utopiah

joined 3 years ago
[–] utopiah@lemmy.ml 2 points 1 hour ago

multiple Android versions outdated.

What's the pragmatic consequence of that? Are the security risk actually that great because Android architecture isn't that secure or rather isn't there a smaller and smaller amount of hard to execute exploit anyway that yes being up to date is always more secure yet only marginally so?

I'm asking because I worry that always playing faster catch up with Google leave them in charge.

[–] utopiah@lemmy.ml 3 points 1 hour ago* (last edited 1 hour ago)

Bought /e/OS running CMF https://murena.com/shop/smartphones/brand-new/murena-cmf-phone-1/ few months ago, no frill, no tinkering, just works. Daily driver since I received it.

I do have more... specific phones, e.g. PinePhone and PinePhone Pro, but I never managed to use they as daily drivers.

That said, I'm only sharing this because it is "good enough" for me but you probably have different concerns than me. I'm not a political dissident, not a journalist, not a security researcher, just a random dude living in Western Europe.

I tend to find that identifying precisely what your threat model is facilitate pinpointing pragmatic options.

[–] utopiah@lemmy.ml 2 points 2 hours ago

Ah! Isn't it wonderful when we discuss to learn rather than be right? :D

[–] utopiah@lemmy.ml 2 points 2 hours ago

44 %

Very interesting, thanks for sharing. That number is of course way too high. I won't point fingers but... OK I will, I would argue, naively, that a lot of that frustration comes from corporate exploitation. I bet a lot of that comes from maintainer who noticed big number of downloads on CDN but no PR because somehow a paid for tool (so not blaming just BigTech here) relies on their work... and they don't see a cent for it.

I doubt most people who have a quirky side project, say something about how to use Lego controllers for their model train on the weekends with kids, really mind. Sure they'd love to see a bit of money from it but whatever.

Anyway I'll dig into that report a bit more, thanks for sharing!

[–] utopiah@lemmy.ml 3 points 15 hours ago (2 children)

FWIW I'm donating every month to CodeMirror author, donates to Vim, etc. I'm not saying they are wrong, nor right, solely that implying (but maybe I misunderstood the comment) that somehow open-source and getting paid are antagonist is IMHO damaging to FLOSS broadly.

[–] utopiah@lemmy.ml 2 points 1 day ago (2 children)

I wholeheartedly agree. But, I prefer the capability to donate to the open-source software developers that I love to support.

Right indeed, not sure why it was implied that open source software couldn't be a financially viable option for developers too.

[–] utopiah@lemmy.ml 3 points 1 day ago (4 children)

On the one hand, it’s a shame that it’s not open-source, but on the other hand, developers have to make a living from something.

I'm pretty sure most people here, at least I hope, who use open source and free software directly money donate to developers. I know of plenty of developers who do get paid writing open source through such donations or via funding, e.g. NLNet or grants. Maybe I'm misunderstanding your statement, are you saying Sublime Text isn't open source because they believe those ways are not appropriate for them?

[–] utopiah@lemmy.ml 2 points 2 days ago

Doubt I can do a PR to https://github.com/open-quantum-safe/ with that yet... but that does beg the question, what other schemes could be represented tangibly without complex mechanisms?

[–] utopiah@lemmy.ml 3 points 2 days ago

FWIW changing ROT is https://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher as @drspod@lemmy.ml pointed out, I already learned something!

[–] utopiah@lemmy.ml 1 points 2 days ago (1 children)

... and you're blocked, no need for this kind of toxicity here.

[–] utopiah@lemmy.ml 9 points 2 days ago (1 children)

Actually no I use it for CRYSTALS-Kyber /s

Yes, just joking it's not even meant for a "replacement" but rather how to give a pragmatic affordable (the 1st one I made was literally just 2 paper strips and scotch tape) fun way to explore ROT... but IMHO it can be just a starting point. You can do that and sequence them, e.g. ROT-X where X is the date so e.g. today is 06 12 2025 so you would ROT0 the first letter, ROT6 the second, etc.

It is only meant to be fun, please don't use this in actual serious situations.

[–] utopiah@lemmy.ml 4 points 2 days ago

like this

as long as there is mapping then it's OK, it can be added as yet another filter

 

This is for pedagogical purposes. Please do not cypher actually important messages with this.

Anyway I think it can bring with little ones, and adults alike, interesting conversations around :

  • secrecy
  • privacy
  • cryptography as counter-power
  • mathematics, starting with modulo
  • the duration a message can stay undecipherable and thus the kind of message to share
  • computational complexity, how many permutations are available

... and a lot more!

view more: next ›