Show newer

Ever since I got my Google Pixel, I've been using my DSLR less often. Don't get me wrong: a DSLR is still hands down the best when it comes to creativity. But the Pixels takes such nice shots, even at night with Night Sight.

"The best camera is the one you have with you".

Haibane Renmei (Ailes Grises) rejoint le club des animés qui m'ont marqué.

Un animé très fort en symboliques qui aborde des thématiques importantes de la vie, tout en transmettant un sentiment de mélancolie qui en est presque enivrant.

Un article que j'aurais aimé ne pas faire et qui vulgarise les nouveaux mécanismes de détection CSAM mis en place par Apple, tout en restant un poil technique.

Around 70% of security bugs from C/C++ are memory bugs. While a subset of modern C++ can be relatively safe with enough efforts, it's still a good time to look at Rust. Or ask yourself if you really need the complexity of a low-level language?

Compared to C, Rust is much easier to audit. Once your code compile, your code is free of memory bugs. It's not exempt from other "logic" bugs, but it helps to write more sane code too. Still, you shouldn't necessarily write everything in it.

In case you didn't know PGP is that old swiss-knife from the 90s no one with some background in modern cryptography would touch.

Use Signal for secure messaging. Use Signify to sign stuff. Look into Age for encrypting files.

Sur AOSP, toutes les applications disposent de leur sandbox.

GrapheneOS améliore significativement la sandbox des applications, de différentes façons : avec son allocateur renforcé, son runtime renforcé, des permissions renforcées avec des toggles mis en évidence, des politiques SELinux encore plus restreintes.

Show thread

Et j'ai aussi du mal avec le mouvement "free the sandbox" et les critiques envers le scoped storage.

S'habituer à être productif dans ce paradigme perçu comme plus restreint après des années formaté à utiliser des systèmes hyper-permissifs, ce n'est pas simple : mais c'est la bonne voie pourtant.

Show thread

J'ai donc énormément de mal avec la vague de recommandations qui vise à vous faire acheter des "Linux phones" qui ne sont pas des produits finis, onéreux avec un hardware douteux (et pas nécessairement plus ouvert), et qui fonctionnent sur des distributions traditionnelles.

Show thread

La vie privée sur les OS, ça passe surtout par un modèle de sécurité où chaque application a sa sandbox et son espace de données. On ne peut pas se permettre de "juste faire confiance" dans le comportement d'une app ou espérer qu'elle ne fasse pas exploiter.

Les systèmes traditionnels sont tout sauf privacy-friendly. Peu importe la question de la télémétrie qui détourne de préoccupations majeures.

Want to make sure people understand I'm not trying (and I won't ever) to defend Apple. Just saying client-side CSAM is a bit more nuanced than what people want it to be.

Of course it's bad, and it will affect end users' privacy. Just not the way people may think.

Pixel + GrapheneOS is the superior choice. Don't see why you would choose an iPhone over this (except personal preference), especially with the work being done on sandboxed Play services.

Show thread

If they indeed have plans to make iCloud Photos E2EE, seems like that's the trade-off. What would you prefer: non-E2EE service with scanning done on remote servers, or E2EE service with scanning done prior to upload? Seems like the latter would benefit to most people.

Of course, I'd argue that neither solution is perfect. As for me, I'm still saying away from services I don't have reasons to trust.

Show thread

Sorry the Twitter link but this thread sums up very well what I think about the Apple CSAM situation:

Please don't spread fallacies. I'm not happy about this either, but it's no reason to not carefully examine all considerations.

Pixelbook powered by Google Tensor + Titan M2, running GrapheneOS would be my dream.

But the lack of desktop-grade apps on Android will persist... iPad is great, but it was too great to let the Android tablet ecosystem evolve. It's too bad Android OEMs decided it wasn't worth putting efforts into it.

That's why I'm very critical towards Debian and the like. You can't say "oh I'm cherry-picking/backporting fixes and it'll be enough".

No it's not enough. It doesn't work that well in practice. Keep up with upstream instead. Is it too hard? Then "make it happen" as they say!

Show thread

> Evidence shows that for Linux CVEs, more than 40% had been fixed before the CVE was even assigned, with the average delay being over three months after the fix.

> Some fixes went years without having their security impact recognized. On top of this, product-relevant bugs may not even classify for a CVE.

> Finally, upstream developers aren't actually interested in CVE assignment; they spend their limited time actually fixing bugs.

Show thread
Show older

Just a single-user instance, nothing fancy here. I won't bite, I promise.