amelia

@N104AP 0

im curious, how much do my followers pay in subscriptions

@oops4041555 WAIT YOURE NATHUDGENS???? how the fuck did i not know what lore did i miss lmao why r u on this acc actually what happen

Noted by WHO???

@saraaa7447 wait did u take the ppc out of it

@Nyameliaaaa pre-unibody macbook pro :D

welcome back PowerBook G4 keyboard

@bunnyluvr__ @SapphoSys

this is groundbreaking knowledge. bunny painting.

"Play Integrity" is nothing but a tool used by Google to limit freedom of users & adoption of competitors. It provides no security benefits, and in fact makes security worse by limiting the usage of applications to proven less-secure operating systems.

@meowkoteeq bitch wtf wdym

glad the "p*ppygirl" "era" is dying down

Apple and Google are gradually expanding their use of hardware-based attestation. They're convincing a growing number of services to adopt it. Google's Play Integrity API and Apple's App Attest API are very similar. Apple brought it to the web via Privacy Pass, which Google intends on doing too. Google's Play Integrity API requires hardware attestation for the strong integrity level and is gradually phasing in requiring it for the more commonly used device integrity level. Apple already has it as a requirement. Over the long term, this will increasingly lock out hardware and OS competition. The purpose of these systems is disallowing people from using hardware and software not approved by Apple or Google. This is wrongly presented as being a security feature. Banks and government services are the main ones adopting it but Apple and Google are encouraging every service to use it. Apple's Privacy Pass brought hardware attestation to the web to help with passing captchas on their own hardware. Many people saw that as harmless since few sites would be willing to lock out non-Apple-hardware users. Apple and Google are both likely to bring broader hardware attestation to the web. Google's reCAPTCHA is planning an approach where they use Privacy Pass on Apple hardware, their own approach on Google Mobile Services Android devices and a QR code scanning system to require an iOS or Google certified Android device for Windows and other systems: support.google.com/recaptcha/answ… Banking and government services increasingly require using a mobile app where they can use attestation to force using an Apple or Google approved device and OS. Apple's privacy pass, Google's 'cancelled' Web Environment Integrity and now reCAPTCHA Mobile Verification are bringing this to the web. Current media coverage for reCAPTCHA Mobile Verification misunderstands it and the impact of it. They're bringing a hardware attestation requirement to Windows, desktop Linux, OpenBSD, etc. by requiring a QR scan from a certified smartphone to pass reCAPTCHA in some cases. They could expand it more. Control over reCAPTCHA puts Google in a position where they can require having either iOS or a certified Android device to use an enormous amount of the web. Google defines certification requirements for Android which includes forcing bundling Google Chrome, etc. It's enormously anti-competitive. Google's Play Integrity API bans using GrapheneOS despite it being far more secure than anything they permit. It also bans using any other alternative. This isn't somehow specific to an AOSP-based OS. You can't avoid this by using a mobile OS based on FreeBSD instead. You'll just be more locked out. Google's Play Integrity API permits devices with no security patches for 10 years. The device integrity level can be bypassed via spoofing but they can detect it quite well and block it once it starts being done at scale. The strong integrity level requires leaked keys from TEEs/SEs to bypass it. It doesn't provide a useful security feature, but it does lock out competition very well. Services requiring Apple App Attest or Google Play Integrity are primarily helping to lock in Apple and Google having a duopoly for mobile devices. Play Integrity is more relevant due to AOSP being open source. Governments are increasingly mandating using Apple's App Attest and Google's Play Integrity for not only their own services but also commercial services. The EU is leading the charge of making these requirements for digital payments, ID, age verification, etc. Many EU government apps require them. Instead of governments stopping Apple and Google from engaging in egregiously anti-competitive behavior, they're directly participating in locking out competition via their own services. Requiring people to have an Apple device or Google-certified Android device is anti-competition, not security. reCAPTCHA Mobile Verification will currently work with sandboxed Google Play on GrapheneOS but it clearly exists to provide a way for them to start using hardware attestation on systems without it. People without an iOS or Android device will be locked out when this is required even without that. This isn't about security or any missing functionality. GrapheneOS can be verified via hardware attestation. Google bans using GrapheneOS for Play Integrity because we don't license Google Mobile Services and conform to anti-competitive rules already found to be illegal in South Korea and elsewhere. Services shouldn't ban people from using arbitrary hardware and operating systems in the first place. Google's security excuse is clearly bogus when they permit devices with no patches for 10 years but not a much more secure OS. It's for enforcing their monopolies via GMS licensing, that's all.

do people still like Use Bluesky or is it mostly just people cross posting from here

@SapphoSys all im missing is just content and the domain and ill be complete for a bit LMAO

@SapphoSys no like im working on my website and im so close to finishing it and omg im so excited lmao ill send u it when its done

give me your rss feeds :)

@isabelrosesss me who just. puts exports their ssh and gpg keys into bitwarden and calls it a day

At a time of 2 local privilege escalation vulnerabilities I find a good time to finally get my thoughts on nixos and secrets out. I would summarise it with the following words: PLEASE DO NOT PUT SECRETS IN THE NIX STORE. IT IS WORLD-READABLE. isabelroses.com/blog/nixos-and…

@luciascarlet @oohweehuman no. its vista the uac icon is multicolor not yellow/blue

@oohweehuman you can tell that’s the version in 7 though because it has the fat window buttons and blurrier reflection texture like why didn’t they fix it it’s not like this was old enough to be technical debt Surely

why were Microsoft just roasting themselves in the Windows 7 UI guidelines

@noinconsistency what even is fun abt pnpm

the most torturous part of work after having to use java is having to use npm instead of pnpm or wtv 🥀

@saraaa7447 @brighterdayzs maam your peak is on fire

@brighterdayzs god forbid the people buy peak

buying a mac just for it to be an intel….

@witchof0x20 whats the 4.7 then

Because its family name comes before a more specific name, Claude Opus 4.7 is actually Japanese. In english, its name is Opus Claude 4.7.

@iniemohk go to kazakhstan and meet @SapphoSys /j

My sis is desperate to go to a place that has snow cause she wants to experience it so we listed the visa free/easy visa options and only choices we got are: Mongolia Kazakhstan Uzbekistan Ukraine Nepal Armenia Kyrgyzstan Tajikistan Peru Bolivia She's not gonna like this lmao

@ImLunaHey ill dm u mine lol its not finished :P

need some new sites to look at, what's everyone building?

@ImLunaHey cnet.com/tech/tech-indu… yes

@Nyameliaaaa oh?

tempted to finally ditch firefox for brave..