Selfhosted services like Nextcloud/Immich aren’t nearly as dependent on a critical user mass like Discord/Matrix, but the principle is the same.

If you host for family or friends, they may even use it if you convince them to switch. But when the setup, which doesn’t consist of redundant instances and isn’t maintained by a small army of SysAdmins 24/7, inevitably breaks for longer than a few minutes, most will switch back to the easy, reliable option.

I’d love to be able to disagree in any of your points, but I can’t.

The vast majority of users want something that simply works, is polished and intuitively usable. Reading docs, remembering anything other than the bare minimum, running into issues that don’t get magically resolved within 5 minutes will turn them away forever.

Even people with a technical background will at least partially compromise and migrate towards the services with the most users to not isolate themselfs.

Matrix is neat, Lemmy is neat, Nextcloud is neat (well, in theory), Immich is neat, so many other privacy friendly solutions are neat. But they’ll always be irrelevant in the global context.

Signal and DeltaChat, as well as Simplex and some others e2e communication solutions, are adequate from a technical point of view.

The main issue is always adoption. You can have the most convenient way to safely communicate with people, it’ll be useless if nobody you’re talking to wants to use it.

So, since Signal is very easy to set up and use as well as the most adopted, it’s currently the best pick for regular conversations.

Telcos know that authentication is about the only remaining use case for SMS and are not going to turn down the revenue stream.

And it can’t die fast enough, as it’s essentially the same as broadcasting your sensitive information over unencrypted radio.

Apart from security, phone number based user identification is such a half-assed approach and I still don’t get why Signal wants to die on that hill. It’s inconvenient, yet trivial, for anyone to register a second, third or tenth phone number. With a bit more knowledge and inconvenience, even anonymously. It adds so little.

Their issue tracker is probably the best bet.

I never use dubious sources like this, especially banking apps.

Oh yeah, it’s usually a very bad idea, especially regarding apps handling sensitive information. Since my use case for APKMirror strictly consists of apps without internet permission in a dedicated, otherwise empty profile, the risk is acceptable.

open from a direct link from the Play store (in which the app page opens, however, with almost no information, such as version, permissions, size and so on, and the download doesn’t start.

Tested this myself, as that used to be the workaround for apps not appearing, but I’m facing the same issue on some apps. For the time being, installing/updating manually via APKMirror isn’t ideal, but I’m not installing the Play Store.

Steganography is a (fascinating) bitch. There are a lot of ways to hide a message in an image which is very resilient to manipulations like resizing, compression or even the loss of information by actually filming a screen versus taking a screen capture.

If you adjust your approach to not rely on a single picture to reliably convey a short message, but part it out over tens or hundreds of frames in a video, it’s basically impossible to make sure that the message was erased without knowing the algorithms used or rendering the video unwatchable.

It’s an awesome field and nothing new.

What? So your advice for improving privacy is to not use a VPN, because the provider may log stuff and instead keep accessing stuff directly through your ISP who will log everything you do and simply use DNS over HTTPS/TLS, which does pretty much nothing for your privacy since your ISP still sees the servers you connect to?

That’s terrible advice.

Mullvad certifiably doesn’t log. Their VPN infrastructure even transitioned to RAM-only a few months back. They’ve been raided by the police and nothing was confiscated because there was nothing to confiscate. Obviously they have a list of registered accounts and payments, but without any connection to - well, connections.

I get what you mean though and mostly agree: There are only a few providers I trust enough to shift said trust from the ISP to them.

As mentioned in the comment you replied to: Yes, trusting a third party is a compromise. But you are also trusting a third party when renting a server for a private VPN endpoint, as well. A third party provider with probably a lot more logging going on than a trusted service such as Mullvad. While being way more exposed.

Since TOR isn’t feasible for most users 24/7, trusted commercial VPNs are the next best thing when the alternative is your ISP logging everything you do.

This is something I’ve not understood yet. If you rent a server somewhere to use as a private VPN endpoint, your clear IP will be pretty much the only one connecting to the server. Correlating your traffic and your clear IP to your masked IP is easy for sufficiently motivated, able actors.

Meanwhile, the main benefit of a shared VPN such as Mullvad is that many users simultaneously use the same endpoint, making it much harder to identify the user (taking only IP and traffic into account), provided they don’t log your traffic.

So while having control over your endpoint is nice, how does that actually contribute anything meaningful to your privacy?

Yikes. This has the potential to seriously damage the reputation of Mozilla. I guess there are 3 possibilities:

• Onerep isn’t actually shady, but partnering with a company part of a conglomerate with companies directly opposing the stated goal isn’t a good look either way
• Onerep is shady and Mozilla failed to conduct the necessary research before partnering with them
• Onerep is shady and Mozilla knew

In any case: Personally, I’ll never not be grateful towards Mozilla for continuing to support and develop Firefox, which is quite literally the only relevant engine standing against the monopoly of chromium and all the bad that entails. But I trust other companies/initiatives/projects more when it comes to services other than the browser engine.

Very interesting read, thank you!

I (self)host a lot of stuff as well as developing and deploying some of my software via docker containers and dabbled in Full-Stack territory quite a few times.

Exposing stuff to the internet still scares the shit out of me. Debugging sucks. There’s so much that can go wrong, every layer multiplicates the possibilities of stuff that can wrong or behave in a way not expected. Your journey describes the pain of debugging perfectly. Yeah, in hindsight, it’s often something that probably should have been checked first. But that’s hindsight for you.

And that’s not even accounting for staying ahead of the game while securing your 24/7 publicly accessible service, running on ever-changing software, with infrastructural requirements you basically have no control over. In your spare time.

Hosting something for yourself can be a lot of fun, hosting something for other, potentially many thousand, people makes you kind of responsible. That can be rewarding and fun at times as well, but is also a prime source for headaches.

Deploying stuff is the easy part, knowing what to do when stuff inevitably breaks is where it is at. Therefore, IMHO, it’s probably a good thing that most Lemmy admins at least know where to ask/start when shit hits the fan. This unfortunately leads to more centralization, but for good reasons: teams of volunteers taking care of fewer instances will almost always lead to a better experience than a lot of lone wolfs curating a lot of small instances. Improving scalability, monitoring and documentation is always nice, but will never replace a capable admin such as yourself.

43% of Linux Gamers are Steam Deck users, most popular Nvidia GPU for linux (steam) gamers still is the 1060 while the most popular Desktop GPU still is the AMD RX 480.

That makes a lot of sense, at least from a subjective point of view. Cheers!

Same, but that’s not the same as calling all other products mediocre.

Plus all those Steam Deck rivals are creating mediocre products

While I hugely appreciate what Valve has done for Linux Gaming with Proton and the popularity of the Steam Deck, there are excellent Steam Deck rivals out there. Could you clarify what you mean by mediocre?

Oh boy, that is one spicy topic. You could start here.

In short: The lead dev (who stepped down, but may be back again?) is involved in some controversy.

While I can fully understand why somebody wouldn’t trust the OS based on that, it’s still the most secure and private OS available today IMHO.

Some sort of user-controllable merging of community views would honestly alleviate most of this:

Adding something like user-specific topics, e.g. allowing the user to consolidate all posts from instanceA.communityA and instanceB.communityA and even instanceA.communityB into a custom community view shouldn’t be all that difficult to implement (he stated naively, having never looked at the codebase).

A great addition would also be to allow the merging of posts, e.g. show all comments of all threads under one post where the post URL matches and/or the title matches.

This isn’t exact, since multiple communities can discuss the same topic from completely opposite viewpoints, but at least allowing the user to consolidate stuff and control it would be huge.

I know that it’s a core design feature of Lemmy and the underlying federation, but it’s pretty annoying that multiple communities with the same name can exist on different instances while not necessarily following the same ruleset or even purpose.

The small user base gets even more fractured that way, a lot of posts get reposted to multiple instances as well.

So you either:

• subscribe to one or two communities and miss a lot of potentially interesting conversations
• subscribe to more communities and get flooded with reposts and potentially stuff you don’t want to see due to a different ruleset

As long as you don’t use some shady, unofficial ROM on a phone, most phones are actually vastly more secure than your typical Linux/Windows OS.