• 1 Post
  • 51 Comments
Joined 3 years ago
cake
Cake day: January 17th, 2022

help-circle


  • multiple Android versions outdated.

    What’s the pragmatic consequence of that? Are the security risk actually that great because Android architecture isn’t that secure or rather isn’t there a smaller and smaller amount of hard to execute exploit anyway that yes being up to date is always more secure yet only marginally so?

    I’m asking because I worry that always playing faster catch up with Google leave them in charge.


  • utopiah@lemmy.mltoPrivacy@lemmy.mlGraphene OS Situation
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    edit-2
    15 hours ago

    Bought /e/OS running CMF https://murena.com/shop/smartphones/brand-new/murena-cmf-phone-1/ few months ago, no frill, no tinkering, just works. Daily driver since I received it.

    I do have more… specific phones, e.g. PinePhone and PinePhone Pro, but I never managed to use they as daily drivers.

    That said, I’m only sharing this because it is “good enough” for me but you probably have different concerns than me. I’m not a political dissident, not a journalist, not a security researcher, just a random dude living in Western Europe.

    I tend to find that identifying precisely what your threat model is facilitate pinpointing pragmatic options.



  • 44 %

    Very interesting, thanks for sharing. That number is of course way too high. I won’t point fingers but… OK I will, I would argue, naively, that a lot of that frustration comes from corporate exploitation. I bet a lot of that comes from maintainer who noticed big number of downloads on CDN but no PR because somehow a paid for tool (so not blaming just BigTech here) relies on their work… and they don’t see a cent for it.

    I doubt most people who have a quirky side project, say something about how to use Lego controllers for their model train on the weekends with kids, really mind. Sure they’d love to see a bit of money from it but whatever.

    Anyway I’ll dig into that report a bit more, thanks for sharing!








  • Actually no I use it for CRYSTALS-Kyber /s

    Yes, just joking it’s not even meant for a “replacement” but rather how to give a pragmatic affordable (the 1st one I made was literally just 2 paper strips and scotch tape) fun way to explore ROT… but IMHO it can be just a starting point. You can do that and sequence them, e.g. ROT-X where X is the date so e.g. today is 06 12 2025 so you would ROT0 the first letter, ROT6 the second, etc.

    It is only meant to be fun, please don’t use this in actual serious situations.








  • utopiah@lemmy.mltoPrivacy@lemmy.mlI made a gpg Hat
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    4 days ago

    That’s the kind of things I expect somebody to be into deciphering to have already a ~/Prototypes/deciphers/ directory with a bunch of scripts with the basics and maybe a testing script that iterates through them sorted by probability (maybe based on popularity) and checks output against keywords, e.g. stop words of increasing length then dictionaries.

    TL;DR: I bet that person had automated that process.