Just give it a grill faceplate

Just realized my post could be read wrong.

I meant that the above would be forced onto candidates as they sign up for an election.

Move all control of all business into a fully independent trust, or something. Maybe even one controlled in a different country if you’re really paranoid.

Both

They extended Proton with instruction translation (FEX)

Yup, FEX to translate x86 to ARM.

Most of those things would only be possible by hiding them in a system update

It’s possible but complicated.

Since apps have access to the TPM API they can encrypt their own data in such a way that only the app’s own authorized processes can retrieve the decryption key from the TPM chip

There’s measures they could use in theory, but if you switch keyboard app away from Google’s and set private text mode, enable screenshot protection, etc, then you should be good.

For sites you visit occasionally, it’s better to enable tab isolation (use the containers feature) and then enable JS only for that domain (note the difference between allowing JS from that domain in any tab, vs only allowing that tab with that domain to use JS, you should do the latter)

https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/

If you’re switching to a different browser you may as well use the same browser but a second clean profile and use private tabs so it doesn’t retain history. Using private tabs in your main browser profile does also help but isn’t perfect because there’s still some metadata leaks occasionally.

Using a different browser could ironically make you easier to track - how unique you are is the main signal used to track you (user agent, OS, language, etc), and going for an even more rare config will help their tracking even if you delete session cookies. Especially if they have a tracker across multiple domains you visit from different browsers from the same IP, with similar device fingerprinting results across browsers. That’s a strong signal those sessions are linked. You want to NOT stand out to maintain your privacy.

Forbidden snacks

Probably the combination of having a controller and touchscreen but NOT having a keyboard. Or recognizing the CPU series (SoC type). Or both.

[Windows subsystem] for [executable environment] is the naming scheme. The default is Win32, there’s one for POSIX (practically never used), and Linux runs in another.

https://stackoverflow.com/a/41409419

This affects the view of posts via the bluesky servers, but not via mirrors or other servers

And the use of content addressing means you can be sure it hasn’t been modified

Several Android manufacturers have their own settings in the OS for battery longevity (automatic schedule based smart charging, or charging limits)

Don’t think it’s native in Android. Charging limits need support in the charging controller chip, plus driver support in the OS.

I use my backup headphones when my Bluetooth headset has run out of battery

Or make a rule that bosses have to try out everything they suggest for others first, let them Darwin award themselves instead of others

Wireguard is most reliable in terms of security. For censorship resistance, it’s all about tunneling it in a way that looks indistinguishable from normal traffic

Domain or IP doesn’t make much of a difference. If somebody can block one they can block the other. The trick is not getting flagged. Domain does make it easier to administer though with stuff like dyndns, but then you also need to make sure eSNI is available (especially if it’s on hosting) and that you’re using encrypted DNS lookups

Telegram has been under fire from the start, lol. 'we have math PhDs" 🤷

There’s also a big difference between published specifications and threat models for the encryption which professionals can investigate in the code delivered to users, versus no published security information at all with pure reverse engineering as the only option

Apple at least has public specifications. Experts can dig into it and compare against the specs, which is far easier than digging into that kind of code blindly. The spec describes what it does when and why, so you don’t have to figure that out through reverse engineering, instead you can focus on looking for discrepancies

Proper open source with deterministic builds would be even better, but we aren’t getting that out of Apple. Specs is the next best thing.

BTW, plugging our cryptography community: !crypto@infosec.pub

Looks like the same dev from reddit

https://www.reddit.com/r/crypto/comments/1iumxl3/how_far_can_i_push_closesource_code_towards_being/