musl isn’t vulnerable, as per https://fosstodon.org/@musl/112711796005712271
The exploit isn’t that practicable, since it takes a very long time on 32 bit systems, which are ever rarer to see.
musl isn’t vulnerable, as per https://fosstodon.org/@musl/112711796005712271
The exploit isn’t that practicable, since it takes a very long time on 32 bit systems, which are ever rarer to see.
No problem, glad to have more people know about it, it’s very useful!
Unfortunately, no. I believe you can’t really get this level of control without root access.
Ah right, airplane mode makes a ton of difference. I also tend to have it enabled as much as I can, usually when I’m home (and thus reachable through VoIP services) or at work. And I (almsot) never turn it off, I just leave it in airplane mode. I limit the charge to 75/80%, with ACCA, so I get even less juice.
And I’m sorry, I also dislike big phones with huge screens and batteries, there’s no real need for that. But I know that you can fit better batteries in smaller phones as well. My previous device was smaller than the Pixel 4a, but had a bigger battery, while having almost identical weight.
I wish manufacturers would make smaller phones, really. I’m very unsure what other device I will get after this one dies or gets broken…
After my 6 year old Redmi 4X’s screen touch decided to die, I got an opened-not-used Pixel 4a (in perfect condition) at the end of 2022, because it was one of the few small-ish phones that had good modding support (Pixel phones are ofc known to be very good to degoogle). I love it. Feels good, works well, has a great camera (got a GCam mod too), etc. Only downside is the smaller battery (3100 vs 4100 mAh), but honestly it isn’t that big of a deal, I can just carry a powerbank on my backpack or, you know, use my phone less.
Back then, it was the perfect choice for me. Now, I don’t know, haven’t been keeping up with current models.
That is strange. Check the logs show anything out of the ordinary.
I understand.
You could look into getting a domain either way, it really is pretty simple — you go to a registrar website (I like porkbun.com), choose your domain name and purchase it. To get the email stuff going, it’s just a bit of copy pasting between their guide and the domain’s control panel.
Like I said, this domain stuff is useful outside of Migadu and similar services, but for a more 0-config option, I think disroot is alright. You also have a mailbox.org and StartMail (from StartPage).
If you have your own domain, I recommend Migadu. They take care of all the boring parts of hosting email, while being cheap and very reliable. All you have to do is[1] follow their guude to setup some DNS records and double check everything is right. After that, you have a working email account with unlimited addresses, inboxes and a bunch more nice features.
[1]: Besides getting a domain name, which you should get anyway, since it gives you more control over your digital identity and makes it much easier to migrate providers in the future.
Last time I tried starship (a few years ago), it was pretty bad, very sloppy performance, not async, at least on fish. I ended up sticking with the simple, yet effective hydro. Maybe I can give starship another try, but honestly don’t know if I even need all those bells and whistles…
It’s not because of features, since fish has tons of stuff as well and is super snappy. Someone pointed out most of those extra features are implemented in zsh itself, rather than in C, like core features.
Yeah I feel you. It’s often hard to be fully alert of what you’re sharing all the time. I have slip ups but it’s usually fine, I’m only mega careful regarding things that could give away the city/town/village I live in, and where I work. If I ever really want to talk about it, I will use a different (often temporary) alias.
Great comment, cheers!
While this may be a good end goal, these comments are really more harmful than anything else. Removing your dependency on some proprietary service can be very far from trivial, or even doable, there is a wide-range of internal or external factors preventing you from ditching it.
For example, part of my work and a bunch of good online friends of mine use Discord, so I keep it around. If you do any social gaming as well, you’ll also most likely find it hard to ditch the platform, as it’s grown deep roots in the community.
Anyway, it’s better to take small steps in the right direction than trying to make a U-turn and fail miserably.
Interesting, my Discord profile is also very hardened, and while it prompts me for confirmation, it’s always doable in a moment
If you’re on Tor, that’s the very unfortunate reality atm. If you’re on a VPN, you may try switching providers or servers inside the same provider. I can recommend Mullvad, which works very well, even if you get some CAPTCHAs.
Yeah, they have upped their “paranoia” quite a bit in the past couple of years. A while back, I discovered smspool.net while trying to register for Claude (wanted to give it a shot, was disappointed) and was so satisfied by their interface and prices I’ve used it again in 3 other occasions. There may be other similar services out there, you should give one a try next time Discord prompts you for a number.
Depends a lot on your threat model, of course, but here’s what I do:
Using a hardened browser and not giving them your real phone are likely the most effective steps, everything else is either less relevant or overkill. As I said, depends a lot on your threat model and on your requirements (some things may be unachievable if you’re forced to use Discord by your employer, for example).
It’s not open source but it’s quite literally the best Android application I’ve ever seen, by a significant margin. It’s from the good old days where apps were small, very well designed, very polished and did not collect data.
It’s FX, a gem ever more lost to time. The site is a bit old and unmaintained so SSL certificates may give you a bit of trouble, but you can just ignore the warnings, it’s just an info page.
FX, despite not receiving updates for years has so many features of such great quality, I’ve yet to find any alternative with a truly competing interface and feature set.
Been using it for 10 years and it has been the pinnacle of Android.
Edit: I know you’ll be detracted from trying it since it’s not FOSS, but seriously give it a shot.
Liftoff is basically a fork of the “old” Lemmur. It’s kinda sad they don’t even mention it anywhere on the repo :/ (they mention in the app’s about page)
I’ve been finding Zulip quite helpful. It’s threading model is great and they overall focus quite a bit in the project coordination use-case. You can either self-host it or pay for their managed hosting (which is free for open-source projects), and you can add a plugin to make static HTML pages of streams (aka channels) in order to make stuff indexable and searchable (and iirc this is getting polished and built into Zulip’s core).
If you care about accessibility, email is still the best choice — it’s mostly text-focused, doesn’t need an account (besides what is universally seen as the most basic Internet identity), truly decentralized and has mature tooling. I just haven’t found a really good mailing list archive web UI. HyperKitty is good, but isn’t quite there for me. lists.sr.ht is neat, but lacks a lot of features. Above all, indexability and searchability (from inside the UI itself) is key.