A useful video would be a bunch of people beating on stuff (off-screen or in an extended cut) to figure out what’s actually easy and reliable for beginners, then presenting that information. It would get approximately 237 views, which is roughly a million fewer than the linked video has at this time.

What succeeds on Youtube is entertainment first and information a distant second. A video where everyone sat down in a quiet environment with no pressure, installed a reasonable Linux distribution, and had a smooth experience wouldn’t be very entertaining.

I used Jetpac last time I needed an esim for travel. I did not install their app, but activated the esim manually with the facilities built in to the OS.

Well-behaved server software honors delete requests, but there are a bunch of ways for that to fail without anyone doing anything malicious:

• If your instance shuts down, there is no way for you to generate delete requests
• If a server admin has to restore a backup from before your request, the deleted data will be restored
• Immature or experimental software may not work as designed; Lemmy itself has a version number starting with 0
• Archiving services may keep snapshots of pages from fediverse servers; here’s your user page on lemmy.world on archive.org
• Fediverse servers often make content available by RSS, and RSS clients may store that content; there’s no way for them to receive a signal that it should be deleted

And then there’s malicious activity. It wouldn’t be hard to run a server that speaks ActivityPub, subscribes to a bunch of stuff, pretends to honor delete requests, and actually keeps everything.

Deletion will always be unreliable on the fediverse as long as it runs on technology that looks anything like current implementations.

Some years ago, I made a thing that could determine whether two different player characters in an online game with global chat were likely to be the same person by using a classification algorithm on their public chat. The popular text classification algorithms at the time didn’t work very well for that use case, but I came up with one that did. It was fun and useful that my internet friends and I could know who we were dealing with when they thought they were being sneaky.

I read that DARPA was offering grants for exactly that kind of work, and thought up several ideas for commercializing the technology. Then I did exactly none of that because privacy is good and accelerating the availability of de-anonymization technology is bad.

I must also point out that he did not work at Reddit between 2009 and 2015.

I’m not going to try to talk you out of hating spez, but maybe try hating him for something he actually did.

It was created by Violentacrez, not spez.

Prior to late 2012, it was possible to make someone a moderator of a subreddit without their consent, which was sometimes done as a joke or harassment. That’s why spez was briefly a moderator of r/jailbait.

I haven’t found anything I want to install on my iPhone that I can’t. At one point it was emulators

So you have found something you wanted to install on your iPhone that you couldn’t, but Apple has decided to allow it for now. I think it’s pretty obvious how this is a problem.

Of course you’re not going to find apps that exist that you can’t install because Apple says so. People won’t bother making them if they can only be distributed to the tiny handful of users with jailbroken devices. Of course it comes up on occasion when Apple withdraws permission, with ICEBlock being the recent socially important case.

Way I see it, my iPhone is a pocket version of my Mac.

The thing is, you can install software from whatever source you like on your Mac. That’s not true of your iPhone - even in the EU and Japan where they’ve been forced to open up a little, apps can only be installed with Apple’s permission.

Macs were completely open in that regard until recently. You could install apps from wherever you want. Now, Mac apps have to be notarized by Apple or installing them requires use of the command line. That’s obnoxious, but the user still has the final say, unlike the iPhone.

(“Linux” here as in “GNU/Linux”, as opposed to “the Linux kernel”, which Android phones also use.)

I feel compelled to point out that PostmarketOS, one of the popular Linux phone options is not, in fact GNU. It’s based on musl and BusyBox, not glibc and GNU utils.

• Google has announced that a workflow for advanced users to install whatever they want will remain, but hasn’t published details. Many people don’t entirely trust them about this.
• Third-party Android builds like LineageOS won’t be affected. These need a device with an unlockable bootloader. They can run any Android app that doesn’t intentionally sabotage them (some banking apps do this).
• Linux distributions for phones exist, and can run Android apps via Waydroid. This provides the most freedom for the user, but the highest effort. This is mainly suited for Linux hobbyists right now.

Wafrn might be worth a look. I’ve been meaning to try it myself.

There is a risk Google could tamper with the app for specific users if they’re installing it from Google Play. I think it’s likely security researchers would discover that if it was widespread, but there’s a chance Google could do it undetected if they targeted it selectively enough.

People who are concerned about this can download the APK directly from Signal and check its signature before installation.

Signal uses reproducible builds for its Android client, and I think for desktop as well. That means it’s possible to verify that a particular Signal package is built from the open source Signal codebase. I don’t have to trust Signal because I can check or build it myself.

If I don’t have extreme security needs, I don’t even have to check. Signal has a high enough profile that I can be confident other people have checked, likely many other people who are more skilled at auditing cryptographic code than I am.

Trusting the server isn’t necessary because the encryption is applied by the sender’s client and removed by the recipient’s client.

• Reasonable: prevent downgrades when the bootloader is locked
• Sketchy: prevent downgrades when the bootloader is unlocked
• Unhinged: hard-brick the device when a downgrade is attempted

A different Wallet/Pay implementation is a possible outcome, but I’m thinking of a bigger picture where Android phones are more like PCs: no non-unlockable bootloaders, no remote attestation anywhere, barriers to root detection at the OS level, third-party ROMs encouraged.

The early days of Android were like that. I wonder if things had developed along that path, would we have a paradise for power users? A security nightmare for mainstream users? Both? Neither?

I wonder what an alternate history where Google chose not to become evil would look like.

What if they had looked at Microsoft’s Palladium proposal and thought, as pretty much everyone outside institutional IT departments did that locked devices with remote attestation was a nightmare scenario best forgotten, refused to build it, and made an effort to prevent anyone else from doing so on top of Android? Safetynet didn’t appear until 5-6 years after Android launched to the public. What if it never did? Android already had enough momentum by that point I don’t think the financial sector could refuse to be on it no matter what risk management said.

Samsung, Huawei, Microsoft, and LG tried similar ideas and none got much traction.

I’m not sure it’s actually a good idea even now that phones have enough CPU and RAM for an adequate desktop experience. It’s certainly not a good idea running Android as we know it, where apps are data silos and have UIs that don’t cleanly transition from the palmtop experience to the desktop experience.

You can do that today with a Linux tablet and Waydroid. It’s more like running the Android apps in a VM than something really well integrated with the Linux environment, but perfect is the enemy of good.

I got my first tablet this year after a long time as a skeptic. It runs Arch, BTW.

Most of the time it has a keyboard attached and I use it like a laptop, but it’s nice to be able to watch movies on flights during taxi, takeoff, and landing because tablets and phones are allowed, not laptops.

Gnome is really nice on a touchscreen aside from the terrible onscreen keyboard. KDE is a little rougher, but its onscreen keyboard is decent.

I remember making a note to look into it several times, and thinking I should buy one (exactly one) when it was about $600. If I had, I imagine I would have sold at 10x rather than holding until 100x or its peak at 200x.

I actually did think it or a successor would become important as a consumer payment method. I was wrong there.