How about some Yubikeys or smart cards instead of something that requires me to scan my retina and share it with Sam Altman

I really want to like Nix. The idea of declaratively defining my entire system sounds great. I can manage it with Git and even have multiple machines all look the same. I can define my partititioning once and magically get a btrfs disk working. Wow!

But I find the language confusing no matter how many times people say it’s easy. I have a lot of experience with other programming languages so maybe it just doesn’t mesh. It also gives terrible error messages that are hard for me to understand. And Nixpkgs is unpredictable for what version I’m going to get. One of the services I installed ended up being a release candidate version which was a surprise. What if I don’t want the latest version of Docker? How do I pin it? Do I have to duplicate part of Nixpkgs? It just feels like a monorepo where everybody has to be on the same versions. Why on earth do the Nix language docs start by introducing math expressions instead of here is a simple self contained thing that installs one program. Here’s how you configure it. Here’s how you expand. Why does the dependency graph seem to pull in so many unnecessary dependencies? For example, I tried to build a minimal Docker image (which Nix looks to be a very good fit for), but I couldn’t figure out how to strip out dependencies that likely were only used during build for a dependency.

I still like the idea and have managed to get my server defined entirely with NixOS which is very cool, but I can’t recommend this to my tech friends because if I’m confused they will be more so.

Here’s a good reason why you should run an ad blocker. Block the Google Analytics script from loading entirely.

Google Analytics gives you insights on what pages people visit, how long they spend, what kind of browsers and devices they use. That can give them data on what pages are important to customers and what screen sizes to support

I’d rather they self host this data vs use Google Analytics, but there are benefits.

These pictures remind me of YouTube thumbnails with fhe style of over emphasized visuals and it makes me wonder if people got accustomed to that style and that makes it easier to pass the BS test.

ICANN specifically set aside all two character TLDs to be for country specific codes. There’s only a few cases where they kept ex countries TLDs around and phased them out over several years. It would be an entirely new precedent if they did keep it. So I wouldn’t depend on it

They could and clearly they should have done that but hindsight is 20/20. Software is complex and there’s a lot of places that invalid data could come in.

For those who aren’t aware. This is talking about when cell phones roam into other networks, they now encrypt the traffic back to the home provider which means law enforcement struggle to tap it (legally or illegally).

PET is privacy enhancing technologies

That would be illegal. I worked on the software deployment of these devices in a store. If we increased the price, we’d automatically give the customer the lowest price in the last several hours.

The other problem was they were extremely low powered and low bandwidth and it would have killed the battery to update more than a few times a day.

It’s true that Mozilla does collect telemetry and that Mozilla Corp is for profit, however Mozilla Corp is owned by Mozilla Foundation. That ownership structure is either a way to get around limitations on non profits, or its an opportunity for the Foundation to directly influence the Corp to be better.

However, I’ll still use Firefox/Thunderbird because: Usage stats such as number of accounts or filters is in no way comparable to my username and password. One is basic metadata and stats, the other is a massive risk. You can opt out of the telemetry, the only way to opt out of sharing your password is to not use the new Outlook.

I take a more pragmatic approach to privacy based on my trust. I understand the value of telemetry, but change it depending on the company. Big Tech I have less trust in, Mozilla, while they have issues, are on average far better for privacy vs big tech.

As a developer, I understand the value of telemetry and the risks that come with collecting any data. I pick Firefox because it challenges the homogeney of Google’s influence and it looks like I’m going to pick Thunderbird because I’ haven’t seen a better option.

That’s not because you have a wildcard. That’s because you need to implement DKIM, DMARC, and SPF records to prevent others from using your domain name to send mail.

MTAs use those standards to verify if somebody is permitted to send email for your domain. If you don’t have those set then you can get what that ISP described.

Attestation depends on a few things:

1. The website has to choose to trust a given attestation provider. If Open Source Browser Attestation Provider X is known for freely handing out attestations then websites will just ignore them
2. The browser’s self-attestation. This is tricky part to implement. I haven’t looked at the WEI spec to see how this works, but ultimately it depends on code running on your machine identifying when it’s been modified. In theory, you can modify the browser however you want, but it’s likely that this code will be thoroughly obfuscated and regularly changing to make it hard to reverse engineer. In addition, there are CPU level systems like Intel SGX that provide secure enclaves to run code and a remote entity can verify that the code that ran in SGX was the same code that the remote entity intended to run.

If you’re on iOS or Android, there’s already strong OS level protections that a browser attestation can plugin to (like SafetyNet.)