Good post, even if dated, things are still very relevant.

MS is still using BOMs and UCS-2 for most things (including queries and strings in SQL Server!), Java uses UCS-2 for strings in memory. Rust uses UTF-8 as the main string type and can convert them to 32bit Unicode code points and back.

I sometimes get CP-1252 encoded events from Windows 2019 Server that I have to convert to UTF-8 before storing in logs DB! I also have lots of old emails encoded in who knows what sequence of encodings.

Plan 9 is all UTF-8 as it is where it was first created/used. Most FLOSS is now using UTF-8 by default or is compatible.

Also same as with HTML the email body can contain encoding header, make sure it is sent before Subject header or things may not render correctly.

A: No, the companies are.

Yes, I and hope the “the day of the Linux desktop” never comes due to this :D Well, you can see what happens where this two does not hold with Linux, just looks at Android and ChromeOS. Would the community jump on the mitigations/sandboxing side of things same way Google did?

Linux is secure thanks to they way it is used and developed. If you change the way it is used the whole security model changes and it would not be as secure as for example Android in the same use cases.

Yeah, would be nice to have some of the mitigations in Linux but in practice these are not needed when you don’t run malware on your system by default and keep the attack surface small. And if you do run malware or have the system full of crazy bloat (just look at the MSHTML exploit) then no amount of sandboxing or hardening is going to help you.

[ytdl_hook] ERROR: Video unavailable
[ytdl_hook] This video contains content from Current TV LLC, who has blocked it in your country on copyright grounds.

heh

Well, they had 10 0-days this year already…

I love how they claim the web to themselves: "an increase in these checks would result in a slower web. "

When you start naming you security oriented data structures “MiraclePtr” hahahahaha… what is next a PrayerPtr, BlessingPtr and then the ArmagedonPtr? :D “Friends at Mozilla” realised that C++ is unfixable a decade ago…

Google pushes to get web apps to be able to get parity with native apps (auto-away in XMPP clients circa 15 years ago?). This will inevitably lead to more security and privacy issues. Google has to do it though as they work they way to get Microsoft down to a role of web browser host where Google owns the web - you don’t need native app any more if you can just use stuff in your browser the same way. So expect more stuff like this…

I use it on my work PC and on VPSes. You can deeply understand the boot process in just few hours of reading the man pages, scripts and even the source code of runit (there is not much of it!) which is very empowering for an advanced user/admin. XBPS is very fast and lean, making your own packages is easy and the templates for that are clean, the process is well documented. Updates are safe to run and having it rolling means that you can avoid doing large migrations; software is fresh and security updates are prompt. People on IRC are helpful and nice. For documentation the basics are on the website, everything else is already documented on Gentoo and Arch wikis anyway. So if you have some skills and want to be in control of your own computing experience there is no better distro than Void Linux IMHO.

Apparently this is how Google Chromecast was supposed to pair with your phone. Also how ads on TV or radio can be tracked from an app.

https://arstechnica.com/gadgets/2014/06/chromecast-will-talk-to-smartphones-using-ultrasonic-tones/

Nice :)

– Upvoted from my Void Linux

Have a look at https://www.lyx.org/ for inspiration. It is a content editor with LaTeX for doing the styling and rendering. It is quite complicated and you need to learn some LaTeX if you want to use it to full potential. But if you have to write a research doc or a thesis there is no better tool IMHO.

Yeah, I would say it only makes sense to use a trusted VPN after you did all you could to protect from tracking on your devices. Mullvad did some work on using TPM to create cryptographic prove on what is running on their servers… so there may be a way to have extra transparency on the VPN providers but we are not yet there. So using VPN moves your trust from ISP to the VPN provider. It will also make some sites/services to block you or require extra validation.

Also nobody learned anything from NSO Group/Pegasus apparently… sad.

You would have to be an idiot to use cloud services for such “material”. This is not a move to “save the children” but some political action on part of Apple. Nobody by now should have an illusion that any for-profit company will keep their data safe and private.

Hahaha this is getting ridiculous :D But you got to keep your virtual economy going I guess… Meanwhile China is getting their real economy strong, not sure on what side of conflict I would rather be if it comes to that.

I have been using Void for few years now. For me the best thing is that you can learn how startup/services work and how to build your own packages in just few days. This makes me feel very much in control of the system.

We are doomed in so many ways that it is not funny any more :/

Finally some progress on this front.

Any form of surveillance used by any government will be used primarily for political reasons, against non-criminals. There is no such thing as Good Spyware.

it works! :)