Google will now require developers to get 20 testers and developers will have to "test" their apps for two weeks before launching into public testing or production.
Sorry but where am I, an indie dev who just publishes my small pet projects, supposed to get 20 testers?
It's almost a school class, is a lot of people to get and sign up for your testing. I'm expecting for services to fake these testers to pop up.
DON'T use username.t.me links. They are UNSAFE. Your ISP can see what handles you interact with this way. Always use t.me/username links instead.
Technical explanation: with current web protocols, the domain part of your request is unencrypted (you either use plain-text DNS instead of DoH/DoT, or your browser and the website doesn't support Encrypted Client Hello. ECH still has low adoption). Having a username in the path instead of subdomain puts it into the encrypted part of the request.
YouTube you absolute monster, you show me seal videos in recommended, and I do love watching them, but I shouldn't be watching them, and pressing "Not interested" on them feels so rude because I love them.
Telegram Demands All Bot Developers to Sell Paid Features Using Its New Currency
Telegram is sending out messages to bot developers, requiring them to start accepting payments for digital goods only through Telegram API in "Stars" currency. They explain this decision was made due to pressure from Apple.
Worst part that has nothing to do with Apple — all payouts will be done in TON cryptocurrency. And some other iffy decisions.
It's kind of frustrating that .xyz gets abused so much for spam and stuff. I'm afraid of one of my domains for email just getting sent to spam solely because of its tld. I already can't use it on Steam.
Google is pushing AI so hard they'd rename Google I/O to Google A/I.
Yeahhh, you're right, I'm giving them ideas.
But look, from this class name in Google Pixel, it seems like they get paid for every use of "AI":
com.google.android.apps.miphone.aiai.app.wallpapereffects.AiAiWallpaperEffectsGenerationService
Lmao, this was the worst Google I/O ever, every single thing announced is about AI and not a single feature is in general availability today: either private beta or "available later this year".
You have two WPA3 APs which share a password but have different SSIDs. You as the user know that one of them is not secure somehow. You might also have a VPN configured to disable automatically only on the secure SSID.
An attacker creates an AP near, with the secure SSID, and relays your connection to the insecure one. The client device will show secure SSID but connection security will be degraded, and VPN will disengage.
Not sure how many networks would actually rely on SSID or would have two WPA3 APs with different SSIDs one of which is vulnerable somehow. Sounds a bit exotic.
But authors show one good case with eduroam, where they make university devices from Campus A connect to spoofed APs relaying to less secure devices in Campus B. Client devices still think they are connected to Campus A and disengage VPN.
And there an attacker can theoretically MITM into plain text traffic. Because it's time to go TLS.
Signal is an unfeasible alternative to Telegram or any other cloud based messenger while it remains all local storage-only. Do you really want to be forced to keep all the furry stickers people use etc. in your constrained local storage you can't expand easily?
@sneexy yeah, that's kinda the point, that I don't want to remove my old conversations in favor of e2ee. I don't talk about anything so confidential all the time (or at all) that I wouldn't want the service provider to see the contents.
If E2EE is a must, Signal could come with some sort of personal cloud solution tho, that would allow Signal to store large amounts of data encrypted in a cloud or a NAS you point it to and it would pull data partially on demand.
@sneexy automatic chat backups is not the same as pulling data from cloud partially, backup still forces you to keep a full image of your chat data locally, it seems.
Also in my experience, backups just fail silently in the background sometimes and you learn that you lost your chats only post factum. That wasn't with Signal I believe tho, just a bad experience.
Of course you two idiots have no clue about your competitors, the fact Signal was initially funded by a US gov open fund is common knowledge for anyone who mindfully considered encrypted messaging and googled about it at least once
