Squiddlioni

You’re sort of right. It’s a condition associated with the rapid-growth breeds raised in commercial farms, and has become more prevalent over time. It’s called woody breast.

It’s me, I do it. But only when I need something to do to stay awake in hour five of today’s meetings to address the “quick turnaround” patch that I finished coding three weeks ago, but now they want a label to change and no one on the six teams that have somehow become involved seems to know who owns the package that the field the label represents belongs to, but they’re absolutely certain we need to programmatically retrieve the text in case the package owner changes it at some point, and someone remembers that the original developer wrote code to get the label text 16 years ago, but it was removed from the program two years before the project started using source control, and they have an old installer around here somewhere that we can decompile or trace with Wireshark to get the right RPC name (sharing their screen while they have a rummage for it, natch), and someone else volunteers that they might know how to get a version of the server application from around that time since the client and server versions have to match, but it’s technically the intellectual property of a different subcontractor who was just a guy in Alaska who passed away five years ago, but they’re sure they can convince his estate to burn it to a disk and mail it to me if they can just find the contact information…

That all makes sense. You described yourself as a non-techie, so I misunderstood and thought you had assumed that all emails had to go through their portal.

You’re correct that Tuta doesn’t support PGP or S/MIME, which I didn’t realize. I assumed that any email service that has the word “privacy” on their website would support both. I don’t use personal email for sensitive communications, so I’m not in the habit of using PGP or S/MIME, but still… come on.

Their reasoning seems a bit silly. They say they don’t support PGP because it doesn’t encrypt the subject line, and it doesn’t support post-quantum algorithms or forward secrecy. That’s, at most, a warning line in the GUI, not something you just don’t implement.

They say they don’t implement S/MIME because of EFail, a seven year old vulnerability. They can’t confirm that all external services have a mitigation in place for it. But again, just put a warning on the UI. Could even build a list of external providers that mitigate it and only show the warning if the user is sending to a system not on the list.

There are a lot of places on Tuta’s website where they say they’re working on features but don’t specify a timeline, and a quick scan through their github issues finds some conversations where they indicate developer resources are low and they’re focused on post quantum encryption first, but they said that for years. Seems they didn’t implement basic features because they wanted the one big QC feature. They stated in 2020 that they intend to support PGP and Autocrypt, but they removed those from their roadmap. They’re not a current priority.

“Once our PQ-encryption is in place we can consider how to best interop with others keeping benefits of perfect secrecy and post-quantum encryption.” So it looks like they’re letting Perfect be the enemy of Good.

Yep, I can totally see the walled garden aspect. If you want PGP, Autocrypt, or S/MIME, find another provider until Tuta gets around to implementing them. A lot of their communications read as though they don’t have enough development staff to chew what they’re biting off.

ETA: I don’t see any scaling option in their desktop app, but you can launch it with GDK_DPI_SCALE=1.25 (or some other number) to embiggen it.

From your description it sounds like the feature you might be thinking of as walled-garden-ing is end-to-end encrypted (e2ee) emails, which they call “confidential”. The idea is that you can encrypt a message and send it to someone. The message they receive is actually just a link to a publicly-accessible page that Tuta hosts. You give the other person a password that they can enter on that page to read the email you sent and respond to it. If your recipient is also using Tuta, though, when you send an encrypted email it just shows up in their inbox like a regular email.

This is the standard way to handle secure emails, and it’s actually a limitation of the email protocol. The way you would send an encrypted message to someone on another email server is to encrypt the email with your recipient’s public key. Then the message goes to their email inbox like a regular email and they can use their private key to decrypt it (which is what Tuta does if you’re sending an encrypted email to another Tuta user–they already have the recipient’s public key). Email servers don’t have a standard way to send each other public keys for accounts, so if you want to encrypt an email you either have to get the recipient’s public key yourself and tell your email software to encrypt the message with it, or have your provider send a password protected link.

I actually just switched to Tuta. You can still get and receive normal unencrypted emails. The encryption is optional and not enabled by default. I don’t have strong feelings one way or the other yet on the service as a whole. They just added the ability to import emails exported from another service, which is usually something email providers do pretty early on. Currently it’s only available at the $8/month tier, but it’s speculated that they’ll roll it out to the $3/month tier once it’s stable. That’ll be a non-starter for a lot of people. The client UI is simple but functional. It was easy to set up my domain so I don’t have to go into each account and update my email address. Yeah, no complaints so far, but also nothing that blows me away. There’s a free tier if you wanted to just poke around.

He said unnecessarily political things in a tweet which don’t match the experiences of many people, at the exact worst moment possible. Then he doubled down on his statement with an official company account, which he later edited after there was backlash. The original comment. He’s promised to post from a personal account in the future. In that same post he stated that “while the X post was not intended to be a political statement, I can understand how it can be interpreted as such, and therefore should not have been made”.

In further discussions he described his political leanings as “probably closest to European center-left parties. But again, that’s a massive generalization/simplification. Where that puts me on the American spectrum, I have no idea”. That’s not really part of the drama, but can be taken to imply that despite working with US legislators in the past and touting this work in his responses, he may not have fully understood the current political climate or party dynamics if he doesn’t know which US party he more closely identifies with. Another interpretation could be that he knows full well and doesn’t want to say either way because making a statement of partisan support is what put him in the hot water in the first place.

I linked original sources so you can do your own reading and come to your own conclusions. Personally I bounce between believing that he stepped in something he didn’t mean to and he genuinely doesn’t support either party, and thinking that he’s too clever a man to not understand, especially since he has directly worked with US legislators on privacy issues and he doubled down in the comments after the general response was critical of his original tweet.

Yes, I canceled my Ultimate account. Andy can believe whatever he wants in private, but publicly stepping outside of non-partisan policy advocacy at this exact moment in time was a red flag, doubly so because he espoused his personal politics through an official business account in his response to the Reddit thread.

Email/calendar went to Tuta, AirVPN for VPN, BitWarden for passwords. Everything is encouragingly smooth so far.

Fair warning: Tuta’s email import is very new and only available on the more expensive tier at the moment (not sure if that’s permanent). I didn’t have any problems, but there were some issues a few weeks ago.

I do think people are over-reacting to Andy’s words and assigning him political views he didn’t express. He didn’t endorse Trump or the Republican party at large, and definitely didn’t “go full MAGA” or express Nazi sympathies. His statements about Democrats I partially agree with and partially disagree. His remarks about the priorities and actions of Republicans, though, were pure tailpipe-huffing fantasy. Being able to say these absurd things in public–under an official business account no less–shows poor judgement and implies he might believe other absurd things he isn’t willing to say publicly.

Another factor in my decision: Proton’s privacy policy specifies they can modify the policy at any time with no notification to users, and deems continued use of the services as agreement to the updated terms. The updated terms they didn’t notify you about.

That being said, no service provider is perfect. I don’t think Proton stores enough data to really be a concern if they turned over everything they have. But this whole thing is based on trust. Even with their clients being open-source software, you’re trusting that they always serve the same browser scripts that they published. You trust that the password you provide at key generation or login isn’t ever passed back to their servers. You trust that they don’t keep unencrypted copies of your emails, files, or VPN activity. You trust that they aren’t going to modify their privacy policy and quietly undo protections you thought you had.

The way Andy responded was enough to question my trust in the company with him at the helm. I didn’t leave as a heavy rebuke, just as a “do better”. There are plenty of other companies which provide equivalent services. That’s the risk companies take when a major part of their market is ideological people: if you chafe their ideology they’re more likely to put the effort into leaving.

It shows an 18+ tag for me too, and the image is blurred. I assume it’s because of our host software. I’m on kbin.melroy.org (Mbin), and the original commenter is on moist.catsweat.com (also Mbin).

Almost 20 years ago I convinced my high school library to let me install Debian on one of the computer groups. I found the “eject” command, and wrote a script that just invoked it with an argument to close the tray. I named that script “inject”. Being high schoolers, my friends and I made scripts to “eject” and “inject”, along with various beeps, and named the scripts suggestive and tawdry things. We all had a good giggle setting the systems off on their little routines and walking away.

Or, in the modern nomenclature, “systemd and friends”

I did this exact thing when contemplating getting a mini pc. I got an external drive and turned my Deck into a Kodi box. It’s been great, though it had trouble pushing 4K60, so I have it set up to output 1080. If you’re setting up something like Kodi it’s worth mentioning that the Deck uses KDE, so you can set window rules to always open the application fullscreen.

Like many respondents on this decorporatized FOSS wang-dang-doodle, my answer is some variation on “Linux for desktop/laptop unless I’m forced to use the W-word” and “Whichever mobile OS makes the browser happen while I’m away from Linux, but I’m sad that it’s not Linux”.

No one here can adequately answer your questions, since they’re not really questions. You were annoyed by something and think that there is no reason for it to not be in the general settings UI. Fair enough, I kinda agree, but I’m also a power user and don’t mind tinkering in about:config, so it’s no skin off my nose. There’s nothing wrong with venting if that’s all you needed, but if it’s really rubbing you the wrong way why not file a feature request for them to change it?

Even proper TED talks can have some big issues. I’m thinking specifically about Kary Mullis getting up on stage and saying anthropogenic climate change isn’t real because he found a study that says there’s a current that fluctuates and absorbs anything we do–or something to that effect. If you didn’t know anything about Kary Mullis and just heard “Nobel prize winner” you might assume he’s credible. In actuality he was a pariah for talking out his ass about things he doesn’t have expertise in and doesn’t understand, specifically his climate and HIV/AIDS denialism.

It’s always a good idea to approach any lecture with a critical view, but I can see why TED talks might warrant extra scrutiny. They project expertise and authority which may or may not actually be credible. The organization has a mottled record of vetting their speakers for actual expertise. (ETA: actual expertise in the content of their talk. Obviously Kary Mullis had actual expertise, just not in the things he said on stage)

Not sure why you’re being downvoted. The anecdote happens to parallel the scientific consensus, but “I’m told that dentists can tell” isn’t an appropriate argument when discussing medical research.

The link above is not reputable and was directly refuted by, among others, the American Dental Association, the American Dental Education Association, the American Association for Dental Research, the American Academy of Pediatrics, and the Harvard School of Dental Medicine itself. From the response letter signed by the dean of the HSDM:

The magazine article states that CWF “does not appear to have any benefits in adults” based on the results of the Cochrane systematic review. However, the Cochrane review did not make this conclusion. Rather, the review specifically states “We did not identify any evidence, meeting the review’s inclusion criteria, to determine the effectiveness of water fluoridation for preventing caries in adults.” Due to the lack of studies that met the inclusion criteria, the Cochrane authors were not able to make any conclusion on the effect of CWF on adults. In fact, there are studies that were not included in the Cochrane review that demonstrate a caries preventive benefit of CWF in adults.

See the letter I linked for the studies it’s referencing with a demonstrated benefit to adult teeth. The Cochrane review’s inability to conclude whether there was a benefit or not was a limitation of the Cochrane review’s inclusion criteria, and not an absence of studies indicating a benefit.

The source is not as reputable as it appears. The article in question is not from the Harvard School of Dental Medicine, and in fact was condemned by the HSDM. The actual dental experts at Harvard requested a formal retraction of the article: “Based on the significant flaws in the magazine article, we respectfully request that the article be rescinded, and a correction be published to clarify any misleading information that was provided.”

Thank you for the link. It’s worth mentioning that there are response letters to the publication you linked from other experts, the majority of which are critical and point out misinterpretations and omissions by the author. It’s always good to question, but in this instance it looks like the consensus amongst experts evaluating that publication is still that fluoridation is safe and improves dental health. The response letters can be read here.

Edit to add: The responses include a letter from the dean of the Harvard School of Dental Medicine stating that the publication is deeply flawed and requesting a retraction, and a similar condemnation from the students of the Harvard School of Dental Medicine. The article was given greater weight by being linked to Harvard, but in fact Harvard dental experts explicitly disagree.

Hand of Juno just released their first album, Psychotic Banana, and I’ve been binging it for a solid two weeks. Good mix of heavy and melodic, and good variation between songs. Got its hooks in me.

I will say, some songs are different enough that they almost sound like different artists, so if you check them out it’s worth trying a few tracks. “Polline” and “Destroy the Line” are my favorite heavy songs. “The One”, “We’ve Built the Line”, and “Not a Game” are my favorites on the melodic side.

One of my all-time favorites!

Twitch (and YouTube currently) switches to a new content stream to play an ad, which is easy to detect and block in an extension. If I understand the tech correctly, server side ads would be stitched into the playing content stream. The extension would have to know the content of the video to know that an ad is playing. There are some clever ways that might be caught (looking for spikes in bitrate, volume differences, etc), but none of that currently exists in the software in the OP.