You should know when and how you are being tracked, and you should have an easy-button to say thanks, but no thanks.

Opt-out!? That’s not even close to being a good solution.

Your data should not be collected, and you should not be tracked, UNLESS you agree yo it, ie opt-in, AND data collection is proportional/appropriate for the stated goal.

That’s the spirit of GDPR.

Google Play Store is becoming less and less viable for OSS. Thankfully F-Droid support sharing apps to nearby devices.

Is there a server component, or is everything running in the browser?

The mobile standard setter, GSMA, and Google have said encryption will be coming to RCS, but there’s no firm date yet.

GSMA, please don’t come up with yet another poorly designed encryption standard.

The IETF is already working on Messaging Layer Security (MLS), please work with IETF and adopt MLS. IETF have more experience and do a good job at designing secure protocols. And multiple organisations and services are already working on adapting MLS (Mozilla, Google, Matrix, Wire, …)

Telling your contacts not to use Google nor Meta/Facebook. If everyone you email use gmail, then Google has all your emails.

It would be fair to compare browsers without adding extensions, with default settings.

This would show which browser have the best security and privacy out of the box. Also, the comparison would be practically impossible otherwise.

Most people use defaults, and I suspect a large portion of users install no extension, unless maybe if a tech-savy relative adds an adblocker.

He gave a reason, and said he’s not going to answers why questions, so your guess is as good as anyone else’s.

We should be thankful that this person maintained the app and put up with Google’s bullshit for so long.

If you find this app helpful, consider supporting whoever is willing to take over maintaining the app or a fork.

I hope Gimp 3.0 stable will happen before the heat-death of the universe.

I guess integration with Google Drive is a big convenience for users.

But yes, if the cost of getting access is to high for indie developers, then it make sense to avoid Google Drive. Creating and maintaining your own cloud sync service for a specific app may not be worth it, they should investigate integration with existing Google Drive competitors/alternatives.

While that’s true, but there’s no indication of Microsoft brute forcing with million of combinations.

The article you link says Microsoft is only trying a few obvious passwords: the filename, and words found in the plaintext message.

Proper encryption isn’t just about using a strong algorithm. It’s also about proper key management, ie not sending the password in the clear via the same channel as the encrypted files.

ZIP isn’t a good way to encrypt, but what Microsoft is doing is simply reading the email, and decrypting zips with the password found in the email body.

All encryptions schemes can be trivially broken if you have the key. It’s not even breaking, it’s just normal decryption.

Nice.

Does Forgejo support Git? I’m not familiar with Forgejo, and it’s not obvious in this announcement or their homepage.

Forgejo does support Git, I didn’t read carefully enough.

Quite the contrary.

Password hashing is standard nowadays.

When a database is compromised, brute forcing hashes is necessary to recover passwords, and the short ones are the first ones to be recovered.

GIMP 2.99.99.1.5-final-reallyfinal-rc64-proper

Yes, AppImage can run on more distro.

Still AppImage has disadvantages over DEB: No auto-update, No/less system integration, Bigger install packages.

They can’t possibly provide a package for every distro.

Signal’s model, ie keep tight control over development and distribution of the client, and the absence of federation, it well suited for Apple/Google’s stores, but not at all for open-source and Linux’ ecosystem.

Some projects of Signal-compatible clients and forks received a message from a Signal representrive requesting they stop distributing unofficial clients that connect to their servers.

That probably has on shilling effect on Linux distribution that may be considering building and distributing Signal in their repository.

Don’t waste time trying to reason them. If you’re not able and willing and sue them to enforce the GPL license, the company won’t care.

You should directly informe one of the organisations mentioned previously, they may have a lawyer and experience fighting this kind of fight.

Best you can do youself is collect evidence that they’re distributing modified GPL software, and write a precise description of the issue, to help these organisations kickstart their investigation into the GPL violation.

I’m going to assume lack of volonteers.

Nice list. Note MicroG doesn’t appear in F-Droid’s default repository. It probably cannot be installed as a regular app, or requires adding a different repository.