• 0 Posts
  • 19 Comments
Joined 1 year ago
cake
Cake day: August 14th, 2023

help-circle

  • That’s true, but macs also do have more security controls, configured more sensibly by default. BitLocker, the system’s full disc encryption feature for example, is still considered a premium product reserved for more expensive editions, whereas macs, android, and iOS have had it standard and default enabled (the latter two with no option to disabled it) in current versions for years. Windows still does not require (or last I checked even offer) things like application sandboxing or runtime hardening by default (this may well have changed in the past couple of years, but I’ve heard nothing of it). While the Universal Windows Platform does have a functional permissions system, that whole platform is (as I understand it) limited to the Microsoft store (which as I understand is ignored by vendors), and the last time I looked at it, it was a mess. There are other such things. Which isn’t to say macs can’t get malware, they can, and they’ll get more malware as time goes on. There are other measures set up on Windows but not macOS, but they don’t appear to be as effective to me, and they seem to be mainly focused on reacting to specific incidents. Security-wise, the two really are not the same.



  • Anyone can build an implementation of the Signal client, but few do already because Signal actively works to prevent them from working with the Signal infrastructure, and likely will continue to do so. It’s one of the more common complaints about Signal, but it was built on the assumption that centralized services would be easier to use and to make private if the platform holder wanted, as well as more robust against attacks. They could well be wrong, and people just haven’t thought of and deployed the right tech, but it’s neither here nor there; I’m doubtful they can be convinced on this, and I’d doubt they’d be made to open up anyway by this regulation, meaning they’re not obligated to.






  • I agree, and these conventions are being followed less over time. Since the 1990s, Windows world, Objective-C, and C++ have been migrating away (to mixed results), and even most embedded projects have been too. The main problem is that the standard library is already like that, and one of C’s biggest selling point is that you can still use source written >40 years ago, and interact with that. So just changing that, at that point just use Go or something. I also want to say, shoutout to GNU for being just so obstinate about changing nothing except for what they make evil about style. Gotta be one of my top 5 ‘why can’t you just be good leaders, GNU?’ moments.





  • Some nits: Apple could access many classes of data stored on iCloud by default (including any photos), even now, but you can make almost every class end to end encrypted now if you explicitly chose to. Previously, and by default now, it’s Apple policy and internal controls over the keys your data is encrypted with that protect that data, not the encryption itself (though you can opt in to the encryption itself protecting you from Apple). From what I understand, Apple is only known to actually scan iCloud mailboxes regularly, with the on-device scanning having never been implemented. Outside of nits, considering the delay between the proposed scanning and offering of a wider E2EE program for iCloud, I doubt the two are actually related myself.







  • Vivaldi is fairly nice, but it’s another Chromium. Similar to Brave, they’ve said they won’t be including the Topics API, so it doesn’t quite feed into the monoculture. (Disappointingly, they seem like they won’t be disabling WEI, Google’s latest land grab. Admittedly, for understandable reasons that mirror the original DRM for the web a decade ago, the blunt fact is that they seem like they’ll go along with it anyway.) Considering the team is (supposedly) largely shared from some people that used to develop their own engine (Presto, before Opera switched to Chromium), I could also believe they could (possibly would) hard fork Chromium if they felt it necessary. If this is enough for you, then I’m sure you’ll have a wonderful time with it, and I’ve enjoyed it well enough when I’ve tried it. Personally, I don’t daily it.