Show more

Are you experienced with GTK and Rust ? :gnome: ❤️ :rust:

We are looking to contract someone to work on the new GNOME Password Manager 🔑

We want it to become a core/default app and help secure millions of users.

You'll be working with the GNOME Foundation, a non-profit dedicated to building emancipatory technologies for everyone.

Please send resume / portfolio to

Boosts welcome :boost_love:

#GTK #Rust #rustlang #GNOME #Linux #Ubuntu #Linux #Fedora #OpenSUSE #Debian

Its also kinda enlightening on how distros react to the #xz backdoor:
* #arch "lets rerelease the version from the untrusted party, we run ourselves now"
* #debian "lets roll back to the last version not having any changes by the untrusted party and rebuild our infra from scratch"

I know which of these I trust more as an upstream ...

@selectallfromdual Latest F-Droid Client 1.20 alpha (expand Versions to install) redesigned the repo section. Feedback is welcome.

I accidentally found a security issue while benchmarking postgres changes.

If you run debian testing, unstable or some other more "bleeding edge" distribution, I strongly recommend upgrading ASAP.

Three years ago, had a similar kind of attempt as the . A new contributor submitted a merge request to improve the search, which was oft requested but the maintainers hadn't found time to work on. There was also pressure from other random accounts to merge it. In the end, it became clear that it added a . In this case, we managed to catch it before it was merged. Since similar tactics were used, I think its relevant now

For anybody cynically going "haha, 'given enough eyeballs, all bugs are shallow" my ass", I'm willing to argue that the reverse engineering of the #xz #backdoor actually validates this claim.

We just didn't have enough eyeballs on this particular dependency, nor is it possible to have every commit in your dependency graph investigated. But once the issue was found, the community's focus moved like the 👁️ of Sauron; few teams could have done that work (as quickly, thoroughly, or at all).

@eb I really hope that this causes an industry-wide reckoning with the common practice of letting your entire goddamn product rest on the shoulders of one overworked person having a slow mental health crisis without financially or operationally supporting them whatsoever. I want everyone who has an open source dependency to read this message

Today, we've opened five non-compliance investigations under the Digital Markets Act.

It concerns:
🔹Alphabet’s rules on steering in Google Play
🔹Alphabet’s self-preferencing in Google Search
🔹Apple’s rules on steering in the App Store
🔹Apple's choice screen for Safari
🔹Meta’s ‘pay or consent model’

More info!4NF6bV

Feels a little funny to be sympathic to 's point of view in the compliance workshop when some of the advertising industry lobbyists ask questions. From what I've seen, Google is less crappy than the average ad tech company when it comes to privacy, so I really hope the DMA does not open us up to more crappy ad tech companies.

In collaboration with @fdroidorg, the @fsfe prepared a study for the Japanese Competition Authority HDMC on how Apple's plans to comply with the #DMA represent a risk for #FreeSoftware and #DeviceNeutrality.

Key recommendations: 👇
- Full and unfettered side-loading
- No distribution via DRM encryption
- No residency or credit requirements for
3rd party app stores
- No interoperability request forms
- More competition on trustworthiness

#Sideloading apps and using alt stores like #Flathub is a major feature of elementary OS and a competitive edge over closed platforms that only let you install apps from a locked down store. In this release we’ve made several improvements to smooth out the experience of using alt stores based on your feedback and the latest #CrossPlatform standards.

Show thread

So maybe is a special case here, maybe not. But all of the apps that requires to be in the bundle do not require special privileges, so can easily be built into Android devices in a way where they are easily uninstallable, e.g. disabled and deleted. I'm thinking Maps, Gmail, etc.

Show thread

After 2018, stopped publishing data about malware coming via sideloading. Today in the workshop they made big claims that sideloading is much more likely to be malware. Since they are making claims based on that, they should again release that publicly.

@f15h ‭XIII.‬ ‭Art. 6(3)‬ ‭B.1‬ ‭23.‬‭ ...Google‬‭ Android‬‭ allows‬‭ users‬‭ to‬‭ uninstall‬‭ apps‬‭ by:‬ ‭(i)‬‭ fully‬‭ deleting‬‭ apps‬‭ that‬‭ are‬‭ downloaded‬‭ or‬‭ pre-installed‬‭ in‬‭ a‬‭ Google‬‭ Android‬‭ device's‬‭ user‬ ‭partition;‬‭ and‬‭ (ii)‬‭ disabling‬‭ apps ‬‭in ‬‭a ‬‭Google‬‭ Android‬‭ device's ‬‭system‬‭ partition‬‭ such‬‭ that‬‭ they‬ ‭are returned into an uninstalled state.‬‭

says is not part of the OS but then do not allow users to actually uninstall it. At the same time, they say that they won't let people download it and install it on other AOSP-based systems like Amazon Fire. We know this kind of thing works since people are downloading Play Services from places like APKMirror.

Show thread

If you needed any more proof that the so-called #AppAssociation #ACT is an #Apple front, their lobbyist just asked #Google whether it wasn't worried that 3rd party app stores are dangerous to users and would put a control process in place (like Apple does). 😠

Show thread

Just in case you're wondering why #Apple & #Google etc. are such jerks about implementing #DMA, here are some numbers:

* play store revenue 2019: $ 11.2 Billion
* apple appstore revenue 2021: $ 85.1 Billion
* apple app store made more money on games alone in 2019 than nintendo, microsoft and sony combined

Today: #DMA compliance workshop with #Alphabet/#Google :)

While Alphabet seems to be better in terms of the new #browser & #search choice screens, they have a strange view regarding their new obligation to allow un-installing pre-installed apps like #PlayStore or #Gmail:

Alphabet's lobbyists argue un-install and remove are two different things and as the #DigitalMarketsAct's Art 6(3) only mandates un-install but not removal, the current "deactivation" feature in Android would be enough. 🤔

Show thread

EU antitrust chief Margrethe Vestager called out Apple’s proposed core technology fee for what it is: a way to protect its monopoly instead of actually complying with the Digital Markets Act.

“…if the new Apple fee structure will de facto not make it in any way attractive to use the benefits of the DMA. That kind of thing is what we will be investigating.”


Show more
image/svg+xml Librem Chat image/svg+xml