• 0 Posts
  • 170 Comments
Joined 2Y ago
cake
Cake day: Aug 10, 2023

help-circle
rss

when during job interview the recruiter ask if you code on the weekend

I think it’s more to see if you’re actually passionate about what you do and you don’t “just” do it for work, which definitely is a bit of a twisted view, when on average you’ll already be spending 40 hours a week doing that, but I think people tend to make this sort of evaluation, because people who love programming so much to also do it on their free time will usually be better, since they simply have more experience than those who only do what they’re assigned to do




I see.

tor has geo location issues.

Could you explain what you mean with this? I’m not sure I understand


mullvad for looking shit up on ecommerce sites with new ID each time

Is it sufficient? I’d always assumed it was easily targetable with the IP so I started using TOR for that purpose


The tool presents a significant privacy risk, and shows that people may not be as anonymous in the YouTube comments sections as they may think.

I don’t understand how this makes the privacy on YouTube any worse when all the information it sources from is already public, this is just automated doxxing, which, while we’ll agree to be unethical, was never a privacy violation, it is just the consequence of the actions of who posted the information to begin with.
Also does it really violate YouTube’s privacy policy? It’s new to me that service consumers can be subject to the policy when it’s not the third parties that YouTube actively sends the information to, that sounds more to me like Terms of service, which are hardly enforceable fully (thank goodness, so we can have our yt-dlp and PipePipe)


That’s different, it’s technically possible not to comply with that statement because the location data is sent and stored, it takes just not deleting it to violate that, it just evaluates to a pinky promise that has to be verified by inspecting their systems.
This, on the other hand, is a technically verifiable claim, the code is open and it all runs locally on the same machine, the TEE will give the green light and that’s how apps will accept your biometric verification, the only thing that might be suspicious is with the implementation of the TEE, I don’t know if every manufacturer keeps the data it gets on the device or secretly communicates outside, this unknown is also a good reason to use a Google Pixel device if you care about that

Google Pixel phones use a TEE OS called Trusty which is open source, unlike many other phones.

From the Privacy Guides Mobile phones page


I’m all for not giving more data points where it’s not needed, but is this as bad it seems? All biometric data remains stored on the device, it isn’t sent to Google, or any app for that matter, that’s how the API works



Proton explicitly enabled keeping 2 free accounts on the mobile apps quite some time ago, probably more than a year, so they’re cool with you having 2 like that.

If you get more, you’ll be hampered at the application level, but, unless it’s like a load of accounts for spam purposes, having just a handful shouldn’t get you banned, I believe



Honestly if you don’t want to think too much about it, go with Briar, it’s way more battle tested, while Berty seems like it hasn’t seen much adoption since it’s younger, both have a bit of development activity I saw, so I can’t say if one is more or less maintained than the other

As for the actual question of gauging which has the better cryptographical implementation, I don’t know either, beside the most surface level information I know very little.
I believe if you want to look into it, you’ll have to start from their whitepapers


Besides the already mentioned Briar, there’s Berty, can’t speak to its quality since I never used it, but I always found the project neat in and of itself


That’s really good!
Some daily Google hate here is healthy and welcome XD


Besides the files that are easy enough to move over, for app data there really is no other choice than to either haves ones that support their own export/import functionality or if you’re not lucky enough to have eliminated the apps that don’t have it and need their data you can only go back to papa Google and ask to politely get all your stuff for restoration on the new phone.
Takeaways:

  1. If you care more about salvaging data than privacy, use a Google account on your phones, otherwise, if you still value privacy but not so much security, root a phone as soon as you get it (not always possible or desirable) so you can use other backup solutions that require root access.
  2. Prefer installing apps that have an embedded backup functionality so you can be sure it’s always possible to get the data out regardless of what you did about point 1
  3. (Bonus) Ask for said backup functionality to be added to apps you’d like to use with a feature request on the app’s repo when it’s open source, I’ve been doing that for the past year or so and I saw that quite a few have gone and implemented it, love these dudes :)
  4. (super extra bonus) Fuck Google for artificially preventing a full backup solution that doesn’t rely on their cloud being involved



I’ve been using LinkedIn with addy.io’s aliases a couple years without issue, I can’t say if that somehow makes your profile less promoted, I can only say that I’ve been receiving a few proposals here and there, don’t have a lot of experience, so I think it’s reasonable I don’t get swamped in them.
To be fair though, the real privacy concern is all the information you have to share about yourself and that can’t be avoided, regardless of the platform, you have to give details about you because that’s the entire reason you would be on such a platform to begin with, to make yourself known.
What you can do is leave out all the details you’re not comfortable sharing publicly and instead wait for recruiters to eventually ask you for those themselves, so you know that it only goes with one party that you have interacted with and can “trust”, rather than the wider internet.

As for the email spam, there are a LOT of bs emails you receive by default from LinkedIn, but you can disable them, it took a while for me to figure out which is which because they have so many settings, but now I managed to have only what I care about, which is pretty much requests for connection and messages.
Also you don’t have to install their mobile app even if they bug you about it, you can get by with the mobile PWA and if you want to do any Easy Apply job applications, you can just temporarily switch to desktop mode



You mean unrestricted battery usage? If so, I don’t exactly understand how it differs from keeping the unifiedpush integration off and relying on the app, does it make it so that it’s only “ready” to be triggered by ntfy when it would otherwise poll the server on its own very frequently (so you end up actually saving some battery)?


Spot on response!
Just a note: in my experience Mercurygram with ntfy is terribly unreliable, with notifications coming in days later, so I personally ended up enabling its background service anyways, it doesn’t look like it’s taking up much battery at least



Piped always does, it’s the way it works. Invidious is not always like that, at least if what is said in this issue is still true, it depends on the instance


I feel like most have misunderstood the point of the question, they offer to use newpipe, yt-dlp and the like, but those aren’t private, they just allow you to watch without signing in, just as you could through the official website with maybe uBlock origin, you’re still exposing your IP.
The only fitting suggestion I saw is that of downloading from invidious through yt-dlp, which sounds pretty neat, I had no idea you could when the web frontend is apparently not working


someone compared Chromium and Firefox without any real conclusion

Are we talking about mobile or desktop? Because, as of now, Chromium is still winning on mobile





Yeah, I’m not doing that either yet, I’m using it for a few things and can’t really replace it


I wish all
privacy advocates
a very pleasant
degoogling


For the most surface level concerns like risking them accessing any app on your phone, you can enable app lock on those that support it. Usually the most sensitive do: WhatsApp, Signal, banking apps and others.
If they don’t, take advantage of the private space which locks apps until you unlock, and you can relock whenever you want


Wow, I didn’t know the Git host is providing documentaries too now, sweet 😋


Sorry, I wasn’t saying it wasn’t, I just found it funny, I do trust you know what you’re talking about, had no reason to doubt you



That’s really cool! And yeah the bootloader locking checks out with into from other guides.
That unbricking talk flies over my head on the other hand, it sounds like one of those fake tech speaks to my uncultured self lol


How did you install Graphene in the first place?


Still personally I’ve had very very few ones breaking, but I guess it depends on our browsing habits what we use the most. A report broken site function exists on desktop, but I think it’s still missing from mobile


Those 2 might very well cause issues sometimes, you should try and fiddle around with their settings on the websites that complain, or outright whitelist them if nothing works and you want to use them, other times it really is the browser or even more often an artificial check of the user agent string (dick move on the dev’s side), so if you spoof a Chromium browser it’ll start working right away


Most? Are you sure you didn’t install some extensions that break your browsing?


You’re pretty right, it’s not as good an experience as it could be

After account creation no way to delete it

You should be able to delete it through LBRY: https://lbry.com/faq/how-to-remove-account (but the process is still manual, which sucks

(btw, what’s the deal with the long nose emoji? lol)