Show more

Messaging Layer Security has just been officially standardized by the , this is a great new development, especially in combination with standard protocols like and . 1/

A decade ago, did some extensive UX work on buttons using the power button. They used 10 presses as their trigger, and still got far too many false positives. Their conclusion was power button triggers were not workable. reached a similar conclusion back then. I guess missed that research: they shipped with a 5-press trigger, and now emergency services numbers are receiving record numbers of false calls:

Gathering technical details of unpatched vulns is dangerous, no matter who is doing it. The Cyber Resilience Act should avoid making this a requirement, it will not make us safer.

More info in the blog post:

1/5 🚨The final EU Parliament position on #AIAct is here 🚨

Some wins for #FundamentalRights but also missed opportunities to protect and empower people.

Read our statement:

1/4🔎#Google's harmful tracking ads business is now officially under investigation in Europe.

🚨In preliminarily findings, @EU_Commission confirms: since at least 2014, Google has abused its dominance in the #AdTech market - harming people, online journalism and competitors.

4/4 The @EU_Commission findings against Google make clear once again that the harm done by the #surveillance ads business cannot effectively be remedied unless we put an end to it 🙅‍♀️

Show thread

1/5 🚨WIRED leak shows that Spain, Cyprus & Hungary want to use the #CSAR law to push for illegal #surveillance.

Contrary to what the European Commission says, the intention is to allow the police to break into people's private digital life.

📺 #Encryption is vital for creating safe spaces, especially in insecure situations:

This screen that shows on when installing really bugs me. It is purely based on the integer value targetSdkVersion, without considering our security model, public audits results, track record over 10+ years, exclusive use of memory safe languages, or even what our code actually does. It is as if marked anything that comes from Google as containing ads and trackers. 1/2

@grote we are glad that gnome-calls and chatty are in the Debian repository. Android's openness is a story of death by a thousand cuts.

Google made it official that important apps like Messaging and Dialer are no longer maintained in the Android Open Source project. A free Android on its own is pretty much useless now.

Want to disseminate our messages in your native 🇪🇺 language?

Join our translators team! And help us to empower people to control technology!

#android #developer #reminder

You don't need to download the #android #sdk #binaries from #google .

You can compile the #sdk by yourself from the source code to write #android #apps.

Check this repository at #codeberg , it will do the job for you.

All you need are the scripts from this #repo , 32 GB #ram , approx. 300 GB free disk space and some patience.

Then, you can start coding for #android without the proprietary #sdk binaries from #google!

I'm often surprised to hear that many people believe that was this new radical idea in software development that came about in the 80s. That is actually backwards. Open Source was the default way software was developed before the 80s, and development changed that. The movement was a direct response to software going . It put front and center as the reason why should be free and open.

Episode 57: F-Droid (featuring Sylvia van Os & Hans-Christoph Steiner!)

F-Droid, a repository of free software on your Android device! @cwebber interviews F-Droid developers @SylvieLorxu and alongside chair of the F-Droid board... @mlemweb!!!

#WhatsApp implementing #KeyTransparency is pretty nice, and definitely an excellent step in the right direction against shadow accounts and the service provider trust problem. However, without the client being #OpenSource, it is not that meaningful. Yes, of course somebody could implement an independent monitor for the transparency log to check keys registered for an identity, but what percentage of the user base will actually do that when the only realistic way to use the service is to rely on the #proprietary client, which can still be used to maliciously target (groups of) users to break #E2EE?

Secure messenger clients should both use identity security protections like #KeyTransparency and have a *default* implementation that is #OpenSource and, ideally, be distributed with #BinaryTransparency and verified through #ReproducibleBuilds. Oh, and allow other identifiers than just phone numbers (still looking at you, @signalapp - which is otherwise ticking a lot of the right checkboxes).

* Make software that works on older devices, the older the better.
* Make software that will keep on working for a very long time.
* Make software that uses the least amount of total energy to achieve its results.
* Make software that also uses the least amount of network data transfer, memory and storage.
* Make software that encourages the user to use it in a frugal way.


RT @Iwillleavenow
Biden issued an order that doesn't even fully ban commercial spyware, just spyware that has a few high-risk issues (controlled by a foreign gov, previously used by foreign nation to access U.S. gov devices, etc.) and the industry is in a full panic.

"Microsoft Edge sends a request to bingapis .com with the full URL of nearly every page you navigate to"

Microsoft secretly tracks people across myriads of websites/apps via pixel. Now it was caught tracking them directly in the browser, by default. Wild.

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml