They may block IP addresses associated with consumer ISPs. Assuming that’s the case, I would guess you’re seeing that as an HSTS/TLS error because their network is trying to trick your browser into redirecting to/displaying an error page hosted by some part of their network.
[edit: To be clear, I assume the part that OP is not sure if it’s satire or not is “or switching to a more privacy-conscious browser such as Google Chrome.”] The emphasis in
Firefox is worse than Chrome
is in the original. To me that clearly implies that they are of the opinion that in general Google & Chrome are worse on privacy than Mozilla & Firefox. The comment at the end is just tongue in cheek snark alluding to the fact that in this particular case google did better for privacy in Chrome than Mozilla in Firefox.
or switching to a more privacy-conscious browser such as Google Chrome.
Definitely satire, the context from earlier:
- Firefox is worse than Chrome in their implementation of ad snitching, because Chrome enables it only after user consent.
I am still interested to know the details of how they came to this decision. Why Signal instead of Matrix.
AFAIK, signal doesn’t federate, There is no “signal server-to-server” protocol. When people say “The Signal Protocol”, they are talking about a cryptographic protocol, not a network protocol.
As for why they wouldn’t use Matrix, I would assume it’s just too heavy of a protocol for the scale they operate at. IIRC, Matrix isn’t just a chat protocol. It’s a multi-peer cryptographic state synchronization protocol. Chat is (was?) just the first “easy” application they were going to apply it to. (Now I’m curious if they still have plans for that at some point.) They’ve been making great strides in improving the efficiency, at least in the client-server API (I haven’t been paying attention to the server-server API at all), but it’s still going to be a heck of a lot more compute heavy than whatever custom API they’re providing.
IMO, the best free option is https://freedns.afraid.org/. The biggest downside of that one is that you have to login a couple times a year (IIRC?) to keep it active. I actually still use this even though I have a paid domain, I just CNAME my real domains to the afraid dynamic name. That was easier than changing the config every time I become unhappy with my domain registrar and have to reconfigure everything after swapping.
I’ll start off with a proviso, I haven’t s much touched my Librem 5 in at least a year (maybe even 2?), so if they’ve had some massive turn around in that time I don’t know about it. All of this post is just what I think I remember, if you want actual facts go dig around in the wayback machine or something.
The promise of the L5 was super grandiose. They were going to create this mobile device that could completely replace your android device. It was going to launch with a custom matrix client that would let you make voice and video calls, which no other matrix client at the time could do. It was gonna be great and it was going to be delivered in a year.
Now clearly that was never going to go off without a hitch. I don’t blame them for being late nor for not delivering all their promises right at launch. But when things started getting delayed they seemed to be doing everything in their power to not communicate with backers. And anytime they would say something, they would say “well we didn’t hit that deadline, but we promise we’re totally super duper close now”. And then they’d blow through that deadline without a word too.
I did eventually get my phone, obviously, but it wasn’t anything like a usable device. The battery that it came with was smaller than advertised and it didn’t have any power management so you got a few hours of battery life. The cameras just didn’t exist as far as the software was concerned. The privacy switches would randomly kill power to the modem when you lightly brushed against them without the switch moving out of the ‘on’ position. Which was super annoying since you had to reboot the phone any time you wanted to turn the modem back on. And rebooting took ages.
Even at this point I was still rooting for them to succeed. I really want a proper Linux phone and have since 2008.
But ever since then, I really haven’t seen much of anything change with the software, at least for as long as I was paying attention to it. One of the cameras got support added by a community member at some point, but the pictures it was taking were so bad it looked like some 1999 digital camera taking pictures in a dimly lit room even in full sunlight. There was no way to know if an application in their store was going to work or not, most didn’t, mostly because they were meant for a larger screen & a mouse.
I pulled it out a few times on and off over the years, but the last time I did, I couldn’t even figure out how to get it to update. So, I haven’t really even touched it since then. (I’ve got it out connected to power to see what it’s like now. Though, I’m not sure it’s charging, is flashing green (with an occasional flicker of red) a good thing?)
Since receiving it, the only communication I’ve gotten from Purism has been “Investment Opportunities”. I’m not sure why I’d invest in a company that still hasn’t delivered what it promised me over 5 years ago.
I absolutely want them to succeed, and I hope they prove my pessimism wrong, but at this point I absolutely would not put my money on that happening.
As the owner of a Birch batch Librem 5 and former defender I’m sad to say, agreed.
You’re not mistaken, it is definitely possible with at least RSA, though, I would guess it may not always be possible. It also sounds like it’s still a bad idea unless you know all of the parameters used to generate the keys and can be sure what information is actually encoded in the keys.
That doesn’t mean the issue wasn’t/won’t be escalated. It might even mean it’s more likely since someone bothered to make a response macro for it, they presumably got more than one or two emails about it. So it’s probably more likely to make it on a “list of issues we saw this week/sprint/month/quarter”.
Less commercial interest means only hobby level development
Podman is developed by RedHat: https://github.com/containers/podman/graphs/contributors
As others have said, it’s quite good on privacy. For the truly paranoid, IIRC you can even self-host the sync server.
From the security perspective of privacy, do make sure to use a good password for the Mozilla account, the account password is also the encryption key for the E2E encryption.
The day Firefox shutters its doors is the day the internet truly dies.
*the web
The internet has so far been doing a much better job surviving as a proper decentralized system than the web.
It supports them already, there just aren’t any provided by default. They’re called Bookmark Keywords: https://github.com/jameshealyio/bang-bookmarks
I’d suggest not importing all of them from that list though, there’s a crap load, just pick the ones you want and put them in manually.
Assuming you meant de-federate, there are a few listed on https://fedipact.online/ that seem to be lemmy instances.
Unfortunately, no. Samba needs a different label. Doing that relabels things so that only containers (and anything unrestriced) can access those files.
IMO, yes. Docker (or at least OCI containers) aren’t going anywhere. Though one big warning to start with, as a sysadmin, you’re going to be absolutely aghast at the security practices that most docker tutorials suggest. Just know that it’s really not that hard to do things right (for the most part[1]).
I personally suggest using rootless podman with docker-compose via the podman-system-service.
Podman re-implements the docker cli using the system namespacing (etc.) features directly instead of through a daemon that runs as root. (You can run the docker daemon rootless, but it clearly wasn’t designed for it and it just creates way more headaches.) The Podman System Service re-implements the docker daemon’s UDS API which allows real Docker Compose to run without the docker-daemon.
If anyone can tell me how to set SELinux labels such that both a container and a samba server can have access, I could fix my last remaining major headache. ↩︎
The light is visible, the flashing isn’t.
The top white rectangle is a multi-color LED (presumably RGB). Can’t make out what’s in the bottom, but I wouldn’t be surprised if it was some form of light sensor for (literally) flashing new information onto the tag.
You can only do that with Firefox Developer, can’t you? And IIRC, they self uninstall after a week or something, don’t they?
I’ve just said “I don’t have one” when asked this for awhile. This never seems the phase the cashiers, I’m guessing they know what that really means. Half the time I still get whatever discount, though I’ve never tried to sign up for a membership saying that.
If it’s an online form my phone number is just (local area code)555–5555. I’ve never had that not take, except for one case where it automatically enabled 2-factor auth and I had to create a new account.