They said it would require network access and that they would have a handful of popular apps preloaded to avoid too much disruption so those can be installed offline. In practice that probably means Google apps, Meta apps and other big corp apps.

They also have you register package names with them, not just a certificate.

I was hoping it would be a certificate situation but we’re kind of past Google using the least intrusive and privacy preserving options.

Apps from outside the Play Store? No, because previously your phone had no reason to ask Google anything. You could always not sign in to Google and disable Play Protect and use F-Droid and Obtainium.

But now, it needs to check developer signatures to know if it’s a verified developer, and it obviously can’t cache all of them as the size would be insane.

And that in turn implies that your phone needs to reach out to Google and be like yo, is this app banned?

That query gives them at minimum the IP of the user, the package name, and the time at which it happened.

And thus they can effectively track anyone using say, privacy apps, making it that much riskier to use them in places where they’re not allowed.

For your “safety”.

That also means they now will know about every app installs, worldwide. So when the government comes in and ask who have installed this app they decided is bad, they can come get you.

Signal, VPNs, they’ll have a list of everyone opting out of government-mandated backdoors.

LineageOS so worth losing Play Integrity.

No way. iPhones don’t exactly allow bootloader unlocking to begin with, but even if you could, it would be in no better state than Asahi on the M1 Apple computers. Every driver would have to be written from scratch.

Pixels are a good platform for custom ROMs because until the recent drama, you could literally just build AOSP as-is and use it. So the GrapheneOS team only really need to focus on their changes to the OS and their apps and none of the drivers and modem interface and all that. That’s also why GrapheneOS runs so well on it: Google provided everything, it just works.

iPhones would be the absolute worst phone to develop for: zero support from Apple, no drivers no documentation, no nothing. Not even a Linux kernel! At least for Android, the Linux license forces manufacturers to publish the source code, so at minimum you start with something that should boot and contain all the stuff to talk to the hardware already, just need to wire it in with userspace drivers. CPU manufacturers like Qualcomm also provide a fair chunk of the userspace drivers open-source too, so you can just pull that and have audio and video working.

Not impossible, but definitely really hard and impractical.

You can mostly backup everything but it’s impossible to make a perfect backup like the old days anymore because of the TEE. Flashing a new ROM will change the keys and permanently make the old data worthless. Stuff like Google Authenticator for example simply won’t backup even with a perfect bit copy.

Apps will restore okay but many will be logged out and have lost their permissions and push notification registration with Google.

You need to set up your PC to be on that IP address first, TFTP doesn’t magically listen to a particular IP, you need to configure the PC with that IP.

ip link set eth0 up
ip addr add 10.10.10.3/24 dev eth0
ip addr add 10.10.10.1/24 dev eth0

Then you can start the TFTP server on the interface:

dnsmasq -d --port=0 --enable-tftp --tftp-root=/path/to/tftp/root -i eth0

For all its flaws and mess, NFS is still pretty good and used in production.

I still use NFS to file share to my VMs because it still significantly outperforms virtiofs, and obviously network is a local bridge so latency is non-existent.

The thing with rsync is that it’s designed to quickly compute the least amount of data transfer to sync over a remote (possibly high latency) link. So when it comes to backups, it’s literally designed to do that easily.

The only cool new alternative I can think of is, use btrfs or ZFS and btrfs/zfs send | ssh backup btrfs/zfs recv which is the most efficient and reliable way to backup, because the filesystem is aware of exactly what changed and can send exactly that set of changes. And obviously all special attributes are carried over, hardlinks, ACLs, SELinux contexts, etc.

The problem with backups over any kind of network share is that if you’re gonna use rsync anyway, the latency will be horrible and take forever.

Of course you can also mix multiple things: rsync laptop to server periodically, then mount the server’s backup directory locally so you can easily browse and access older stuff.

The writing’s been on the wall since they swapped to ColorOS with Android 12 and the bootloader update that came with it that no longer supports relocking, along with the delayed/nonexistent source code releases for the kernel.

It’s very sad that basically the only real option is Google’s Pixels, and even there the tides are turning.

Technically it wasn’t really designed with megainstances in mind that swallows the entire fediverse.

My instance has no problem whatsoever keeping up and storage is well under control. But we’re few here subscribed to a subset of available communities so my instance isn’t 90% filled with content I don’t care about and will never look at. Also reduces the moderation burden because it’s slow enough I can actually mostly see everything that comes through.

Lemmy itself is also pretty inefficient in that regard, you can very much make software that pulls instead and backfill local cache as needed.

Even my Reddit subscriptions would be pretty easy on my instance.

deleted by creator

One thing to keep in mind is ActivityPub isn’t exactly made for social media in the sense most people use it nowadays. It’s intended to be more like RSS feeds: you’re support to subscribe to stuff like news sites and be able to bring it all into a content aggregator. Seen that way, its design makes a lot of sense.

It kinda works well for public microblogging as well. It’s when you start involving moderation, voting, sharing, boosting that things get kinda weird.

I’ll add some of my comments to that discussion.

You guys have basically been describing Aether and Nostr

The main issue is when your instance starts federating, accounts are created with a key pair that you will lose when changing software, and generally a whole bunch of URLs will no longer be valid. The actor ID of your user is https://feddit.org/u/buedi, not just buedi. Mastodon might make it https://feddit.org/@buedi instead. As per the spec, that is the canonical URL for the user/actor.

Other instances will still try to push content to your instance assuming the software it was registered with. So you may continue to receive data for Lemmy communities which Mastodon has no clue what that is or what to do with it.

You can host the API/frontend on a different domain no problem, but the actual ActivityPub service should be on a dedicated subdomain to avoid the issues.

That said, I believe after a couple days/weeks, it should eventually sort itself out as your instance keeps erroring out and gets dropped and reregisters with the new software.

https://seb.jambor.dev/posts/understanding-activitypub/

Because Russia clearly doesn’t have enough land, especially empty land yet.

I don’t think I’ve ever updated a BIOS from any operating system, always flashed via the BIOS itself. Most can flash the BIOS without even a CPU installed these days.

It’s a good idea to validate the information before being outraged at it.

Basically “it looks too much like a genocide so we have to look like we let aid in but not too much so they remain weak and suffering” at this point.

Aside from the other answers, no you can’t offload computations to memory. Memory stores data, it doesn’t compute.

The only way having more memory can possibly improve performance, is by having a cached copy of files so they don’t have to be fetched from disk, and applications potentially caching the results of heavy but reusable computations. (Unless you run out of memory and starts spilling over to disk, then more memory will make it fast again by avoiding swapping).

I mean I guess technically yes you could transcode into H264 into a tmpfs mount, and then play the H264, but you’re still not doing it faster and certainly not fast enough to watch in real time, you’re just decoding the AV1 well in advance before actually watching it.

Nope. Even Qualcomm themselves provide what’s needed to run Linux on the Windows for ARM PCs.

The only one I can’t find for sure is whether there’s any lockdown on the firmware for the Microsoft Surface and Copilot+ laptops, but I’m also not finding any sources pointing that it would be. But at this point you’re buying Microsoft hardware, what do you expect.

It has nothing to do with ACPI whatsoever. And firmwares this broken are the exception not the rule.

That’s bullshit. ARM is an architecture and by itself does not specify secure boot any more than x86 does. Raspberry Pis don’t have secure boot. You can unlock the bootloader on a Pixel, install GrapheneOS, and relock the bootloader just fine. Several other manufacturers allow bootloader unlocks no problem. The main reason you can’t on some popular phones is US carriers, even international Samsungs you can unlock the bootloader and flash whatever you want on it.

I’m literally typing this comment on a phone running a custom OS (LineageOS on a OnePlus 8T). I’m literally 2 versions of Android ahead of the latest supported version. I also have a Galaxy S7 running Android 15, a phone that officially tops out at Android 8 and launched with Android 6. Both you literally just toggle the bootloader unlock option in the settings, no hacks no craziness, it’s literally a feature.

At this point you’re just straight up making shit up.