this post was submitted on 10 Mar 2025
21 points (100.0% liked)

TechTakes

1709 readers
72 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 2 years ago
MODERATORS
[email protected]
21
Stubsack: weekly thread for sneers not worth an entire post, week ending 16th March 2025 (awful.systems)
submitted 1 week ago by [email protected] to c/[email protected]
140 comments fedilink hide all child comments
 

Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.

The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)

Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.

(Credit and/or blame to David Gerard for starting this.)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 5 days ago* (last edited 5 days ago) (8 children)

their browser vanadium seems like a good chromium fork and a fine webview implementation but lacks an effective ad blocker, which makes it unsafe to use if your threat model includes, you know, the fucking obvious. the graphene devs will shame you for using anything but it or brave though, and officially recommend using either a VPN with ad blocking or a service like NextDNS since they don’t seem to acknowledge that network-level blocking isn’t sufficient

No firefox with ublock origin? Seems like that would be the obvious choice here (or maybe not due to Mozilla's recent antics)

[–] [email protected] 10 points 5 days ago* (last edited 5 days ago) (6 children)

the GrapheneOS developers would like you to know that switching to Ironfox, the only Android Firefox fork (to my knowledge) that implements process sandboxing (and also ships ublock origin for convenience) (also also, the Firefox situation on Android looks so much like intentional Mozilla sabotage, cause they have a perfectly good sandbox sitting there disabled) is utterly unsafe because it doesn’t work with a lesser Android sandbox named isolatedProcess or have the V8 sandbox (because it isn’t V8) and its usage will result in your immediate death

so anyway I’m currently switching from vanadium to ironfox and it’s a lot better so far

[–] [email protected] 12 points 5 days ago* (last edited 5 days ago) (5 children)

and its usage will result in your immediate death

This all-or-nothing approach, where compromises are never allowed, is my biggest annoyance with some privacy/security advocates, and also it unfortunately influences many software design choices. Since this is a nice thread for ranting, here's a few examples:

  • LibreWolf enables by default "resist fingerprinting". That's nice. However, that setting also hard-enables "smooth scrolling", because apparently having non-smooth scrolling can be fingerprinted (that being possible is IMO reason alone to burn down the modern web altogether). Too bad that smooth scrolling sometimes makes me feel dizzy, and then I have to disable it. So I don't get to have "resist fingerprinting". Cool.
  • Some of the modern Linux software distribution formats like Snap or Flatpak, which are so super secure that some things just don't work. After all, the safest software is the one you can't even run.
  • Locking down permissions on desktop operating systems, because I, the sole user and owner of the machine, should not simply be allowed to do things. Things like using a scanner or a serial port. Which is of course only for my own protection. Also, I should constantly have to prove my identity to the machine by entering credentials, because what if someone broke into my home and was able to type "dmesg" without sudo to view my machine's kernel log without proving that they are me, that would be horrible. Every desktop machine must be locked down to the highest extent as if it was a high security server.
  • Enforcement of strong password complexity rules in local only devices or services which will never be exposed to potential attackers unless they gain physical access to my home
  • Possibly controversial, but I'll say it: web browsers being so annoying about self-signed certificates. Please at least give me a checkbox to allow it for hosts with rfc1918 addresses. Doesn't have to be on by default, but why can't that be a setting.
  • The entire reality of secure boot on most platforms. The idea is of course great, I want it. But implementations are typically very user-hostile. If you want to have some fun, figure out how to set up a PC with a Linux where you use your own certificate for signing. (I haven't done it yet, I looked at the documentation and decided there are nicer things in this world.)

This has gotten pretty long already, I will stop now. To be clear, this is not a rant against security... I treat security of my devices seriously. But I'm annoyed that I am forced to have protections in place against threat models that are irrelevant, or at least sufficiently negligible, for my personal use cases. (IMO one root cause is that too much software these days is written for the needs of enterprise IT environments, because that's where the real money is, but that's a different rant altogether.)

[–] [email protected] 8 points 5 days ago

also, I forgot to point this out earlier, but it’s worth saying: the only reason why I’m considering GrapheneOS as a viable path forward is because as an AOSP fork, it isn’t all-or-nothing. I can create a private space or profile for Google Play Services and all my spyware shit and keep it isolated, and ending the session kills all the processes those apps might have been running.

that’s fantastic! I finally don’t have to switch fully to open source apps and do without working non-janky notifications to have a modicum of privacy on Android! the graphene devs assume I’m not gonna be perfect and they ruggedized their fork against that and put a ton of effort into making even stuff that’s deeply reliant on Google safer! why in fuck aren’t they like that for everything?

load more comments (4 replies)
load more comments (4 replies)
load more comments (5 replies)