Kyle Rankin @kyle@librem.one

@geek Yes, some of these things, eventually, may be configurable. We are starting by erring on the side of safety and "opt in", and as we can figure out ways to achieve that while allowing some of those options down the road, you might see some of that.

@geek The thought is that it makes it clear that social media posts are public and protects against accidental disclosure of things (through misconfiguration or other mistakes) that you thought were private (but are only pseudo-private without encryption) both from outsiders and also from us or anyone who would request your data.

This last week all Firefox addons were accidentally disabled due to issues in Mozilla certs. Many security measures out there require full, unrevokable trust in the vendor for them to work and this is a great example of the risks with that approach. Imagine if that ever happened with SecureBoot... #infosec

Uncle Ben said that with great power comes great responsibility, but he didn't explain that responsibility lags behind power a bit. There's a brief period where you can enjoy the rush of great power before the weight of great responsibility hits.

@af3 Soon. For now you can use the upstream Riot app.

This makes a lot of sense given MS's larger strategy with Azure. They need to get Linux devs off Macs and AWS and onto Windows and Azure. Github and Linux tools on Windows are the gateway. #devops #cloud https://arstechnica.com/gadgets/2019/05/windows-10-will-soon-ship-with-a-full-open-source-gpled-linux-kernel/

For those of you using Librem Chat on Android, the latest version (0.1.4) removes any code traces from trackers left behind in the upstream Riot codebase (we had disabled them before but the code itself was still there).

https://source.puri.sm/liberty/chat/android/issues/1

@rpgwaiter @lunduke Welcome!

@diggity That was really hurtful :(

@springbov@mastodon.technology @todd I write song parodies like this a few times a week at work for fun. This one I wrote a few months ago and I thought with the 500 char limit in Mastodon it would be fun to start posting some of them every so often.

If you have any requests let me know!

I take a top down approach to wine tasting. #ghia

So much drama in the SPC
It's kinda hard being T-O-double-D
But, he, somehow, someway, keeps on comin' up with Librem hardware every single day

He's got coders in the chat room buildin' a phone
They ain't leavin' till 6 in the morn (PST)
Now we gonna pick a license for this. GNU's up, closed's down while you other developers code to this.

Rollin' down the street, writin' free code, licensed for GNU, laid back, with my mind on the Librem and the Librem on my mind.

@ConnyDuck Sorry for causing you so much trouble over the past few days. I assure you we didn't have malicious intent and it was just a oversight in the process of this launch.

Outside of the notices that are in the application now, are there any places that you feel are missing appropriate attribution?

For what it's worth, we elaborate on the reasoning behind doing a fork for Librem One client apps here: https://puri.sm/posts/how-purism-works-upstream-and-gives-back/

I elaborate on some ways to protect the digital supply chain while borrowing metaphors from the food industry in this post: https://puri.sm/posts/protecting-the-digital-supply-chain/

This is why projects like Reproducible Builds are so important. Basing all of your security on a company's signature on proprietary code is too risky.

https://www.wired.com/story/barium-supply-chain-hackers/

A animal with a history of abuse will often flinch when a well-meaning new owner tries to pet it. It takes a lot of time and effort to rebuild trust and security.

The emotional damage in the #FOSS community from decades of abuse by exploitative companies isn't acknowledged nearly enough, and is hard to overcome.