Looking at how this started, it’s even more depressing.

Already debunked

https://bsky.app/profile/tannerofthenorth.bsky.social/post/3lp572utm5c2c

I understood what you meant, not sure why you would assume otherwise. My point is that there is no need to invent new business models. Your proposal is similar to “pay with your data”, a new business model that has negative consequences for the collectivity.

In case of these types of games, a flat rate for the game and potentially a pay-per-use without margin to cover hosting (minimal, can be factored in the initial price) and API calls (gMaps) could be an option. Or none of this, and they factor in the cost already in the initial purchase. Either way, to come back to the topic of discussion, asking a one year subscription for a game sold for free (to lure people in) is IMHO predatory behavior with no excuse.

Anyway, tl;dr money already exists and people can pay for that, we don’t need to waste more computing power to find an alternative. The use of crypto incentives the overall crypto market which causes even more people (or companies) to waste energy for nothing.

This feels like a technical approach for a solution to a political problem. We shouldn’t normalize a solution to a predatory approach that companies have, we should regulate so that the approach can’t be taken by companies on the first place, we should foster competition so that those who do are going to be outcompeted etc.

Wasting even more electricity to compute numbers used in an unstable speculative market with no clear future is IMHO a completely wrong approach to the problem.

Objdct storage is anyway something I prefer over their app. Restic(/rustic) does the backup client side. B2 or any other storage to just save the data. This way you also have no vendor lock.

Yes, the whole discussion is around antitrust, and he thinks republicans have a chance to do better than democrats there. There is nothing to “bro” about, it’s pretty clear from the context. If he said any of that before the election, I could vaguely read an endorsement for single-issue voters. Saying republicans are better than democrats in fighting antitrust after Democrats shat their pants about it, doesn’t sound an endorsement to me.

The rest of this comment is out of topic. His focus (and his company focus) has always been on a specific political area. So there is no expectation that he would address the whole political scenario, when he was talking about that narrow area.

But he went out of his way to demonize the democratic party and somehow hold the Republicans up as the defenders of small business

So this is what bothers you? A completely legitimate critique of the democratic party? Well, I personally cannot care less, but you do you.

I see the issue as very simple: Him and his company work in the privacy space. Tech monopolies are a problem because captured people. Improving in this space is a win for privacy. Which is not something that is beneficial “in a vacuum”, it’s beneficial to all those vulnerable people that will be attacked by this government, or the next. he expressed optimism about the fact that republicans can do better than democrats here. Period. Naive, wrong, whatever. A legitimate opinion based on his reading of the last few years’ trend.

No endorsement, no “pledge loyalty”, nothing. Just a consideration. He also mentioned on his reddit account that ultimately actions will be what will count (as it is obvious). So to me this is legitimately a nothing burger. I cannot care less that people in US (and in many more places) live politics like a football game. I cannot care less that you or others got hurt because he criticized Democrats. They could and should do better, and then if the critique is unfair I will be there saying that he “goes out of his way” to criticize them. So far he clearly motivated his opinion with what Schumer did.

There are less than 10 companies that control almost the entire tech space. What “fewer choices”…?

Breaking up google would be already enough, which is what the focus was. All your comment sounds very fuzzy to me. Basically the whole antitrust thing is on google, if republicans break it up, great. Which " allies" are they going to bolster?

Republicans tech policy is motivated entirely by the fact that their racist and conspiratorial views were getting them banned on social media sites from 2015 - 2024

And i should care because…? Why should I care why republicans wanted to break up tech monopolies, if breaking monopolies is anyway something that I consider a positive change?

Breaking monopolies give people more choice. More choice (free) leads to hopefully people choosing more privacy conscious tools. More privacy means less data that can be handed over to doge, less data that ICE has to target minorities, etc.

then you either whole-heartedly agree that a group of criminals and wannabe dictators should be able to destroy any business that publishes speech against them, or you are extremely gullible.

Those are not the only 2 options. I am instead very happy that they will do the right thing for the wrong reason, and outside those monopolies more people will choose services that republicans have no power over. Moreover, your whole argument assumes someone is in US. I am sympathetic to the people in US, but tech monopolies are a global problem.

He didn’t endorse the republican party.

The fact that you inflate the meaning of that tweet to make it more meaningful than it is, doesn’t mean he did anything of the sort. The tweet happened after the election but before the government, and it was an endorsement of the antitrust appointee. He also expressed his opinion that republicans were more likely than democrats to fight big tech monopolies in the antitrust space. This is far from an endorsement.

It was also a completely unnecessary comment, in response to nothing.

It was in response to Trump’s tweet about the antitrust appointee. I would say quite relevant context for a tweet about the antitrust appointee.

It was unnecessary, true. Like every tweet. He expressed his unnecessary opinion, the same way we are doing now.

Andy praised Gail Slater publicly, and they even worked together.

https://www.reddit.com/r/ProtonMail/comments/1i2nz9v/on_politics_and_proton_a_message_from_andy/m7psmzx/

The premise is already wrong. There was no promise or loyalty, not even close.

Wow, those are big networks. Obviously I suppose in case of AWS it doesn’t matter as no human visitor (except maybe some VPN connection?) will visit from there.

As someone who bans /32 IPs only, is the main advantage resource consumption?

I presume you mean running Plex in host namespace. I don’t do that as I run the synology package, but I can totally see the issue you mean.

Running in host namespace is bad, not terrible, especially because my NAS in on a separate VLAN, so besides being able to reach other NAS local services, cannot do do much. Much much much less risk than exposing the service on the internet (which I also don’t).

Also, this all is not a problem for me, I don’t use remote streaming at all, hence why I am also experimenting with jellyfin. If I were though, I would have only 2 options: expose jellyfin on the internet, maybe with some hacky IP whitelist, or expect my mom to understand VPNs for her TV.

(which doesn’t harden security as much as you think)

Would be nice to elaborate this. I think it reduces a lot of risk, compared to exposing the service publicly. Any vulnerability of the software can’t be directly exploited because the Plex server is not reachable, you need an intermediate point of compromise. Maybe Plex infra can be exploited, but that’s a massively different type of attack compared to the opportunities and no-cost “run shodab to check exposed Plex instances” attack.

No that’s the thing. Plex can also use their infra as a tunneling system. You can have remote streaming without exposing Plex publicly and without VPN. It is slow though.

Well, as an application it has a huge attack surface, it’s also able to download stuff from internet (e.g., subs) and many people run it on NAS. I run jellyfin in docker, I didn’t do a security assessment yet, but for sure it needs volume mounts, not sure about what capabilities it runs with (surely NET_BIND, and I think DAC_READ_SEARCH to avoid file ownership issues with downloaders?). Either way, I would never expose a service like that on the internet.

Not to be “achtuallying” bit VPN is not a way to remote stream, it’s a way to bring remote clients in the local network.

Likewise exposing services on the internet…not really going to happen esepcially for people - like me - that run plex/jellyfin on their NAS.

I don’t have a horse in this race, i don’t use remote streaming, I only ever streamed from my nas to my 2 TVs, and I am experimenting with jellyfin. But for those who do need remote streaming, jellyfin is going to be problematic.

In 4 years I have never (and will never) used any service from /e/. There is no vendor lock whatsoever. That’s fully optional.

Points 3, 4 and 5 in your list are moot IMHO.

Also

It takes a base level of understanding why you would buy a Fairphone

It doesn’t really. “Phone is repairable and X can help me”, “they pay the makers fair wages” are not really complex value propositions that require some (technical) understanding.

The point of /e/ and similar distributions is that you can buy a phone with it (average user will never reflash) and just have a phone that doesn’t use Google (it does, for the amount that doesn’t require you to do extra technical stuff and have a sane user experience at the same time).

That said, calyx seems a great alternative and so are iode. I think the advantages of one over the other (for my brief search) are quite small.

Gotcha, you are the classic person who is unnecessarily confrontational, but that dashes at any actual confrontation, because ultimately you have nothing to say. Your history shows this clearly.

We can all live without toxic people like you.

So your argument is repeating a cliché? OK.

I don’t need to convince you, but I explained my reasoning. Maybe make some practical examples, show some CVEs that - if left unpatched - severely impact the privacy (or the broader security) of the average users.

Also, as anybody who works in security knows, security is not a binary, and securing often means paying a price (in usability, in Euro, in comfort, in performance, whatever). In my mom’s threat model there is no the APT leveraging a 0 day to breach her worthless phone, there are opportunistic scammers who send her emails. There is also google and the like harvesting her data to sell her shit (hence a deGoogled phone with bootloader unlocked is more important than a Google phone with bootloader locked, for example).

In my threat model there might be some more resourceful attackers (because believe it or not, a financial org trusts me with securing their infra). However, as I also said, a much simpler and cheaper attack that recently has made the news is just to snatch the phone unlocked from my hands on the street, rather than exploiting an android CVE. This is why for example I have app pins for signal, email and everything that supports it, and I need to authenticate at every use. I also store all my TOTP on my yubikey, rather than keeping them on the phone (even with PIN), so my phone is not good as a 2FA device.

What you call blasé is actually just a way I personally assessed the risks and decided to invest accordingly. People whose threat model involve the bots who spam emails do not have to invest in security like if the NSA is after them. Updating android a month later is not going to be even a “low” risk for most people, especially if they adopt the much more important practice (IMHO) of not installing every shitty app under the sun. If you think otherwise, make concrete examples perhaps. Using a cliché is not really building your credibility here.

I definitely wait more than a week to update for example. The marginal security risk is completely irrelevant for me compared to the operational risk of a buggy update. N-1 is a common practice for updating software in fact, unless there is absolutely a great reason to upgrade.

Also, I want to be in your circle, because most people I know if the phone doesn’t update automatically they probably won’t even think of updating their phone (or their computer) at all.

For me the reason is simple, I don’t care about the advanced threats that would be mitigated by GrapheneOS enough to buy a pixel and migrate. I already own a FP3 and that’s what I am going to use until it breaks.

I might consider Graphene in the future, but having to buy a Google phone (even a used one) already pisses me off, compared to a FP (or similar). eOS also tries to be a “noob-friendly” distribution, that you can buy phones with and you never have to mess with the phones, which means people who don’t have the skills or don’t want to mess with their phones might trade the risk with ease of operation, and it might be the right choice for them.