. Did the UK changes it laws recently to hold spamming companies less accountable? What happened?

@vitriolix the wealthy always have people who stash large chunks of money away for them. Sadly, I'm sure he's still rich.

@pmroman Are you saying that Muslims citizens of the #EU should be held to a different standard?

One thing that most impressed me about the culture of Brooklyn was how after the September 11th attacks, mainstream culture rallied to protect its Arab and Muslim communities because we knew they would be unfairly targeted https://web.archive.org/web/20210712204925/https://www.baltimoresun.com/news/bs-xpm-2001-09-14-0109140289-story.html

Sadly, what I see now in Europe is the mainstream adopting the bigoted views of people like Netanyahu, Ben-Gvir, Likud, Shas, etc. and coding it nice sounding language. The #EU should protect and respect all of its citizens and residents equally.

@colincogle @guardianproject you could use the same hostname for both the "public_name" and the SNI in the inner ClientHello. That works, but then "public_name" is clear text, so this setup would not protect the hostname. The "public_name' is generally the CDN, then the encrypted SNI would have the actual hostname. For example, public_name as cloudflare-ech.com and inner SNI as rte.ie.

I wonder if #GooglePlay uses the deobfuscation data in the "mapping.txt" file in the app review process? It would bring the binary code a bit closer to being more readable like source code. Their documentation only mentions crash reports as a use case:

https://support.google.com/googleplay/android-developer/answer/9848633

This is a really good sign for the #EU #DigitalMarketsAct: #Google is leveraging it to get #Apple to adopt #RCS in #iMessage:

https://www.theverge.com/2023/11/8/23951935/google-european-telcos-apple-imessage-digital-markets-act-core-platform-service-gatekeeper-lobbying

@cryptgoat @guardianproject Thanks for the notification! They renamed the release files: https://gitlab.com/guardianproject/fdroid-metadata/-/issues/6

Looking into it now.

@vitriolix I think they are trying to shutdown all methods of getting around adblockers, including things like Vanced. They are also harrassing free software devs like the #Invidious and #NewPipe people.

Looks like #Google's keeping the #DRM "Web Integrity API" alive in the #Android WebView, despite widespread disapproval for the "Web Integrity API" as a web standard. https://arstechnica.com/google/2023/11/google-kills-web-integrity-drm-for-the-web-still-wants-an-android-version/