• 7 Posts
  • 906 Comments
Joined 1 year ago
cake
Cake day: November 8th, 2023

help-circle





  • Maybe you can convince a few people that two contradictory things are true at the same time by spamming enough text, but you’re just obfuscating the truth.

    It’s pretty simple.

    Mastodon servers should honor privacy settings, they do honor privacy settings, and Pixelfed got caught with its pants down not honoring them.

    And then, instead of fixing the problem in a way that even Mastodon has managed to do, they kinda bungled it. And it’s okay for you to admit that.







  • Search that specification for “private.” You’ll find precisely one reference to it…

    It might be better to look for what the article mentions: “manuallyApprovesFollowers”, and it is explicit about what to do when that value is set to true. I don’t understand how you’re confused by it.

    Mastodon, in general, is regarded as careless with safety.

    Regardless, two wrongs don’t make a right, and I found the description of how to properly handle a security issue as discussed in the article to be appropriate. For example, collaborating with administrators of large instances.

    The “security issue” is created on Mastodon’s side

    Are we reading the same article? I realize this isn’t the first time you implied this, but I thought I must have been mistaken.

    From the original post: “Importantly, your Mastodon or GoToSocial instance isn’t handing your private posts to any random server, just because it asks.”

    Mastodon is behaving. Pixelfed was not. Pixelfed fixed the security issue because it was their issue…


  • I looked at your comment before reading this article, and you make several bold statements that the article dispels

    A fork of Mastodon created a new abstraction for “private posts”

    The author of the article links to the official specification which was made for ActivityPub. This does not appear to simply be “some fork of Mastodon”, but if it is, please provide a citation.

    they’re trying to blame Pixelfed for not adopting their homemade standard

    See previous comment

    It’s fixed in 1.12.5

    The article also goes into great lengths about how the security update was handled poorly, with inappropriate communication along the way. It contrasts this with a correct update.




  • LWD@lemm.eetoPrivacy@lemmy.worldHow private is the Pebble?
    link
    fedilink
    English
    arrow-up
    1
    ·
    12 days ago

    Pebble was from a time when enshittifiaction wasn’t as terrible as it is today, and died (post acquisition) before it could really be implemented in its products. Eric Migicovsky is an odd duck in that regard. Between this and Beeper, privacy has always been “not great, not malicious (yet)”, and before enshittifiaction could set in under his watch, the company gets bought out by a bigger one with a truly lousy CEO.

    Under his watch. Heh.

    Pebble was possibly one of the last great tech innovations before AI, in its desperate attempt to sell our stolen data back to us in a thoroughly butchered format. Which means it pains me to read

    Upgrades to the hardware will include a speaker alongside the microphone, which Migicovsky teases will be used for talking with AI assistants (ChatGPT being one example).

    Personal home labs might be able to go much further with this, I hope.

    Considering how popular this product originally was with hackers and open source enthusiasts, I really hope the hardware has as much longevity as its predecessor. And considering that was closed source and got so much mileage, I have the feeling that this will be better simply by how open-source works.



  • Back when Samsung saw Android as a legitimate threat to their business model, and they made alternate apps to every Google offering, I think they did have a better ecosystem. I think that has waned in recent years, though.

    And I say that as someone who loved Samsung phones at least until 2020, when they gave up on the SD card and started giving up on camera quality. I still think they make the best devices out of the box (between screen and camera output, and not overheating) but they’ve been lazy at the top




  • LWD@lemm.eetoPrivacy@lemmy.worldmacOS + iOS browser recommendations?
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    18 days ago

    Kagi doesn’t just add optional AI features, they are an AI-first company that wants to turn search into an AI agent. They wrote a manifesto about it.

    Maybe manifestos aren’t worth much anymore, what’s with Mozilla abandoning theirs, but I tend to believe a company when they tell me what they are.


  • The nice thing about Fennec is you don’t have to accept a Mozilla license to use it, and those Mozilla services are (AFAIK) disabled by default. In fact, when I look at their settings menu, there is no “data collection” section to speak of.

    The not-so-nice thing about Fennec is a little while back, it just didn’t receive any updates. For something like a month.

    Just about every browser that’s based on Firefox is going to be slower to update than mainline Firefox, with perhaps the exception of Tor and Mullvad because they work hand in hand.