I think the existing domain-based verification system is a better way of doing that. Something like Mastodon’s verified links might be a nice addition. This more centralized system is… not what I hoped for.

Instagram and Tiktok are usable in a web browser, though they do want you to make an account.

Terms like “safe” and “private” are not binary.

Are the contents of your Signal conversations on an iPhone private with regard to mass surveillance conducted by governments and ISPs? Probably. Apple uses security and privacy as marketing points, and there are a whole lot of people looking for vulnerabilities in its products who are incentivized to disclose them (possibly with a delay for patches). Signal itself takes steps to prevent data leaks to less secure parts of the OS and other apps.

Would your conversations remain private in the face of a targeted attack against your device by a nation state willing to spend a significant amount of time and money when you’re using Signal on an iPhone that’s presumably used for purposes other than secure conversations with a small set of people you know? Almost certainly not.

If you don’t like it, turn it off.

This would be a valid complaint if it was forced on you, but it isn’t. You can both ignore the warnings and disable the feature entirely.

As to why it does that, it’s using heuristics based on the APIs the app calls and maybe a bit about how it calls them. If there are enough patterns similar to malicious apps, you get a warning.

I’ve read that it’s because fairphone has to pay a fee for each unlocked device, but it sounds a little weird so no idea if that’s real.

The posts seem to suggest that Google is charging them a fee in that case, but that would be a little surprising given Pixels have a no-fuss unlock, and Google permits third parties to redistribute its proprietary add-ons to Android free of charge for installation by end users.

In any case, you’ve convinced me this probably isn’t Fairphone being evil, though some sort of public explanation would be nice.

I don’t understand why this requires a code rather than a toggle in developer settings like a Pixel. That doesn’t seem like openness and a commitment to treating users fairly since they could change their policy at any time.

Tried this; continued to see no ads for anything at all. Am I doing it wrong?

I use Matrix, and I’ve moved some conversation with people I met in public rooms there to Signal because it kept failing to transfer keys rendering it unable to decrypt messages. I haven’t seen that in a while so maybe it’s fixed, but I haven’t been using it for one-to-one conversations lately.

Unfortunately, I’ve found most people have a lot of resistance to adding another messaging app. I don’t really understand why that is, but it’s true. Asking someone to install a messaging app when I’m their only contact who uses it and they have another way to contact me has a success rate near zero.

Maybe. The bad actor here seems to be the government of China, and the linked page says:

The individuals most at risk include anyone connected to: Taiwanese independence; Tibetan rights; Uyghur Muslims and other ethnic minorities in or from China’s Xinjiang Uyghur Autonomous Region; democracy advocacy, including Hong Kong, and the Falun Gong spiritual movement.

I can imagine them casting a wide net.

What is this? A Twitter post?

Just about. JWZ is known for his cynical hot takes on tech in general.

I don’t think any of his complaints are invalid, though his conclusions are uncharitable at best. Making a communication tool that’s both reasonably secure and sufficiently palatable to people who don’t know how to use computers to achieve broad adoption is a hard problem with no perfect solutions. If he has a better idea, well… he’s a skilled and somewhat famous programmer; he’s better equipped than most to implement it.

Each participant is sent a separate copy of each message encrypted with their own key.

A problem is that some sites that don’t need cookie banners use them anyway due to a poor understanding of the law and excess of caution.

Well… sort of.

Batteries perform differently under load. A battery that delivers 10Wh under a 1W load will probably deliver less (and get warmer) under a 10W load. Power supplies also perform differently under load, and DC-DC switching power supplies perform differently based on the output voltage. Generally, a larger voltage conversion and/or a higher load is less efficient. There’s also going to be some base power consumption in the circuit, so the most output power is probably achieved at some sort of medium load.

To make things more fun, batteries are usually tested under constant current, not constant power. The increasing current as the battery drains of a constant power load will result in less total power, and constant output power often means increasing input power as the battery drains.

In short, the real world is complicated. Giving best and worst case Watt-hours could be a reasonable approach.

I’d be a little concerned about safety. A manufacturer or distributor that’s willing to lie so blatantly about capacity might also be willing to sell cells that failed QC.

Powerbanks are where it’s most problematic. They’re usually reporting the capacity of the battery cells in mAh. Those cells will be at 2.8-4.2V during operation, but the powerbank outputs 5V, or in modern powerbanks some higher number. 5000 mAh at the 3.6V average of the cells during discharge is certainly not 5000 mAh at the 9V it’s giving to my phone.

It’s not going to give my phone 2000 mAh @ 9V or 18 Wh as the math would suggest either because it’s well below 100% efficient. I’m not sure what’s reasonable to demand in terms of advertising here since efficiency will vary with output voltage and output wattage.

I guess they could still lie about watt-hours

Your battery illustrates that; 9.9Ah * 3.7V is, indeed 36.63Wh. Buying anything without trust in the seller or verification by a third party is a crapshoot.

And I think we’d all agree a sophomore dating a college student would be pretty imbalanced.

I was a college student at 17, but I think you had a larger age difference in mind. I do think we can all agree there should be laws against adults sexually exploiting teenagers.

Yes, though legally that’s a bit of a grey area. It’s only really entrapment if law enforcement or informants entice the offender to commit a crime they weren’t predisposed to commit. I imagine it would be an uphill battle to convince a judge or jury of that when it comes to meeting minors for sex.

The decoys were careful so that it would never even be a question.

There’s a significant distinction between servers that are actively malicious as you’re describing and servers that aren’t fully compatible with certain features, or that are simply buggy.

Lemmy, for example modifies posts federated from other platforms to fit its format constraints. One of them is that a post from Mastodon with multiple images attached will only show one image on Lemmy. Mastodon does it too: inline images from a Lemmy post don’t show on vanilla Mastodon.

I’ll note that Lemmy’s version numbers all start with 0. So do Piixelfed’s. That implies the software is unfinished and unstable.

I remember looking up the people To Catch A Predator worked with and reading some of their chat logs. The decoy was always very upfront in giving an age unambiguously below the age of consent in their jurisdiction, and never initiated conversation about sex or suggested meeting in person.

Of course, the decoy would always agree to do so if the offender asked, but the criminal conduct was unambiguously criminal, and unambiguously the offender’s idea. What we see in this article appears to abandon that sort of rigor to manufacture more opportunities to confront someone.