HackerLangs
TopNewTrendsCommentsPastAskShowJobs

kuschku

12,556 karmajoined 13 lat temu
[matrix] developer, previously at Element, now doing matrix consulting. Current developer of Quasseldroid IRC.

Hobbyist videographer. Volunteering as video/broadcast engineer at CCC events.

https://github.com/justJanne

comments

kuschku
·3 dni temu·discuss
> Tell me, where does my Jewish German heritage fit in to Germany as an ethnicity? For some reason they didn’t feel very German when they left despite meeting all the qualifications…

That's a good point, and personally one of the reasons I disagree with the ethnic definition of "nation".

The other reason are of course the frisian, danish, sorbian, etc and many other similar minorities that have historically lived in the region of modern Germany.

I think the french definition (which defines the nation almost entirely around the language, not ethnicity or origin) is a much more interesting and useful one. Language determines who you can talk to, and what media you can read or watch.
kuschku
·3 dni temu·discuss
That's an interesting question. Personally, I'd say the north of Germany has more in common with Danish and Dutch people than with Bavarians (who in turn have more in common with the Austrians than with us).
kuschku
·3 dni temu·discuss
> A nation state, or nation-state, is a political entity in which the state (a centralized political organization ruling over a population within a territory) and the nation (a community based on a common identity) are congruent.

See also: https://en.wikipedia.org/wiki/Nation_state

The traditional view taught in history books is as follows:

> Before the french revolution, states extended as far as their kings' military power allowed them to, and the king derived his claim to power from god.

> After the french revolution, states formed around the concept of a common shared ethnicity, language, and culture (nation), with the claim to power deriving from the people.

> This shared national identity was instrumental to the unification of many separate kingdoms into the German confederation.

EDIT: That view is not necessarily correct (see the comments below), but it is what most people will have learnt in school
kuschku
·3 dni temu·discuss
Germany treats permanent residency much more like a "citizenship lite", e.g., if you are a permanent resident[1] any newborn children will automatically be German citizens (even though Germany has no jus soli).

________________________

Footnotes:

[1]: As long as at least one parent is a permanent resident and has in Germany for at least 5 years (the same duration that's usually required to become a permanent resident anyway)
kuschku
·8 dni temu·discuss
Even in your flawed analogy, I can stop at any time and adjust my wheels. Without losing the contents of my trunk.
kuschku
·8 dni temu·discuss
So let me get this straight.

An app developer getting access to send my files to a random server somewhere? That's just a simple permission prompt, no unlock needed.

But me getting access to my own files? That's an absolute no-go. Even with adb and unlock, absolutely impossible

Seriously, you need to explain the difference. Because I don't see how apps being a one-way street (they can access my data, but I can't access theirs) is in any way reasonable.
kuschku
·8 dni temu·discuss
> You would install your own build of GrapheneOS. Not the official images.

Awesome, so you're advising against installing GrapheneOS for anyone that wants control over their own data.

Sorry for twisting the words slightly, but that's the essence of the issue here, isn't it?

> Its not advisable to run anything as root, at all. Or expose access to it in any form.

And then you advise for exposing access to it in pretty much the same form I asked for before.

It'd be funny if it wasn't so exhausting.

Regarding the security model: So adjust the security model.

Any access that an app can have, should also be available to the user. Importantly, they should be able to access and modify any data.

The system documents/files app already has special permissions for that, there's no reason why it shouldn't have access to all files (accessible through the same unlock system as e.g. the security settings)
kuschku
·8 dni temu·discuss
> Your paths forward are a false dichotomy. These are not the only 2 options. You can simply update your build with the changes you want.

Okay, so once I install grapheneOS, how do I update it with my own custom build while keeping my data intact?

> You dont have the ability to guarantee you have overridden anything. The integrity of the OS cannot be verified and anything with root can lie to you that it was revoked. It does not put power in your hands.

You haven't read anything of what I've written, it's incredible.

You're continuing to use the term "root" to mean granting full power to random apps.

I'm using the term "root" in Linux terminology.

It's not advisable to run random software as root, no matter what platform you are on.

But the OS' native file explorer and shell, in this case com.android.documentsui/com.android.files and adb, should allow the user to authorize themselves as root and read/write to any file.
kuschku
·8 dni temu·discuss
Absolutely! Even if they require (like with bootloader unlock) adb and screen unlock for access.

That'd still allow you to free your data.

Ideally though the native filemanager should just have a sudo mode that can be entered to access everything, if desired.
kuschku
·8 dni temu·discuss
If I hand my windows laptop to someone, they can also install a keylogger.

But no one said we have to copy that flawed concept. macOS and Linux already have a good solution, requiring your full unlock password in a privileged dialog to authorize changes.

It's ridiculous that changing the settings on my device is protected 10× more than transferring all my money to a random person.
kuschku
·8 dni temu·discuss
Being an administrator is being root. That's the entire point. That whatever restrictions an app has set, I can override it if I need to.

> You can build and sign the OS with your own keys, without undermining the security of your device, and adding whatever functionality you want with the principle of least privilege.

Building a version of the OS and flashing that removes everything currently on the device.

So if I ever need to overrule a restriction an app has set, I must have already granted myself the power to do so ahead of time.

Which means there are only two viable paths forward:

1. If I assume that software is perfect, and I will never need to overrule a restriction software sets, I can use stock Android or Graphene OS

2. If I assume that at some point in the future I might someday need to overrule any restriction, I must grant myself root permissions from the start.

Also, I don't need to grant root permissions to random apps.

All that's needed is for the adb and the native file manager to be able to enter sudo mode and read any file, so that in worst case I can always pull all data off the device, and flash a version of the OS with my changes instead.

If we want to go one step further, and want to apply the practical definition of the FSF rights of free software, you should also be able to replace any file using the builtin file manager in sudo mode.
kuschku
·8 dni temu·discuss
I just don't get why we need to argue about something — the right to general purpose computing — which has been answered decades ago?

The user must be the administrator of their own device. Whether that's a laptop, desktop, PDA, mp3-player, smartphone, tablet, cyberdeck, netbook, or any other kind of computing device.

The user must be able to overrule any and all decisions. That's the definition of ownership.

Like, this was the reason why GNU was founded, and before that was the plot of the movie TRON.
kuschku
·9 dni temu·discuss
> There's a reason why they exploit malware to steal money, rather than asking their victims to send them crypto directly.

The vast majority of scams literally work by them asking their victims to buy cryptocurrency or gift cards directly. Malware is exceedingly rare.

You know what would really help against scams? Avoid putting people in situations where they need to decide right now or they'll face punishment.

Modern society has created far too many situations where people need to react without being able to think through the consequences.

The only reason scams work is because there are enough actual situations with unnecessary life-or-death decisions.
kuschku
·9 dni temu·discuss
"extremely reduced security"

That's such a fun statement.

Any security measures taken always remove agency from one person and give it to another.

iOS takes my control away, and in turn gives that control to Apple. GrapheneOS takes my control away and gives that to the GrapheneOS developers.

The "security" you're talking about doesn't prevent certain data from being accessed, it just changes who controls the access.

If the user cannot be trusted with their own data, then there is no solution anyway. They'll just tell their private data to a scammer on the phone instead.

There is no solution against a user that wants to give their own data away, but if you try to prevent that, the only thing you'll accomplish is destroying general purpose computing.
kuschku
·9 dni temu·discuss
Recaptcha already requires a Google-certified Android device today. That does heavily restrict what websites a browser can access.
kuschku
·9 dni temu·discuss
> Ubuntu/RedHat

That still wouldn't affect projects like Debian or Arch, but going even further, they can't push through updates anyway. Nothing forces me to install updates, it's an active choice to do so.
kuschku
·9 dni temu·discuss
So it doesn't actually do anything to give control of the device back to the user?

One of the core tenets of truly free software is that I as user must be able to run, access, edit, and view everything.
kuschku
·10 dni temu·discuss
Considering this is tracking, processing, and transmitting data, and algorithmically making decisions about users, why doesn't this show up in their privacy policy, nor in their GDPR exports?

Sounds like a very expensive lawsuit waiting to happen (GDPR allows fining up to 4% of global revenue, not profits)
kuschku
·16 dni temu·discuss
Yes, there's a difference. But the question is whether that difference actually matters in practice.

If you're a startup, you won't be making a profit anyway.

Once you make a profit, 25k€ on the books (not necessarily cash) isn't a lot, especially as it doesn't have to remain in the company, you can use it to pay wages once converted to a GmbH.

In the end, this is a question about whether you need something to be exactly the same for some ideological reason, or whether it's enough that two things are practically the same for all intents and purposes.

And while in this case the German system requires a codified workarounds, in many other cases the US/UK/Commonwealth systems use significantly more complicated workarounds than the German system.
kuschku
·17 dni temu·discuss
Even then you'd usually go with a Person -> Holding UG -> Startup UG structure. That's a few hours and less than a thousand Euros.