technically, unity is not gnome. It’s based on gnome, but it’s a different DE.

Industry and industrial aren’t the same. The animal industry includes local farms, since they are part of the sector/industry. Industrial farms/factories are a subsector of the industry, the ones that are the actual cancer on society.

Anniversary of tiannmen square I suppose, talking in to account that the latest complaint posts were about people that were banned for sharing link about it.

It’s not really about the hardware, is it? The option you mentioned won’t enable an alternative app store, it won’t enable access to android app emulators (which would be a huge boom in the open source app offering). The level of trust iPhone users give to appeal is wildly higher that what android users that tweak their phones give the manufacturers. It is what it is, but don’t delude yourself in thinking that it’s about what they do in the kernel level, it’s about the fact that they store tons of sensitive data in their american servers and that they have an obligation to share that data with the country, and as someone from Europe that doesn’t sit well with me.

Apple issue then, quite the anti feature. In any case, I hope the IT team learns from it and they create a company ID or several company IDs so this doesn’t happen again haha.

100% agree, just take into account that most people you encounter on lemmy, specially on posts about security, are in that 1% that tweak stuff and if you throw blanked statements they will think you are talking to them specifically.

Oh, I assumed that you would be forced to type your password or have enough rights to install stuff in a computer, be it in person or remotely, so I assumed that whatever 3rd party program they used required to have enough access, and that apple would use the apple id as a master password, given that it’s what is being used to lock down the device itself.

Well, yet another issue with apple lol, why add a ownership id if it’s not even what gives root access. Lmao.

The issue here is that while baseline apple is more secure than baseline android, a user with knowledge or a guide can improve the android security by a lot, whereas the apple baseline is also the ceiling. There’s stuff you can do with iPhones but if you don’t trust apple, you are kind of fucked.

Android people that mention security won’t be using a stock phone from the store, they will have disabled stuff, enables alternative stuff, or even installed a completely new android based OS, and this can’t be done with iPhone or iOS.

I’m with you that you should be able to log out remotely, but this is more of a failure in the IT department. You should have been given a PC with the apple ID already introduced, with your company mail and some password. How would they even access your PC remotely for security udpwtes if they didn’t have access to your appeal id? Right, they didn’t. So they gave a computer they didn’t have remote access to, not properly configured, and then forced you to either move or give private information.

It’s more about the fact that they didn’t have a webpage in their apple account where they could remotely log out, and the IT department had the physical computer so they had to either move to the department or give the department their personal password, which is bogus. Being able to remotely log out of the computer doesn’t seem to be that big of an ask.

I get thay the computer should remain locked if there’s no internet, but once the computer gain connectivity it should unlock if it was logged out in the user page.

Ifnyou have the money and the mono slots, buy another hard drive and install Linux there. Then, boot that drive without touching anything from the other ones. You can even load them up and use those files no problem.

I do the daily ffxiv dungeon rouletes since it’s an excuse to do old content without feeling like you lost time, but not everyday and not all of them.

They are not there to keep players engaged tbh, they are there so that people that wants to do that content can find people to do it with.

That stalker had to have access to your google account to do so, you are utterly fucked if that’s the case by that point. Like, why would they need to install a tracking app, when the google findmyphone feature just gives them the info. Anything that the phone stores that isn’t recorded by google pales in comparison to what they have access to with your account.

That’s like saying that you are saving money by buying a kilo of salt that lasts a year, 50 cents cheaper. Yeah you technically saved money but it’s so irrelevant in the grand scheme of things that you shouldn’t even consider it.

The fact that you need consent to get this data would make a randomized approach impossible.

I wasn’t talking about situations with compromised accounts, I was talking about legitimate accounts that were created in a typical way being converted to a zero knowledge encryption method, I was aknowledging that it’s hard doing that conversion when a user might have several clients logged on (2 phones, 6 computers…).

My point was that if they have not put any motivation in the transition, they never will because the bigger the userbase, the harder for them to manage the transition. Also, I find that sad because they should have invested more effort in that instead of all the features we are getting, but whatever.

If you found the technical terms confusing, public/private keys are some sort of asymmetric “passwords” used in cryptography that secure messages, and shared keys would be symmetrical passwords. The theory between key exchanges and all around those protocols are taught in introductory courses to cryptography in bachelors and masters, and I’m sorry to say that I don’t have the energy to explain more but feel free to read about the terms if you feel like it.

If you however found it confusing because I write like crap, I’m sorry for potentially offending you with the above paragraph and I’ll blame my phone keyboard about it :)

Tegram stores all the conversation in their servers, since you don’t need to be connected in the phone or have the phone witchednon if you want to chat in the pc, or in another phone. This means that the authority is the server. WhatsApp it’s not like that, if you delete a shared photo after a while it will be cached out and you will lost access to it, meaning that they don’t store that stuff. The same thing happens with WhatsApp desktop or web, they stay in an infinite loading icon until you twitch on the phone or sometimes even unlock it.

This means that whatever telegram develops must not only keep the group chat encrypted in the server, but any valid client of a user must be able to decipher the content, so every client must somehow have the key to unlock the content. One way of doing it would be for every client of a single user to generate keys (which I’m sure they already do) and reform a key exchange between them, to share that way a single shared key, which is what identifies your account. Then toy could use that shared key to decipher the group chat shared key which telegram can store on their server or do whatever is done in those cases, I’m not that well versed.

The problem here lies in what happens when you delete and/or logout of all the accounts, currently you can login into the server again, because telegram has all the info required, but if they store the “shared key” then it’s all moot, I guess they could store a user identifying key pair, with the private key encrypted with a password, so that it can be accessed from wherever. They should as always offer MFA and passkey alternatives to be able to identify as yourself every time you want to log into a new client, without requiring the password and so on.

This is some roughly designed idea I just had that should theoretically work, but I’m sure that there’s more elegant ways to go about this.

It’s work for sure to implement all of this in a secure way, provided that you have to somehow merge everything that already exists into the new encryption model, make everyone create a password and yada yada while making sure that it’s as seamless as possible for users. However, I feel like it’s been quite a while and that if they did not do it already, theybjist won’t, we either trust them with our data or search for an alternative, and sadly there’s no alternative that has all the fuzz right now.

And it infuriates me to no end. It’s one thing to trust them and their servers and it’s another thing altogether to send actual plaintext data around the net, that’s crazy and it’s what people are implying.

For the record, until WhatsApp implemented e2e their messages were indeed fucking plaintext, and it took a while before they were pressured into e2e. It helps for them that their platform is very mobile based vs telegram, where the service is more server based. Telegram did have enough time to implement a server based e2e 0 knowledge encryption protocol though, it’s not really rocket science at this point.

Dildo.