For anyone who wants to avoid visiting the dead bird site:
https://web.archive.org/web/20240212054146/https://twitter.com/JoeBiden/status/1756888470599967000
KLISHDFSDF
joined 4 years ago
out of the loop since I've moved to debian and been using flatpak for the last few years, what software are you installing via PPA that isn't generally available via flatpak?
The flatpak version updates in the background, doesn't interrupt if its already running, and is immediately on the latest version the next time you run firefox.
This link goes straight to the video and skips the website for anyone wanting to avoid it.
https://customer-aw5py76sw8wyqzmh.cloudflarestream.com/2463f6d3e06fa29710a337f5f5389fd8/iframe
See my comment here for the amount of data it would take to share updates for 24 hours, it's almost nothing:
if we assume location sharing = latitude + longitude + unix timestamp + a ~10 minute update interval + sane defaults [0], it shouldn't be too straining of a resource. At least I don't imaging it would be. It's basically the "data" required to store the following as a message, "48.858370,2.294481,1707360628" with maybe a special header that indicates it's location sharing data. We're talking less than 340 kilobytes to store/process 10,000 messages. Even if it updated every minute, you're only sending 1,440 "location sharing" messages per day IF you've even set it to share updates for 24 hours.
Scale this to millions of people and it's just a blip in the radar, considering its not enabled by default, turns off after some time. Heck, they could even have the client only send updates if your location has changed significantly. If you're sharing location but your position hasn't changed since last message sent, it could increase the time before it sends an update to further minimize the impact. Just my 2 cents.
I do agree its probably pretty low on their to-do list. Would be nice to have tho. Monthly donor here too, super happy with the app.
[0] With the assumption that it can only be enabled with some timer to auto-disable.
why do those videos look green/off-color? Is there any way to view them properly?
Jack doesn't own bluesky but he is on the board [0] and even working for a public benefit company, is supposed to [1]:
... operate the business with the same authority and behavior as in a traditional corporation
It does go on to state they're required to consider the impact of their decisions not only for shareholders but also employees, customers, community, etc, but there's no mechanism that forces them to do "the right thing". A public benefit company is basically a way to protect decisions made if they were to not align with the concept of "shareholder primacy" [2]. On the other hand, if Bluesky had registered as a certified B Corp [3], that would have more weight to it as they not only have to state their intentions but also provide evidence.
In regards to being federated - are they actually federating with anyone yet? Genuine question, I haven't kept up.
In regards to being open source, it's a good start, but like the Chromium project, the company's needs will drive it forward and the interest of the company will come first, good or bad.
[0] https://en.wikipedia.org/wiki/Bluesky_(social_network)
[1] https://en.wikipedia.org/wiki/Benefit_corporation
[2] https://en.wikipedia.org/wiki/Shareholder_primacy
[3] https://en.wikipedia.org/wiki/B_Corporation_(certification)
Going from one billionaire's platform to another (Twitter/Musk > Bluesky/Dorsey) is not a smart move. There's a vast segment of the population that learns nothing and keeps making the same mistakes.
what Ubuntu and Firefox are up to together is kinda what Microsoft went to court over Internet Explorer for in the 90s.
Can you elaborate on the statement? I'm not connecting the dots.
The part about PFS falls down, for me, when you assume both that keys can be cracked
The argument doesn't hold because its known that keys aren't 100% secure [0]. This is why recommended key algo's and lengths are constantly changing and increasing in size because either they're found to be weak and/or compute has increased to the point where, although it may not be easy, it's still a possibility for someone with enough resources to break. And again, at least on the Signal side, they're left with having to decrypt every single message, where with Session, one key gets you access to everything.
I do agree that disappearing messages should be enabled for maximum security.
[0] See page 54 in this PDF -> nvlpubs.nist.gov for what NIST recommends for key length and specifically note the caveat that:
The security-strength estimates will be significantly affected when quantum computing becomes a practical consideration.
Page 62 further presses the point:
At some time, the security strength provided by an algorithm or key may be reduced or lost completely. For example, the algorithm or key length used may no longer offer adequate security because of improvements in computational capability or cryptanalysis.
bros toes are curling in anger