evujumenuk

You seem to have settled on an opinion and accompanying emotional response already. If so, why are you still using Python if your prior experience isn’t a good fit for it? Not everything is made for everybody, maybe Python just isn’t for you.

Your complaints mostly revolve around syntax. I’m sure there’s a dynamically typed, sequential language with curly braces — y’know, “standard” — out there for you. You could even convince a Scheme reader to accept something like that instead of brackets everywhere 🤷

Where in Settings would this be? Cellular?

There’s a lot of smaller and bigger possible problems with that, but I think there’s only one way to find out if those can become actual problems.

Try it, and report back.

I wonder what they think about their Pipeline Punch customers. Specifically, how much overlap is there with, y’know, the memes?

It’s been a while since I last touched Rust, but there’s a discussion on whether to commit Cargo lockfiles to version control, and the consensus is basically that you should do it if your crate is primarily a binary, and, conversely, you shouldn’t if it’s primarily a library. It acknowledges that code at the apex of the dependency graph should follow different rules than everything below it, and this kind of reasoning could apply to licenses in similar ways.

That’s the most sensible thing I’ve read all day. I think much of the reasoning for Cargo lockfiles could apply here as well.

It kind of has to be, if you’re trying to be persistent about the whole thing. It’s easy to feel overwhelmed and burn out over all of the different threats we’re trying to defend against. I don’t see how you can keep at it for months or years if you feel no joy over it. But maybe being deathly, relentlessly afraid of the dangers around us is enough after all.

If you don’t even like doing this stuff, wouldn’t it be better to focus on measures that require little upkeep? This is what my example suggestion was getting at, something that’s as close to set-and-forget as possible, while getting you 90% of the way there. (Depending on your threat model, sure. If yours says that the sky is falling if Tim Apple gets your iCloud data, it certainly doesn’t apply.)

I’d sure hope so! Many of the things that privacy nuts like us do are not efficient uses of one’s time.

They might require constant vigilance. They might need recurring work for continued effectiveness. They might necessitate exposure to intrusive negative emotions (“what is Google doing this week?!”).

If you’re not having fun, focus on measures that you implement once and then never have to think about again.

For example, I wouldn’t recommend GrapheneOS to a journalist in an authoritarian regime. It might be “more secure”, but they have a job to do and can’t keep dicking around with obscure pointer authentication settings or whatnot. They should just get a current iPhone, enable Lockdown Mode if its tradeoffs are acceptable to them, and continue doing their best job, which isn’t “phone administration”.

LARPing as Jason Bourne, or prepping for the Rokobasiliskocalypse, is a hobby. It’s okay, I do it too. However, it’s not approachable or understandable to people who don’t share that hobby, or are not as alarmed at the general state of things as we are.

I used to run unbound on my laptop just so I could configure stuff like forwarding zones with more precision than what a stub resolver normally gives you.

It can also be your validating DNSSEC resolver, which also satisfied that sort of morbid curiosity in me.

In the age of DoT and DoH, with endpoints hardcoded in browser binaries, that sort of thing has a lot less punch than it used to. Even back then Go binaries would start ignoring your nsswitch.conf…

As long as everyone is having fun, I see no problem.

If you’re not having fun switching mail providers, researching Gecko forks, or being a part-time sysadmin for your Fairphone, you should probably stop doing those things.

There’s no easy answer to your questions. It depends on what threats you’re trying to defend against. If your primary concern is adversarial law enforcement with Cellebrite et al., a current iPhone, especially with Lockdown Mode enabled, is certainly the next best thing to Graphene that we have.

Personally, I have access to Private Relay, but never use it. That’s not because I don’t trust it, but because I only ever use VPNs to spoof my GeoIP. And you can’t do that with Private Relay.

Even with Game Key Cards, an actual, physical object has to be produced, at drastically higher marginal cost than what a purely digital license costs in production (basically nothing). And there is a secondary market, which doesn’t exist in the digital realm.

Essentially, I don’t see the reasoning behind counting them as digital. All the aspects that seem relevant to any publisher (and, to a first approximation, any user that isn’t a conservationist) make them identical to physical sales.

Just “encrypted”? Probably iMessage.

Tello gives you a real (US though) number, E911 and all, for 5 USD a month. You get an eSIM you can activate from anywhere in the world via Wi-Fi Calling. Send and receive unlimited texts and get 100 minutes a month for the odd service that insists on verification calls rather than texts. I’ve had zero issues.

Like basically all cloud providers, Oracle publish their public-facing IP address ranges.

https://docs.oracle.com/en-us/iaas/Content/General/Concepts/addressranges.htm

Many services block these because, as you are pointing out, standing up VPN tunnel routing on a cloud instance is sort of trivial. Cloud providers publish these ranges specifically so anyone can block them easily. If lemmy.world is not blocking Oracle Cloud already, it’s only because they just haven’t come around to it.

Mullvad has a 30-day money back guarantee.

Apart from that, some payment methods (like crypto) allow transmitting arbitrary amounts. At least, paying for years in advance works without issue. You could pay a few cents and try it out, but be mindful of fees.

In the specific case of Mastodon, an instance pretty much only receives a post via federation if one of its users either follows the creator of that post, or is mentioned in it.

Discoverability suffers, because this also applies to replies to a post even if you follow its poster. You might see them, or you might not. You look at the post history of one of the users in a thread and it comes up empty.

This is not much of a problem if you’re in one of the, say, top five instances, but beyond that, many functions become increasingly unreliable. Instead of one big microblogging ocean, it feels more like an assortment of a few lakes and myriad puddles with only tenuous interconnection.

Personally, I’ve kinda given up on finding (or creating) my One True Instance and am resorting to having profiles on all of the biggest instances. This also has the advantage that arbitrary defederation decisions affect me to a much lesser extent.

You know, anyone making negative comments… The bees go get 'em.

Almost all extensions will weaken your security posture. In fact off the top of my head there are basically only two kinds of extensions that could improve it:

• ad blockers
• (maybe!) password manager integrations

Anything else is questionable at best. Maybe you could create browser profiles where you install extensions somewhat more liberally, with decreased expectation of safety.