• 4 Posts
  • 29 Comments
Joined 2 years ago
Cake day: November 5th, 2023
  • Luffy@lemmy.mlOPtoPrivacy@lemmy.mlvolla, /e/, etc is a fucking shithole (or why simply renaming Google to volla will change nothing)
    0·
    1 month ago

    Banks cant trust every client device to be secure and not compromise their infra, therefore they are using a certificate from a software authority to make sure their apps only run on secure devices. Currently, this authority is Google.

    But since everything is using google as their authority, google can at any time decide if they want to exclude any devices/manufacturers/whatever from running most banking apps.

    For example, they are excluding everything that is not shipping their G services Spyware. (And to ship the G services, you need a license, so you can’t have most banking apps without paying google)

    Now, volla, a maker of a Linux Phone is trying to make a new attestation API. This in no way mitigates any problem I mentioned in the paragraphs above. In that case, Volla is the Authority, and they can at any time exclude anyone for any reason.

    There is already an adequate Attestation system that mitigates every issue I mentioned built into android. Since the system is present at any time, this will not only reduce the attack vector on a system, but allow any app to add any authority they want.

  • Luffy@lemmy.mltoAsk Lemmy@lemmy.worldWhat's an online service you happily pay for?
    0·
    1 month ago

    Email.

    As someone who has been self hosting some stuff and generally aspires to work in IT, it is simply unfeasible to expect services like this for free

    Would it cost me less to host such a server divided by x users? Yes

    Do I have x users I can sustainably service without burning out? No.

    So its either a managed server for like 15€ per month + a bunch of work or a paid email provider, in my case fastmail.

  • Luffy@lemmy.mltoAndroid@lemdro.idMotorola partners with GrapheneOS for future phonesEnglish
    0·
    2 months ago

    positing that the only way you can feel halfway safe and secure is by spending more money.

    Graphene is aimed to provide a secure os for people targeted by attacks which need such things. If you dont need something like this, dont use it.

    I like the analogy with cars: not everyone needs an off road ford, but just because you can’t afford a humvee dosent mean that someone working at a state park won’t need it. The same way, its great that your needs are fulfilled by a golf 4, but those aren’t everyone’s needs.

    Also lineage and calyx are the only real android based systems which address their actual audience. /e/, iode and whatever are worse than stock OS with their integrated subscription DNS blocker and unencrypted cloud services. Calling it anything but a google replacement, as in different name, same shit, is a lie.