I was sympathetic to this line of reasoning but I feel it's repeatedly shown to be self-defeating.
What chance have the proverbial good-guys got if, even after _proving_ some modicum of good will, people will nonetheless condescend any attempt to influence bad/wildcard actors? It feels great to tell someone they 'should've known better' but I'm convinced that that's basically void of cautionary utility.
This seems misleading inasmuch as your correspondents aren't all on the same mail servers.
Yes, correspondence between you and Build-A-Bear, and between you and your local terrorist cell, are unencrypted individually. But Build-A-Bear presumably doesn't know about your correspondence with the cell, and the latter presumably has some interest in not sharing organizational data access with the former.
I suppose you do have to trust that Proton isn't served a directive to snoop on your correspondence in transit with other providers. But that's still a much better position than leaving all of your historical data unencrypted at rest.
That relates more to the public rhetoric surrounding Graphene than with how the OS itself operates imo. It's pretty practical and enables (or allows you to enable) everything that a typical Android does, except where Google Play Integrity checks fail, which is not in Graphene's control (e.g Google Wallet payments).
People bill it as making a ton of usability compromises in the name of security, but that doesn't match my experience. The only redeeming observation is that your phone _does_ lean towards secure-er and ungoogled defaults, which _does_ break functionality that a lot of people expect to "just work" OOTB. But it's trivial to restore it, and the upfront effort getting things to work is amortized over the lifetime of the device. It's maybe an hour's worth of work.
The counterfactual world where users need to forumcrawl how to get to secure/private defaults seems worse to me. By contrast, it's pretty easy to recognize when an app isn't working.
I agree with your post, but I wanted to point out one thing:
> People bill it as making a ton of usability compromises in the name of security, but that doesn't match my experience.
When you are talking about something like GrapheneOS, most of the people who are talking about usability compromises aren't worth listening to since they are looking for something that is pretty much the exact opposite of what GrapheneOS is trying to provide. While there are likely some legitimate criticisms in the mix, the compromises required for "works by default, for everyone" are pretty much the opposite of what GrapheneOS is.
If it saves anyone else the effort: I went to doublecheck the claim that those articles cited the wrong page, and it seems you're correct on The Register, but archive.org's earliest copies of the other two articles don't seem to reference the impostor site. They refer instead to the GitHub.
So as to not mislead anyone who didn't read the article, the section following your quoted text is:
> Researchers from lower risk countries have been told they could lose access beginning in either September or December if at that point they have been at the lab more than 2 years or, under a waiver, 3 years.
In other words: they're also looking to bar foreign nationals outside of that quoted list, which to my mind is less understandable.
Complex Systems by Patrick McKenzie (patio11). Casual interview format with guests from myriad industries, who try to distill human/technical bits of respective systems. Often it's about tech/finance/govt, or relates to them.
I found it independently of his other work (e.g Bits About Money, or VaccinateCA), which is fitting. The amount of stuff I've read from that guy (including on hn) but did not attribute to a single person seems anomalously high for me. https://www.kalzumeus.com/greatest-hits/
That, and "The Optimal Amount of Fraud is Non-Zero", which is an idiom I paraphrase frequently by this point.
The discussion is probably better started from the question of "why should that data be centralized?" and "why should the government be able to purchase this data, and why are those reasons more compelling than the downsides?".
I have to guess that the folks clamoring to put computer vision "back in the bag" are somewhere on the margins, and resemble straw more than steel.
I have no horse in the short-form video race, but I recognize that it has material affects on the world (whether I'd like it or not). Scorn for the principle of an open platform here seems misplaced. It seems too young of a format with too few examples to confidently say it's irredeemable.
We don't have many examples of short form video feeds which are divorced from the the TikTok and Reels algorithm -- both of which are aggressively incented to "engage" a user in ways they may not have preferred in the retrospect.
Well that's why people are doing science to figure that out. Right now it looks like the format itself acutely affects short term memory. The video really is worth a watch.
HN is generally the place you come to to hate anything new in tech. No new piece of tech released in is ever liked here. Everyone nitpicks, strawmans, and complains that the v1 of the product is not perfect. It’s honestly so tiresome
It does have a network-level ad blocker. What it doesn't have is a blocker which modifies/injects Javascript into pages, which iiuc is the main reason that the blocker doesn't help with ads on YouTube much, or pages which employ similar techniques.
> They recommend against using Firefox.
To clarify: they recommend against Firefox Mobile because it didn't support site isolation until last month's v147 updates. I don't know if the goalpost has moved since, but in any case: there's nothing on Graphene that would prevent you from using Firefox.
Firefox 147 doesn't provide site sandboxing or even basic content sandboxing on Android. They enabled multi-process support by default but still don't provide any form of sandbox for the separate processes. They enabled the separation part of site isolation which is partially implemented for Firefox desktop and now mobile but do not have content sandboxing and partial site sandboxing as they do for the desktop browser. See https://bugzilla.mozilla.org/show_bug.cgi?id=1565196 for their still open issue with many other issues as dependencies for sandboxing.
The complete lack of content and site sandboxing on Firefox for Android is only one of the reasons we recommend against it. It has major security deficiencies beyond this and cannot benefit from many of the hardware and OS protections due to it. Vanadium is much more secure than standard Chromium while Firefox is much less secure than it, so there's quite a stark difference between them.
Recommending against using Firefox and F-Droid due to major security deficiencies doesn't in any way reduce user choice as the post above portrays it. Having a lot of accurate information provided by GrapheneOS enables our users to make more well informed decisions. We also do not specifically recommend the Play Store as the post says above but rather we provide nuanced information about the available choices. Specifically for obtaining apps from the Play Store which aren't available directly from the developers, we recommend using the sandboxed Play Store for users who using sandboxed Google Play in a profile for app compatibility already. Play Store itself has signature verification while Aurora Store only has TLS with a smaller set of trusted CAs by default similar to many Google apps. Aurora Store is sometimes needed to work around app's filtering who can install it so we do recommend it for that specific purpose. Aurora Store still logs into a Play Store account and making a throwaway account to use the Play Store app doesn't reduce privacy compared to using sandboxed Google Play without one.
What chance have the proverbial good-guys got if, even after _proving_ some modicum of good will, people will nonetheless condescend any attempt to influence bad/wildcard actors? It feels great to tell someone they 'should've known better' but I'm convinced that that's basically void of cautionary utility.
reply