That app doesn’t work as it needs some play API which I guess is not implemented in microG. I am guessing not all of them are passed though.

My FP3 on /e/OS (based on lineage) has native recording. The phone passes safetynet check, i believe due to microG. However, some apps consider the bootloader unlocked so YMMV.

I am aware, and I am also aware that people are free to think what they want for themselves and I am nobody to judge them. You might think it’s ridiculous, but theirs is the only life affected by this, so they are well within their rights to have all the opinions they have on their life.

Not being aware of any disability is true, but their statement is relative to what they are aware of, not a scientific statement (since it’s a personal opinion), and as I said, you can also approximate to the blanket statement rather than mentioning 100 conditions.

I agree it might be insensitive to bring it up, but neither me nor the person you answered to brought it up, we merely answered to a comment that mentioned this expression.

I really disagree with your reasoning. I think that someone might simply consider any disability a reason not to live, and you are nobody to say that they missed the nuance of different disabilities, or that it’s ridiculous to think you’d rather die than being hard of hearing (which is what I think you implied). I disagree with the blanket statement, but I think your arguments are invalid both from the theoretical standpoint than from the practical one (when x becomes a list of 100 items you might as well use a blanket statement).

Look, if the problem is the expression, I don’t care really for it. English is not my first language, I have no need to say this to anybody really, and I have no problem expressing my thought in another way.

All I care is the semantic and the underlying principle.

So yeah, I won’t stomp my foot to defend my right to express my thought with that sentence (to be honest, not a fan of policing language this way). I will simply defend my right to express the underlying opinion, in whichever way is acceptable.

I see and agree with both points. I definitely keep such choices to a very tight circle (like I gave instructions to my partner and family in what to do should I end up in certain situations - also called biological testament in Italian).

I also mentioned that indeed I would consider certain disabilities a deal breaker for me not to keep living, definitely not all disabilities. I would actually say that there are things that I want to do in life, and if I can’t - for whatever reason - that would be a reason not to live for me. Whether it’s a disability, a material condition, etc. It’s not really relevant - a disability can simply be a proxy not to be able to do something.

For example, I fought tooth and nail to ensure that my grandma would receive the proper care when she had dementia (which is a disabling condition I would say?). I also took care of her directly, and I would do that again a thousand times. However, should I get a similar condition, I let my family know that I would like to be euthanized, I don’t want to live like that.

Finally, this perspective is really really personal, it is bound to my experiences and my idea to the point that it can’t simply apply to anybody else. I would definitely never go to anybody and say “if I were in your shoes I would rather die”, but even if I thought that, this is a meaningless statement for another person. It’s of course extremely rude to say this, so once again, I am saying it for the sake of a theoretical discussion.

Overall for me this is a matter of free will and agency over your own body, it’s in anthithesis with the religious view that considers your body not yours and suffering a noble thing in itself.

Since you added an edit later on: no replacement makes that statement bigoted. If my own morale or ideas bring me to my own evaluation - that applies only to me - that life in a certain condition wouldn’t be worth living, there is nothing bigoted (at least, inherently).

I wouldn’t want to live so many lives that people live. Like an exploited worker in a poor country, a female in a very religious society etc. Ultimately this is a personal decision on your own life and body, nobody else should have a saying on what I want to do with my life at this fundamental level.

The problem (which becomes being ableist, or racist, or sexist) is when this perspectives becomes an ideology that affects society. You can easily support a society that - say - grants equal opportunities to men and women and at the same time think that you wouldn’t want to live as a woman.

Yeah, I completely disagree.

This for me is a position on my own right to determine my life, including ending it if certain conditions are not met. It is a position that affects and will affect a single person only, the one supporting it.

So in a sense it is something closer to assisted suicide and euthanasia in general. “Any disability would make my life not worth living” is different than saying “any disability makes life not worth living”. It’s a completely subjective issue, that can also change over time, and it’s obvious that there are people who completely disagree and have wonderful meaningful lives worth living while being disabled.

People with disabilities have gotten killed for this

Since this is not what I mean, nor advocate, this is in no way on me. The fact that other people with other perspectives act in a different way is not a reason me for to suppress my opinion. I mean no harm to anybody, I support welfare and public healthcare, I support also accessibility in all the different forms because I believe society should provide all tools and conditions possible to anybody to live their lives in the best possible way.

Also, I personally don’t have such a hard-line, I think for my own personal perspective only certain disabilities would be reasons to determine my life is not worth living anymore, but I can accept that for other people the bar can be in a different place.

Can you explain why? Why can’t I choose not to live in case I’d get disabled (in some cases, I would say)?

As long as you are not advocating that disabled people should be killed, and you respect the personal nature of this position, what is the problem?

What’s wrong with “I’d rather die than be disabled”? To me it looks a legitimate personal moral stance.

glasses WILL deteriorate your vision further. It’s 100% with glasses and contacts.

Do you have anything to share on this? I am asking because I remember I specifically asked my eye doctor this question, and he said no. (I asked something like if there is any downside in wearing glasses always vs only when needed e.g., reading, watching TV etc.).

I am also wearing the same glasses for almost 13 years now.

1 in russian is один, I think it’s quite different from one/uno/un (especially since the о is pronounced а). 2 and 3 are instead extremely similar (два три). Does it actually still come from the same root?

While not being competent in this subject, I found it very fascinatinf that ugro-finnic languages (which are not indoeuropean AFAIK) like Finnish or Estonian are so wildly different, so that 1 2 and 3 are üks, kaks, kolm (in Estonian), for example.

They don’t own the T-shirt factory. It is a simple sentence, they used a small Serbian (I think) company. The business entity is to import goods.

It’s a formal difference but shows how sloppy that post is.

That article is quite dense with inaccurate information (e.g. they own a T-shirt factory), and a lot of guesses. There is no need to listen to a random guy idea about kagi’s AI approach when they have that documented on their site.

Also, the “blase attitude to privacy” is because of a technicality of GDPR? (Not having the ability to download a file with your email address) I am a big fan of GDPR, and their privacy policy is the best I have seen (I read the pp of every product I use and I often choose products also based on it), so really I don’t care about the technical compliance to GDPR (I am not an auditor), but the substantial compliance.

All-in-all, the article raises some good points, but it is a very random opinion from a random person without any particular competencies in the matter. I would take it for what it is tbh

EDIT: To add a few more:

• They achieved profitability (BTW, 2 years of operation and being profitable with 30k users, they really don’t know what they are doing /s)
• Their price changed twice. It was raised once, and the change was reverted later on, with unlimited searches. For me that is a great sign, especially considering the transparency of telling exactly how much each search costs for them.

Source: see https://blog.kagi.com/what-is-next-for-kagi (published ~1 month after the linked post).

An article full of inaccuracies, but the most interesting bit is, all these conversations are possible because they clearly explain their views, which are publicly available on their website (for example, the philosophy behind the use of AI - which BTW is opt-in).

How is that an example of being opaque is beyond me.

FWIW, the default “programming” lens works quite well in Kagi, you can also create your own lens if you have a set of websites from which you routinely search info, and there are tons of bangs already (which can also be mapped to lenses BTW). In addition, you can downrank AI/SEO stuff when you find it (it is downranked by default in kagi), so that over time your results are quite clean.

Looking at keepassXC doc I couldn’t find such setup. Maybe it’s possible, but maybe it also leads to trouble down the road. The “official way” seems to use cloud storage.

You keep saying external server for syncthing, but again: syncthing does direct data transfers, encrypted end to end, between devices.

I mention that but with a specific context.

• people with certain ISPs will need to use the relay transfer feature because direct connections can’t be established. Similarly, if you work in an office and you use the corporate network, you usually can’t have device-to-device working (can be both from a technical POV and from a policy POV).
• even with 0 data transfers, servers still have some trust in establishing your direct connections. I know that syncthing uses keys to establish connections, but that’s why I mentioned CVEs. If there is one, your sync connection could be hijacked and sent elsewhere. It’s a theoretical case, I don’t think it’s very likely, but it’s possible. The moment you have a server doing anything, you are extending trust.

In those cases then yes, you are extending a bare minimum trust, and you fully encrypted data would temporarily pass on the relay’s RAM

And from my (consumer) PoV this is functionally equivalent to have the data stored on a server. It might not be all the data (at once), it might be that nobody dumps the memory, but I still need to assume that the encrypted data can be disclosed. Exactly the same assumption that should be made if you use bitwarden server.

If this makes you paranoid

Personally it doesn’t. As I said earlier, it’s way more likely that your entire vault can be taken away by compromising your end device, than a sophisticated attack that captures encrypted data. Even in this case, these tools are built to resist to that exact risk, so I am not really worried. However, if someone is worried about this in the case of bitwarden (there is a server, hence your data can be disclosed), then they should be worried also of these corner cases.

I just get nothing from Bitwarden that syncthing and KeePass don’t offer more easily.

You can say many things, but that keepass + syncthing is easier is not one of them. It’s a bespoke configuration that needs to be repeated for each device, involving two tools. bitwarden (especially if you use the managed service) works out of the box, for all your devices with 0 setup + offers all features that keepass doesn’t have (I mentioned a few, maybe you don’t need them, but they exist).

I don’t know how or why you would have vault conflicts, but it really does sound like something fixable

At the time I did not use syncthing, I just used Drive (2014-2017 I think), and it was extremely annoying. The thing is, I don’t want to think about how to sync my password across devices, and since I moved to bitwarden I don’t have to. This way I don’t need to think about it, and also my whole family doesn’t have to. Win-win.

That said, if you are happy with your setup, more power to you. I like keepass, I love syncthing, I have nothing against either of them. I just came here to say that sometimes people overblow the risk of a server when it comes to a password manager. Good, audited code + good crypto standards means that the added risk is mininal. If you get convenience/features, it’s a win.

Agree on the versioning issue. In fact I mentioned that the issue is convenience here. It is also data corruption, but you probably are aware of that if you setup something like this. Manually merging changes is extremely annoying and eventually you end up forgetting it to do it, and you will discover it when you need to login sometime in the future (I used keepass for years in the past, this was constantly an issue for me). With any natively sync’d application this is not a problem at all. Hence +1 for convenience to bitwarden.

However KeePassXC’s sync feature does sync the vault.

How does it work though? From this I see you need to store the database in a cloud storage basically.

For mobile I just give syncthing full permission to run in the background and have never had issues with the syncing on the folders I designate.

I use this method for my notes (logseq). Never had synchronization problem, but a lot of battery drain if I let syncthing running in the background.

Nothing else passes through it unless you opt into using relaying in case you have NAT issues.

I guess this can be very common or even always the case for people using some ISPs. In general though, you are right. There is of course still the overall risk of compromise/CVEs etc. that can lead to your (encrypted) data being sent elsewhere, but if all your devices can establish direct connections between each other, your (encrypted) data is less exposed than using a fixed server.

If you are paranoid, the software is open source and you can host your own relays privately,

This would also defeat basically all the advantages of using keepass (and family) vs bitwarden. You would still have your data in an external server, you still need to manage a service (comparable to vaultwarden), and you don’t get all the extra benefits on bitwarden (like multi-user support etc.).

To be honest I don’t personally think that the disclosure of a password manager encrypted data is a big deal. As long as a proper password is used, and modern ciphers are used, even offline decryption is not going to be feasible, especially for the kind of people going after my passwords. Besides, for most people the risk of their client device(s) being compromised and their vault being accessible (encrypted) is in my opinion way higher than -say- Bitwarden cloud being compromised (the managed one). This means that for me there are no serious reasons to use something like keepass (anymore) and lose all the convenience that bitwarden gives. However, risk perception is personal ultimately.

Few reasons, with the most important being convenience. Syncthing is going to see just a binary blob as the password storage is encrypted. This means it is impossible for syncthing to do proper synchronization of items inside the vault. Generally this is not a problem, but it is if you happen to edit the vault on multiple devices and somehow syncthing didn’t sync yet the changes (this is quite common for me on android, where syncthing would drain the battery quite quickly if it’s always actively working). For bitwarden on the other hand the sync happens within the context of the application, so you can have easy n-way merge of changes because its change is part of a change set with time etc.

Besides that, the moment you use syncthing from a threat model point of view, you are essentially in the same situation: you have a server (in case of syncthing - servers) that sees your encrypted password data. That’s exactly what bitwarden clients do, as the server only has access to encrypted data, the clients do the heavy lifting. If the bitwarden server is too much of a risk, then you should worry also of the (random, public, owned by anybody) servers for syncthing that see your traffic.

Keeshare from my understanding does use hosting, it uses cloud storage as a cloud backend for stateful data (Gdrive, Dropbox etc.), so it’s not very different. The only difference would be if you use your private storage (say, Synology Drive), but then you could use the same device to run the bit/vaultwarden server, so that’s the same once again.

The thing is, from a higher level point of view the security model can only be one of a handful of cases:

• the password data only remains local
• the password data is sync’d with device-to-device (e.g. ssh) connections
• the password data is sync’d using an external connection that acts as a bridge or as a stateful storage, where all the clients connect to.

The more you go down in the list, the more you get convenience but you introduce a bit of risk. Tl;Dr keepass with keyshare/syncthing has the same risks (or more) than a Bitwarden setup with bitwarden server.

In addition to all the above, bitwarden UX is I would say more developed, it has a better browser plugin, nice additional tools and other convenience features that are nice bonuses. It also allows me to have all my family using a password manager (including my tech illiterate mom), without them having to figure out anything, with the ability to share items, perform emergency accesses etc.

Edit: I can’t imagine this comment to be deemed off topic, so if someone downvoted simply to express disagreement, please feel free to correct or dispute what I wrote, as it would certainly make for an interesting conversation! Cheers

So, not carbonara. Pasta with lemon is awesome, I also love pasta with tuna, both also work together, but it’s not a carbonara.