They can also lobby more effectively for privacy respecting legislation and privacy rights. I don’t like lobbying, but so long as it’s around, it would be nice to have a big privacy company that’s as invested in that as the average privacy enthusiast.
A “privacy” company acquiring and centralizing various projects to be under its umbrella seems kind of worrisome to me even if it’s done with pure intentions.
I find that fair, but at the same time, proton has a rocksolid history at this point. OFC they will likely add their features to it, and maybe remove some. But im the end its still open source and under gpl licence, so its not like proton cam change that unless they remove all other commits.
Chromium is still open source, as is Android to some extent. I get that the two companies (Google and Proton) are in completely different size classes, but something being open source doesn’t necessarily mean it stays healthy. Sure people can fork it, but the issue tends to lie in continuous maintenance by volunteers against continuous maintenance by a large company that’s constantly adding in anti-features along with desired ones.
I’m not necessarily saying Proton will go down that route, but trying to become big and bundled as a value proposition opens the door for that behavior once they get enough people locked into the ecosystem.
Chromium and AOSP are not good examples for what you’re saying. Both Chromium and Android have thriving ecosystems of forks and alternatives based on them. Built on the work that Google is doing with them. So I really don’t think those are good examples of applications that aren’t healthy because you can just use a fork.
Yes, Google controls upstream, but there’s no reason why you can’t use downstream.As you said, it puts maintenance burden on the forks, but people are willing to do that. That’s the thing.
EDIT: This is my off account, So, unfortunately, you’ll have to take my word for it, but I did used to be part of an Android ROM team in the past and still do Android work private sector today.
Perhaps they are bad examples, but my point was more that I think those ecosystems thrive in spite of the company that owns the upstream at this point more than because of it. They did tremendously useful work getting the projects off the ground but it ostensibly seems like they get in the way more often than not; that said, I haven’t done any open source work on either of the two. I’d be interested to hear your take, I could be pretty far off the mark.
Honestly my main examples I’d point to right now are situations like manifest V3 and Android nitpicks like the recent Bluetooth 2-tap change; don’t get me wrong, they are easy to fork and have thriving ecosystems in terms of volunteer dedication, but those forks still primarily targeted towards technical users (with some exceptions) and companies selling devices like the Freedom Phone (and other, actually neat, useful, properly privacy focused devices which is awesome!). By far, however, most users are on the upstream branch due to “default choice” psychology and have to deal with the bullshit that’s increasingly integrated into the proprietary elements that Google seems to be making harder and harder to separate from the open source ones. I suppose that’s why education and getting the word out are all the more important though.
Could be the sensationalist end of the tech news cycle getting me spun up on an overall inaccurate view of things.
There is also the point I have to raise that security update support is always a very valuable asset that can be worth dealing with some downsides to get ahold of. I’m hoping a lot of those can be pulled into open source projects on more of a piecemeal basis where applicable?
I’d be happy to be proven wrong about my rudimentary assessment. I have enough things to be doomer about and honestly it would be nice to have one or two fewer!
Working with android can be a bit of a pain for sure. I’m only talking about android here since that’s all I’ve tested, so don’t apply what I am saying to chromium, Android and Chromium are two seperate projects, by two separate teams. but in the end it’s important to realize that google has actually needs for these devices. As long as you work within the bounds of needs it’s actually not that hard to actually work with. Android has a LOT of stuff for sure.
Android actually allows you to configure most things (granted the documentation is absolutely horrid, Grep my beloved). It is true that most android phones are running proprietary stuff, but this isn’t really any fault of google. Google has gone to fairly great lengths to make AOSP a fairly open ecosystem. Nearly every rom is heavily customized as per customers requirements. AOSP can actually run on most hardware fairly easily. Hell it even works just fine on the vanilla kernel (Waydroid for instance). The Issue is that it’s nearly impossible to market consumer devices with only FOSS/AOSP stuff, the margins on phones are actually terrible. The biggest issue is finding a phone that can accommodate the more open stuff, not the issue with google pushing crap. In the end Google is making devices for people who will fight tooth and nail to grab the gun to shoot themselves in the foot. A lot of their motivations are based on that. But doing your own AOSP is still easy enough. Just need hardware for it.
Even from the “all your eggs in one basket” kind of perspective it does feel worrisome, not to mention that i am unsure about this dilution of their focus on many apps being helpful, I’d rather have them focus on very few but rock solid and maintained services instead of going with the Google “we do everything” way to do things
The phrase Jack of all trades master of none really only applies to people. A company can just hire more people when it has more products.
Google’s issue is not that they’re “big” it’s that they’ve failed to truly innovate and invest in anything in years. The current leadership kills anything that isn’t an instant money maker despite the majority of the company’s profitable products taking years to become profitable. They’re also in a weird spot because their “magic” was always free services in exchange for advertising money and that’s a model that’s come under attack and been replicated to death by competitors.
I used standard notes a little while ago, it seemed like a nice phone note app replacement with a decent number of markdown based plugins
I don’t think it’s trying to be a Notion or an Obsidian
This is the interesting part, looking at their list of acquisitions, none of them seems to be generating any revenue. I only know wordpress, simplenote, tumblr and pocketcasts (lifetime user).
Several things, but the issues focus around the company running the show, rather than the API. Their ‘binding rules’ have an outrageous number of loopholes.
“We won’t sell any assets ever! Unless… someone buys us. Or if we decide there’s a benefit to selling the assets.”
“We reserve the right to do whatever we deem fit with non-profit money, so long as it benefits matrix.”
Matrix was ‘de-federated’ from Libera.chat because Matrix admins refused to properly moderate their servers, respect privacy, maintain reciprocity, etc. There’s a whole letter explaining the hair ball that occurred.
Their explicit goal is monopoly. Every thing should use our API. Everyone should federate. (Share your data with our servers.)
Companies are companies. Non-profits included. Non-profits are just a way of saying, “We’re not going to the stock market, but we can still funnel money into various pockets… especially our own, or people we want to pay money to.”
Foss/Floss is about ownership, control, modifiability, ect. being handed to whoever owns it. Matrix is about ownership being shared with Matrix.
It’s a wondrous API. Everyone should use it, and set up their own private self-cleaning servers.
I mean, “if it doesn’t suite your needs – fork it” still stands. As for the lack of moderation – that’s applicable to the official instance, I guess? 'Cause it’s like more than a half of all the users, so no wonder they can’t moderate everything
That would be the case if it wasn’t a flagrant violation like, “These matrix rooms are spying on these chat rooms without announcing the users in the matrix room”, and Matrix refusing to fix it when informed.
Imagine if Matrix did that to their user base. “We’ll occasionally drop in to listen, or pipe your conversation to other people, but you won’t see the, “x joined”, notice. Cheers!” Creepy spying, the polar opposite of privacy.
Matrix was ‘de-federated’ from Libera.chat because Matrix admins refused to properly moderate their servers, respect privacy, maintain reciprocity, etc. There’s a whole letter explaining the hair ball that occurred.
It’s also split up into multiple companies under the same matrix umbrella, and some aren’t non-profit but still get a share of the donations sent to the matrix org. It’s shady and Matrix as a whole just gives me a bad taste in my mouth.
I’ve never particularly trusted the corporation behind Matrix messaging. They disrespect the GDPR openly in ways not even Discord does (a GDPR compliant deletion request from a British Matrix.org user to Matrix.org will result in no messages or usernames being deleted).
Matrix’s primary goals are keeping your data online as permanently as possible and replicating it across as many services (including more explicitly anti-privacy ones) as possible.
I don’t like that it does pretty muh the same thing as XMPP but more inefficiently. Like, my Conduit, already a lighter than Synapse implementation, consumes around 100 megs of RAM compared to Prosody’s 30.
Also it is worrying how prevalent the central matrix.org instance is. Like, the network is federated, but if you defederate from the single central one - things might break.
@Samsy@arbocenc#XMPP can run bridges (called "Transports" or "Gateways" in XMPP terms) since the early ages. And nowadays, there are modern ones with tight integrations: #Slidge being a flagship (including a #Matrix gateway), and I'm myself working on ActivityPub gateway and soon a email one with #Libervia. #Cheogram is also working on SMTP gateway. And #Biboumi is the flagship #IRC gateway.
Curious how none of the coverage of this launch mention that the app isn’t actually open-source (though they pretend to be an open-source project), which makes all of their claims of “end-to-end encryption” worthless
The most important component to be open-sourced in an app that claims “client-side encryption” is the client, where the encryption actually takes place…
When I first heard of Beeper I thought it was interesting. But reading later that they were buying really old iPhones to jail break them for bridging with iMessage I had some doubts. Now they’re bought by the Wordpress people, who also bought Tumblr, and apparently selling user data to AI.. And from what I’ve read about bridges there is no E2EE with Matrix (what Beeper seems to use) to Signal bridge.
Really, after what he did to Pebble, people shouldn’t have been surprised that Migicovsky didn’t and doesn’t have a plan. You couldn’t trust his word on Pebble, and you couldn’t trust his word on this.
In November 2022, they flubbed my onboarding to Beeper by not telling me that the onboarding would be a recorded Zoom meeting until I was entering the Zoom meeting. I declined to join the meeting and followed up with questions about their privacy policy. Specifically, I referenced the previous sale of Pebble to a different company, and asked what guarantees there were about the privacy policy staying the same after a sale of the company. It’s often one of the first things changed due to “enshittification” when purchased by a larger company, that the “rules” of your relationship to the company change. I never received a response to my questions. I sort of figured the lack of response said as much as a response could have which was “Yeah we don’t have any guarantees” as proven by this sale. Like you pointed out, they’re merging Beeper with a closed source project, of which the outcome will likely be… another closed source project.
This is a mess and it makes me glad I never gave this charlatan a dime. Spinning up your own Matrix server and bridges was always a better idea, since Beeper was just other people doing that step for you anyway.
This is a mess and it makes me glad I never gave this charlatan a dime.
Thanks for sharing this. Makes me think that the words “open” and “privacy” are sometimes just buzz words used by people who are stuck in their old habits that conflict with the real meaning of those words.
Spinning up your own Matrix server and bridges was always a better idea, since Beeper was just other people doing that step for you anyway.
Exactly. And now that Slidge has landed in Debian repositories, XMPP and bridges gives more choice to people who want self hosting.
Yeah, Beeper is kind of in a strange place now. I get why they wanted to make their own app to make the bridging experience (especially setup) more seamless. But now with a fully custom closed-source app they are even further off the open path.
What I really want from Beeper is to be able to connect to their bridges from a non-beeper Matrix account with a non-Beeper client. I would happily pay them for the service of managing bridges. I don’t have much interest in having a Beeper-owned account in a custom Beeper client.
Well, I read on one of the articles that they moved to a custom app so the bridging could be done on your app, so the messages never get decrypted by Beepers servers.
But thats unverified gossip and cannot be verified so long as the repo isnt public
Yeah, they’ve been talking about that a lot but it isn’t clear if that will be an option or the only option. I wouldn’t be surprised if they only want to keep one method around in the long term though.
Personally I don’t want the bridges to run on my phone as I want the bridges to work even if my phone is off, out of batteries, not connected to the internet or fell into a volcano. Not to mention wasting battery replaying messages while I work on my computer. It isn’t even clear if these on-phone bridges are synced to other devices in the account which would be an absolute deal breaker for me.
Does EMS offer bridges? Looking at element.io/pricing I don’t see anything. I seem to recall them having a Slack bridge in the past but don’t remember them having a full suite.
Unfortunately even in this sub some of us need to talk to people who use privacy-unfriendly options.
So having bridges is a great way to slowly migrate to a private option. I can meet my friends where they are, stop running non-free software and then can slowly move my friends over.
The encryption can’t be end-to-end anyway. If you send messages between services with different encryption protocols, then you trust Beeper to decrypt your message mid-transit, to then re-encrypt it with the protocol of the recipient.
I have one of these, and while the switch tech is certainly neat, I haven’t really come up with many good ways to use it.
Their implementation doesn’t seem to support changing resistance or being sensitive to multiple levels of pressure on the key, but one way I do use it is by changing the activation distance for certain keys that I tend to press by mistake when gaming, like caps lock, so that you really need to bottom out the key to activate it. This seems to help a bit but I suspect that if I wanted to get the most out of it, I would probably need to be a much more intense gamer.
Wow nice!! Yes my issue seems to be touching a key next to where I should be hitting. So if I could even increase travel to register, I’m wondering if that would at least make my typing a bit better. Of course, there is no easy cure for dyslexic typing ;-)
It did change on thing for me: it made me drop support for Oculus in my game dev project.
I still own an Oculus DevKit 2. But after wildly succeeding with his Kickstarter, the founder has done nothing but jerk moves. First he silently dropped Linux support, then he funded a pro-Trump troll army on Reddit and finally he sold his entire VR company to Facebook/Meta, which then did its own jerk move by rendering everyone’s hardware useless if they didn’t sign up to Facebook/Meta. My Oculus account was forcefully obliterated just a week ago.
What a complete nosedive that was.
They had the nicer tech (Oculus uses infrared LEDs around the headset that are filmed by special cameras to track your orientation, i.e. it’s steady state – HTC Vive / Valve Index have light-sensing diodes on the headset itself and their lighthouses swipe light curtains horizontally and vertically through the room, with an annoying whining noise and all the wear & tear from constantly rotating parts), for a while, Meta even had John Carmack polishing the system.
I still hope VR will not completely die. Half Life: Alyx was fun, some archery, zombie shooting and climbing games were highly enjoyable and I could well imagine getting into sculpting / 3D modelling that way if only the tools were better.
But if, as the HTC exec in the article says, Meta has defined the “market perception of what this technology should cost” (and they’re producing at a loss, too), then Meta has walled off most of the VR market to Facebook boomers (sorry, Meta boomers) and is hogging the more robust tracking tech for itself, too.
techcrunch.com
Hot