he/him/his, cis, gay, husband, Beagle chew-toy, JavaScript jockey, Rustacean

  • 23 Posts
  • 22 Comments
Joined 3Y ago
cake
Cake day: Apr 06, 2021
help-circle
rss
@jokeyrhyme@lemmy.mltoOpen Source@lemmy.ml...
link
fedilink
01Y
Considering SourceHut
external-link
fedilink
0
Considering SourceHut
fedilink
Pluralistic: 25 Jul 2022 – Why none of my books are available on Audible
> When Amazon announced its Audible acquisition, they promised that they would remove DRM from the Audible store, and I rejoiced. Then, after the acquisition…nothing. Not a word about DRM. The Amazon PR people who'd once enthusiastically pitched me on Amazon's DRM-free virtue stopped answering my email.
fedilink
0
Pluralistic: 25 Jul 2022 – Why none of my books are available on Audible
fedilink
After public outcry, Google will reinstate Play Store app permissions list
external-link
fedilink
0
After public outcry, Google will reinstate Play Store app permissions list
fedilink
@jokeyrhyme@lemmy.mltoLate Stage Capitalism@lemmygrad.mlUS carriers want to bring “screen zero” lock screen ads to smartphones
link
fedilink
192Y

On the plus side, it’ll make surveillance capitalism and user-hostile design more visibly obvious

However, instead of custom Android distributions or even Linux phones, I predict this will more likely increase iPhone sales instead

link
fedilink
Why Lockdown mode from Apple is one of the coolest security ideas ever
external-link
fedilink
0
Why Lockdown mode from Apple is one of the coolest security ideas ever
fedilink
US carriers want to bring “screen zero” lock screen ads to smartphones
external-link
Horrific: > Glance's app is a full-screen takeover of the lock screen. It looks a lot like a generic swipe-heavy social network, like TikTok or Snapchat Discover, but it only shows content from Glance. Imagine if every time you turned on your phone, you were first presented with an auto-playing video from a popular off-brand TikToker, and you get the idea. The company's website promises "unparalleled reach" and "authentic engagement" from its captive audience. Naveen Tewari, founder and CEO of InMobi, gave a rather dystopian description of his company's strategy to Forbes India, saying, "Consumers will move from seeking content to consuming what is shown to them."
fedilink
58
US carriers want to bring “screen zero” lock screen ads to smartphones
fedilink
Notes on running containers with bubblewrap
fedilink
0
Notes on running containers with bubblewrap
fedilink
The Bipartisan Digital Advertising Act Would Break Up Big Trackers
external-link
> The Digital Advertising Act is a bold, promising legislative proposal. It could split apart the most toxic parts of Big Tech to make the internet more competitive, more decentralized, and more respectful of users’ digital human rights, like the right to privacy. As with any complex legislation, the impacts of this bill must be thoroughly explored before it becomes law. But we believe in the methods described in the bill: they have the power to reshape the internet for the better.
fedilink
0
The Bipartisan Digital Advertising Act Would Break Up Big Trackers
fedilink
X Window System Turns 38 Years Old
external-link
Wow, I'm weirdly close to the same age as the X Windows System
fedilink
0
X Window System Turns 38 Years Old
fedilink
Firefox Rolls Out Total Cookie Protection By Default To All Users | The Mozilla Blog
external-link
> Today’s release of Total Cookie Protection is the result of experimentation and feature testing, first in ETP Strict Mode and Private Browsing windows, then in Firefox Focus earlier this year. We’re now making it a default feature for all Firefox desktop users worldwide.
fedilink
0
Firefox Rolls Out Total Cookie Protection By Default To All Users | The Mozilla Blog
fedilink
@jokeyrhyme@lemmy.mltoLate Stage Capitalism@lemmygrad.mlElon Musk Has Become the Villain Liberals Always Imagined Him to Be | The richest man in the world’s coming-out party as a Republican was all but inevitable — but not for the reasons you might think.
link
fedilink
12Y
@jokeyrhyme@lemmy.mltoLate Stage Capitalism@lemmygrad.mlElon Musk Has Become the Villain Liberals Always Imagined Him to Be | The richest man in the world’s coming-out party as a Republican was all but inevitable — but not for the reasons you might think.
link
fedilink
22Y

Are we talking about liberals or libertarians?

According to wikipedia, these are not the same thing:

link
fedilink
Spotify Reboots OSPO, Earmarks $109,000 for Open Source Projects
external-link
> Music streaming company Spotify will donate $109,000 (100k EUR) to independent, actively maintained, open source projects that align with the company’s core values. It has also opened a dedicated Open Source Program Office (OSPO) to further promote sustainability in the open source ecosystem. Engineer Per Ploug Krogslund will head the office.
fedilink
0
Spotify Reboots OSPO, Earmarks $109,000 for Open Source Projects
fedilink
Google donates to LGBT+ equality groups, but also to political parties obsessed with exterminating LGBT+ people
external-link
https://blog.google/outreach-initiatives/diversity/pride-2022/ https://www.businessinsider.com/facebook-google-donated-tens-of-thousands-to-republicans-this-year-2021-4
fedilink
18
Google donates to LGBT+ equality groups, but also to political parties obsessed with exterminating LGBT+ people
fedilink
Microsoft finds Linux desktop flaw that gives root to untrusted users
external-link
> Nimbuspwn, as Microsoft has named the EoP threat, is two vulnerabilities that reside in the networkd-dispatcher, a component in many Linux distributions that dispatch network status changes and can run various scripts to respond to a new status. When a machine boots, networkd-dispatcher runs as root. > > The flaws, tracked as CVE-2022-29799 and CVE-2022-29800, combine threats including directory traversal, symlink race, and time-of-check time-of-use (TOCTOU) race condition.
fedilink
0
Microsoft finds Linux desktop flaw that gives root to untrusted users
fedilink
Pop!_OS 22.04 LTS has landed!
external-link
> Now that those bunny eggs have been painted and the afikomen has been found, it’s time to upgrade Pop!_OS! Here’s what’s new in Pop!_OS 22.04 LTS...
fedilink
0
Pop!_OS 22.04 LTS has landed!
fedilink
The urgent necessity of enacting a national privacy law
external-link
> Whatever final legislation comes out of the negotiations won’t be perfect, and it won’t address every concern. But we urge both businesses and advocates not to make the perfect the enemy of the good. Or of better, more consistent protections for all Americans. > > In closing, I’ll say this: Google is an engineering company — and we look at problems from an engineering perspective. When we spot an issue with our services, we make fixing it a priority, and we often move engineers from other projects to help. > > This is that all-hands-on-deck moment for privacy. I can't help but assume that whatever legislation Google backs here will not especially "good" and will be intentionally far from "perfect", but it would be nice to be surprised It'll be interesting to see what happens here, if anything
fedilink
0
The urgent necessity of enacting a national privacy law
fedilink
Google Chrome/Chromium Experimenting With A Qt Back-End
external-link
> It looks like Google is at least evaluating the prospects of Qt toolkit support for the Chromium/Chrome UI. A Phoronix reader tipped us off to newly-started Gerrit code reviews for Qt support with Chromium.
fedilink
13
Google Chrome/Chromium Experimenting With A Qt Back-End
fedilink
@jokeyrhyme@lemmy.mltoLinux@lemmy.mlCockpit 267
link
fedilink
22Y

Yeah, it does have fewer features than older admin portals like webmin, etc

link
fedilink
Introducing Proton Calendar for Android
external-link
> Last year, we released Proton Calendar beta on Android, marking a significant milestone in the expansion of Proton’s privacy ecosystem. We’ve been busy incorporating your feedback over the past year, and today we’re happy to officially launch Proton Calendar on Android!
fedilink
25
Introducing Proton Calendar for Android
fedilink
Cockpit 267
> Cockpit is the modern Linux admin interface. We release regularly. > > Here are the release notes from Cockpit 267 and cockpit-machines 266 I use cockpit at home, pretty happy with it
fedilink
11
Cockpit 267
fedilink
Nushell 0.61 | Nushell
> Nushell, or Nu for short, is a new shell that takes a modern, structured approach to your commandline. It works seamlessly with the data from your filesystem, operating system, and a growing number of file formats to make it easy to build powerful commandline pipelines. > > Today, we're releasing version 0.61 of Nu. This release includes UI improvements, many bugfixes, improved glob support, and more.
fedilink
6
Nushell 0.61 | Nushell
fedilink
@jokeyrhyme@lemmy.mltoLinux@lemmy.mlxdp-hook: call user-configured hooks when other apps use xdg-desktop-portal - Lemmy
link
fedilink
02Y

Start with the home page: https://www.freedesktop.org/wiki/Software/dbus/

There are a few “introduction” resources and an FAQ linked there that seem like a good start

The “dbus” part is really the hard part of working with xdg-desktop-portal, at least in my own experience

link
fedilink
@jokeyrhyme@lemmy.mltoLinux@lemmy.mlxdp-hook: call user-configured hooks when other apps use xdg-desktop-portal - Lemmy
link
fedilink
02Y
@jokeyrhyme@lemmy.mltoLinux@lemmy.mlxdp-hook: call user-configured hooks when other apps use xdg-desktop-portal - Lemmy
link
fedilink
02Y

Oh, nice

And it looks like the “zbus” library that I’m using exposes the equivalent functionality: https://docs.rs/zbus/2.1.1/zbus/fdo/struct.DBusProxy.html#method.get_connection_unix_process_id

link
fedilink
@jokeyrhyme@lemmy.mltoLinux@lemmy.mlxdp-hook: call user-configured hooks when other apps use xdg-desktop-portal - Lemmy
link
fedilink
22Y

So far, from what I’ve learned about dbus and xdg-desktop-portal messages, we could definitely have catch-all hooks like that ( https://gitlab.com/jokeyrhyme/xdp-hook-rs/-/issues/2 )

What’s not clear to me yet, however, is how i can trace the ownership of such messages back to the processes that initiated them

dbus sender/receiver IDs are just arbitrary text, and don’t seem to have a reliable relationship with the caller

I do have this on my roadmap though ( https://gitlab.com/jokeyrhyme/xdp-hook-rs#roadmap )

link
fedilink
xdp-hook: call user-configured hooks when other apps use xdg-desktop-portal - Lemmy
external-link
I'd like to share a side-project that I finally got to a minimally-useful state this weekend, in case others find it useful Repository: https://gitlab.com/jokeyrhyme/xdp-hook-rs Features (as of 0.1.2): - monitors Location, ScreenCast, and RemoteDesktop portal sessions - triggers configured scripts/command when these sessions are created/closed Example use case: - I'm using [`eww`](https://github.com/elkowar/eww) as my status bar across the top of my screen - I wanted to show/hide indicators whenever an application was using the ScreenCast portal (e.g. https://meet.jit.si/ or Zoom, or Teams, or whatever) - so I'm using `xdp-hook` to detect when any application creates a ScreenCast session, and update the state in `eww` accordingly so that a blinking widget is displayed/removed Suggestions and code contributions are welcome :)
fedilink
9
xdp-hook: call user-configured hooks when other apps use xdg-desktop-portal - Lemmy
fedilink
FACT SHEET: United States and European Commission Announce Trans-Atlantic Data Privacy Framework | The White House
external-link
Looks like EU and USA agreed on an approach It’s light on details though, I am not sure exactly how USA intelligence agencies are limited and monitored How much less information about EU citizens will be scooped up by the USA in practice? Google's responses: - https://blog.google/outreach-initiatives/public-policy/trans-atlantic-data-privacy-framework-building-long-term/ - https://cloud.google.com/blog/products/identity-security/how-google-cloud-helps-eu-companies-under-new-data-transfer-rules
fedilink
0
FACT SHEET: United States and European Commission Announce Trans-Atlantic Data Privacy Framework | The White House
fedilink
@jokeyrhyme@lemmy.mltoPrivacy@lemmy.mlGoogle has been collecting call and messaging data about who you talk to or send text messages to for years. There's no opt-out, no notifcation in their TOS they're doing this.
link
fedilink
122Y

If we get behavioural advertising banned everywhere, then there will be no profit in collecting this data, and Google will stop doing it: https://www.eff.org/deeplinks/2022/03/ban-online-behavioral-advertising

Let’s get back to advertising based only on current context, and eliminate the entire business model based on tracking our behaviour over time

link
fedilink
@jokeyrhyme@lemmy.mltoWorld News@lemmy.mlUkraine suspends 11 political parties with links to Russia
link
fedilink
62Y

A truly patriotic party is beholden to local oligarchs (e.g. billionaires) instead of foreign oligarchs

link
fedilink
@jokeyrhyme@lemmy.mltoOpen Source@lemmy.mlElectron?
link
fedilink
12Y

I guess a better parallel is using C/C++ to write software, where it is trivially easy to mismanaged memory in ways that cause 70% of CVEs

If we were being consistent, we’d be trying to eliminate all software written in any language or framework where it is trivially easy to introduce security issues

I wonder how many anti-Electron folks are also logically anti-C/C++ ?

link
fedilink
@jokeyrhyme@lemmy.mltoOpen Source@lemmy.mlElectron?
link
fedilink
-22Y

You mean how like nobody ever ever pipes the output of curl into a bash with root privileges? :P

Maybe we should ban cURL when we ban Electron?

link
fedilink
@jokeyrhyme@lemmy.mltoOpen Source@lemmy.mlElectron?
link
fedilink
0
edit-2
2Y

An Electron app has full access to your filesystem and to other system resources, the same as any other desktop app

Is there a specific reason or example for why we say it has terrible security here?

Chromium has an incredibly advanced and optimised graphics pipeline and the code that is running in the “web” part of an Electron app benefits from Chromium’s sandbox

link
fedilink
@jokeyrhyme@lemmy.mltoOpen Source@lemmy.mlElectron?
link
fedilink
22Y

People complain about Electron, but without it there would probably be even fewer cross-platform apps today

Some aspects of it might be less than perfect, but let’s not allow perfect to be the enemy of good

Electron doesn’t automatically mean that an app is bad, just like Unity doesn’t automatically mean that a game is good

link
fedilink
@jokeyrhyme@lemmy.mltoLinux@lemmy.ml5 Great, Less Common Tiling Window Managers
link
fedilink
02Y

I prefer Zig, Rust, Go, and every other programming language that isn’t the cause of 70% of CVEs

Humans are just bad at managing memory safety, so why encourage the use of such tools?

link
fedilink
@jokeyrhyme@lemmy.mltoLinux@lemmy.ml5 Great, Less Common Tiling Window Managers
link
fedilink
02Y

I had used sway for a year or so and liked it

Then a switched to river ( https://github.com/riverwm/river ) a few months ago, it’s also fine

I’m on a very slow mission to remove C/C++ from my setup, otherwise I’d still be on sway

link
fedilink
@jokeyrhyme@lemmy.mltoPrivacy@lemmy.mlTrudeau Government Moves to Make Expanded Surveillance Powers over Financial Transactions ‘Permanent’
link
fedilink
02Y
@jokeyrhyme@lemmy.mltoPrivacy@lemmy.mlIs there any open source music streaming app? From F-Droid or even Aurora
link
fedilink
22Y
@jokeyrhyme@lemmy.mltoLinux@lemmy.mlLibadwaita 1.0 released
link
fedilink
72Y

Helping to standardise a global dark mode preference is nice

link
fedilink