mox

mox, 16 days ago

I hope they’re using this time to learn lessons from their Starfield flop and gather the talent and budget needed to improve upon Skyrim. A modern engine probably wouldn’t hurt.

However, my expectations are very low at this point.

mox, 16 days ago

I think it’s safe to assume they know that and would bear it in mind when choosing or building an engine. Their games are famous for modding, after all.

mox, 16 days ago (edited 16 days ago)

I’m not suggesting that a big budget alone is sufficient to make a good game.

However, enough budget to keep the team employed (note the many gaming industry layoffs lately) and appropriate budgeting (in terms of both money and time) affect things like code, art, and writing quality. It’s kind of important.

mox, 17 days ago

Their download page doesn’t make this clear: Molly is not on F-Droid.

Instead, the Molly project hosts an F-Droid-compatible repository, which you can configure your F-Droid client to use in addition to / instead of the F-Droid repository. If you do this, the downloaded software will come directly from the Molly developers, not from F-Droid.

Some people avoid this because it loses a layer of oversight. Others prefer it because it avoids a potential attack vector. You’ll have to decide for yourself whether it’s something you want to do.

mox, 17 days ago (edited 17 days ago)

The Xperia phones are often horrendously locked down

Not really, at least when compared to most other brands. I’ve had three or four different Xperia models, and unlocked the bootloader on every one of them using official Sony tools. They even have official open-source software archives, which are very helpful to people who build de-googled “ROMs”.

The one thing that has been especially locked down is the TA partition, which contains DRM keys used for Sony’s proprietary apps. It’s not needed for an open-source OS like LineageOS.

For this phone specifically, it looks like official LineageOS support is already underway, despite it being a fairly new model:

wiki.lineageos.org/devices/pdx234/

I would definitely recommend a Pixel device if you’re going to go De-Googling.

Pixels do have unusually good support for user-installed OS, but the irony here is that you can’t truly de-google them, because no OS will change the fact that Google controls the hardware and firmware.

mox, 17 days ago (edited 17 days ago)

In principle, one could probably do this to a rooted phone by removing all the Google apps, and all the Google services, and giving up the other apps and services that depend on them. It would be a nontrivial task, and the steps would likely be different for each phone model (and possibly each OS version). I don’t know of a project that does this successfully. You might try searching xdaforums.com for someone who has done it.

However, I wouldn’t depend on Google services staying disabled when Google still controls the OS.

IMHO, it’s safer and easier to replace the entire OS.

mox, 18 days ago

If the writing is bad, it’s okay to close the book.

If the acting is poor, it’s okay to leave the cinema.

If the gameplay is unsatisfying, it’s okay to quit.

Life is short. No sense in wasting it on entertainment that isn’t entertaining.

mox, 20 days ago

I thought 5 was quite good with the Brave New World expansion/rework.

mox, 21 days ago (edited 21 days ago)

There is no best, because none of them cover every use case or threat model. However, these are worth considering:

• Matrix, if you don’t mind minor meta-data leaks (reactions and avatars have not yet been moved to the encrypted channel, IIRC).
• XMPP with OMEMO, if all your contacts are technically skilled enough to manage the requisite clients, servers, and protocol extensions, or if they have a skilled admin to do it for them.
• Signal, if you don’t mind linking a phone number to your account, can tolerate an ecosystem effectively married to Google, and accept the risks of a centralized service that can be attacked or shut down by someone with the right access or influence.

In situations where your safety depends on anonymity from the powerful or well-connected, I would instead look for a messaging system tailored for such things. (It would, of course, require giving up some convenient features that most of us expect from a general-purpose chat platform.)

mox, 21 days ago

No, I would not say that.

I used XMPP in the past, but long-lived public server support is almost nonexistent these days, and proper setup/maintenance requires too much tech skill for the general public. Also, it lacks modern features that many people have come to expect. I would only suggest it for small groups, and only if you can run your own server and provide tech support.

For my needs, Matrix is the best available today. It covers the things that I find most important, and is constantly improving.

mox, 22 days ago

Neat. I just hope it can be disabled to save power.

mox, 22 days ago

Some markets that use signs also use a dot or two from a colored pen on the differently priced avocados (organic, large, etc.) to distinguish them at checkout.

mox, 22 days ago

A more charitable reading might detect irony in that comment. Their intent might not have been victim-blaming.

mox, 24 days ago

I see these tactics being used far more extensively by wealthy individuals and corporate interests than I do Chinese interests.

How can you so confidently distinguish one from the other?

mox, 24 days ago (edited 24 days ago)

In that situation, I would also:

• Only use it through a browser (with fingerprinting protection), never a Discord app.
• Dedicate a browser installation, or at least a user profile, to Discord.
• Only use it over a VPN connection dedicated to Discord, or Tor if it’s allowed.
• Have an alternative channel (maybe Matrix?) ready and waiting for contacts who might be willing to switch.

mox, 24 days ago (edited 24 days ago)

Anyone using a forwarding/alias service might also want to search the web for “disposable” email domain blacklists, and petition the maintainers to remove the service you use from their lists.

These lists are often adopted by web developers, leading to many web sites rejecting forwarding addresses, or sometimes even accepting the addresses and then silently dropping messages while claiming to have sent them. As these lists become more common and widely used, forwarding services are becoming useless on more and more sites.

mox, 24 days ago

You can, but that doesn’t solve the privacy problem, since all the aliases on your custom domain correlate to the same person (or small group of people) and can therefore be used for tracking.

mox, 25 days ago

Gamers Nexus video documenting ASUS ROG Ally warranty service:

www.youtube.com/watch?v=7pMrssIrKcY

Spoiler: It’s beyond bad.

mox, 25 days ago

Related Gamers Nexus video documenting the ROG Ally RMA experience: www.youtube.com/watch?v=7pMrssIrKcY

mox, 26 days ago

Related: I think FedNow (USA) might enable transfers between individuals once the tools and user-facing services are developed. It’s very new.

It’s worth noting that any way to electronically move money is unlikely to stay both private and convenient for long after getting popular, because governments generally don’t like that.

mox, 26 days ago (edited 26 days ago)

GNU Taler looks interesting, but is it usable today?

It’s apparently designed around exchanges, and I don’t see any exchanges mentioned on the site. Do any actually exist?

The FAQ mentions depending on wire transfers, which have famously high fees that would have to be passed on to users somehow. Aggregating payments into delayed settlement transfers could mitigate that cost between high-volume organizations, but it won’t help people who just need send money to each other. (Meanwhile, ACH transfers are practically free, but I don’t know if they fit Taler’s design or plans.) Does Taler have a plan to solve this?

mox, 26 days ago

When I last looked it over (maybe a year or so ago) these problems stood out:

• Immature code base.
• Custom onion network that seemed unlikely ever to have enough users to be very effective against attacks.
• Small limit on chat group size. (I think they have raised it from 10 to 100 more recently.)
• Small limit on media attachment size.
• Desktop support appeared to be an Electron app. (I avoid those because they’re incredibly wasteful of resources, and often suffer from Electron’s many bugs.)

Its design showed some neat ideas, but it was not practical for my needs.

Also, I have read more recently that Session removed forward secrecy, which rather undermines its value proposition.

mox, 26 days ago

en.wikipedia.org/wiki/Forward_secrecy

mox, 26 days ago

Delta Chat

It’s an email front-end with opportunistic PGP, including all the drawbacks thereof.

Not really comparable to a modern e2ee instant messenger.

mox, 28 days ago

It did not come with the remote or any other accessories besides the TV, so if there is any way to pair an iPhone/Pixel as a remote that would also be good.

Infrared remote control sequences are often shared by multiple models, sometimes even across multiple brands. If you can’t find an exact replacement on ebay, it might be worth trying a remote from a different model released within a few years of this one.

Also, remote codes are often captured for various TVs and preserved as config data for use with projects like LIRC. Someone out there might have the data for this model. Some universal remote controls will even have the codes for popular TV brands pre-programmed into them.

mox, 28 days ago

Hence my comment about ebay.

mox, 29 days ago (edited 29 days ago)

The only privacy-friendly CAPTCHA is a self-hosted one.

The only user-friendly kind is none at all.

Depending on the web site, an alternative bot-filtering strategy might make sense, such as:

• Allowing signup without a CAPTCHA, but requiring one before the first post/upload is allowed.
• Allowing signup without a CAPTCHA, but deleting accounts that behave like bots.
• Allowing signup without a CAPTCHA, but deleting accounts that don’t purchase something.
• Allowing login without a CAPTCHA, but restricting retry rates and/or temporarily locking accounts after 10+ failures.

mox, 29 days ago

I would argue that’s not a CAPTCHA at all, since it’s not a Turing test, but rather a browser inspection.

In any case, Cloudflare services like these are not remotely privacy-friendly.

mox, 29 days ago

Unless something has recently changed in the standards, there is no such thing as a default cookie lifetime. If a web site creates a cookie without defining the expiration time, it is to be kept until the end of the session (i.e. when the user closes the browser).

Note that browser extensions exist that can delete cookies early under certain conditions, such as when they are from a tab that hasn’t been used for an extended period of time.

mox, 29 days ago

I saw the picture and hoped they had finally added some depth, or at least some interesting interactions, to romantic relationships (once they’re established).

Then I saw the headline. Oh well. It’s still a fun game.

mox, 1 month ago

I wonder if this could open the door to cost-effective desalination, carbon capture, and similar projects.

mox, 1 month ago

There’s plenty of room for optimization in recent games, meaning that new games can be made to run on the hardware we already own for years to come.

There is (still) a unusually high profit margin in key products like graphics cards, meaning that a price increase on some of the input components can most likely be absorbed with little-to-no change in product MSRP.

PC gaming can survive this just fine, certainly long enough for manufacturing in non-tariff countries to catch up.

mox, 1 month ago (edited 1 month ago)

Lots of VoIP services offer plans (usually pay-per-minute) so cheap that you might not need a “park” feature. A few reputable ones that serve North America: Callcentric, VoIP.ms, Anveo.

EDIT:

The cost to keep your number on such a service can be less than 1 USD per month, with all-electronic billing that allows you to pay from anywhere that has internet. With that price and convenience, many people find parking/pausing unnecessary.

If having to regularly pay any amount is the problem, note that prepaid accounts let you leave a balance in your account and not be bothered to take any action until it runs out.

When looking for pricing info, bear in mind that a phone number is commonly called a DID (America) or DDI (Europe).

mox, 1 month ago

FYI, you can port your number to another provider. No need to stay with Google just for that.

mox, 1 month ago (edited 1 month ago)

The main issue here seems to be that no other provider, voip or otherwise, allows to pause the invoicing.

The comment you just replied to was a response to someone else, presumably in a situation different to yours.

Regarding number parking / invoice pausing, please see my other comment. I have updated it with more info.

mox, 1 month ago

In particular, it refers to PageRank, the algorithm that set Google apart from its predecessors and upon which it was originally built.

mox, 1 month ago

On the other hand, a person who would root a game console or TV is also likely to be the sort of person who would opt out of smart TV updates.

mox, 1 month ago (edited 1 month ago)

I’m just pointing out some specifics of the prerequisites,

Yes, that’s fair.

which the article did a pretty bad job of highlighting imo, and how this is not the miraculous solution it’s somewhat touted to be.

It would also be fair to acknowledge that hackaday is not touting miracles, but simply knows their audience. One would have to be very new to hardware hacks like this to be unaware that preconditions almost always exist. Older firmware is one of the most common preconditions.

mox, 1 month ago (edited 1 month ago)

nitter.poast.org/pic/orig/…/GNwD7RMXQAAuSJ_.jpg

nitter.poast.org/pic/orig/…/GNwD7T6WoAA2XIx.jpg

nitter.poast.org/pic/orig/…/GNwD7T2WsAA2i_i.jpg

nitter.poast.org/pic/orig/…/GNwD7UCXgAAPMTc.jpg

nitter.poast.org/…/media%2FGOMWk33W0AEtLfM.jpg

video.twimg.com/…/34qrFDckEZ72hGTb.mp4?tag=12

mox, 1 month ago

Why is anything from Fox News allowed here?

mox, 1 month ago

Indeed. I clicked reply before your edit. Here is the key part of the quote you selected:

FOSS is an inclusive umbrella term for free software and open-source software.

That means Free software qualifies and FOSS, and Open-Source software qualifies as FOSS. It’s a broader category, not a narrower one.

mox, 1 month ago (edited 1 month ago)

I’ve been thinking of OSS and source available as interchangeable.

Nope; they are distinct terms. Source-available is just a general way of saying that the source code can be (legally) acquired. It doesn’t meet the standards of open-source software (OSS) or Free Software, both of which guarantee certain rights and freedoms, such as permission to make and redistribute changes to the source code.

opensource.org/osd

www.gnu.org/philosophy/free-sw.en.html#fs-definit…

It’s understandable that it might be confusing, though, since some people use the terms casually without understanding that they have specific meanings, and since both phrases use English words that could be interpreted to mean something else. (For example, “free software” doesn’t mean software whose price is zero, and “open-source software” doesn’t mean software whose source code is published in the open.)

Edit to add: Like many English words, the context in which they are used affects their meaning. The field of software is such a context.

But now it kind of seems to me that free software is interchangeable with open source software. Is it just a matter of branding?

The two overlap, but are not exactly the same. The umbrella term FOSS evolved to encompass both, because there is so much overlap between them that having such a term is often useful.

mox, 1 month ago

Inclusive umbrella term. It means the software has to be both free and open source.

You are mistaken, but I won’t argue about it.

mox, 1 month ago

The Free Software Foundation can make whatever definitions they want, but they don’t supersede regular English.

www.merriam-webster.com/dictionary/term of art