I had a hard time choosing a link. Searching GitHub for “F-Droid” reveals a long convoluted back-and-forth about meeting F-Droid’s requirements for reproducible builds. Signal is not, as of earlier today, listed on F-Droid.

F-Droid’s reproducibility rules are meant to cut out the kind of shenanigans that would be necessary to hide a back door in the binaries.

Again, this isn’t proof. But it’s beyond fishy for an open source security tool.

Edit: And Signal’s official statements on the topic are always reasonable - but kind of bullshit.

Reasonable in that I alwould absolutely accept that answer, if it were the first time that Signal rejected a contribution to add it to F-Droid.

Bullshit in that it’s been a long time, lots of folks have volunteered to help, and Signal still isn’t available on F-Droid.

I don’t have such a source, but the Cybersecurity community throw accusations around easily, and are loathe to ever bless any software as completely innocent - which is a good thing.

When the accusations stop, the issue has either been addressed (typical outcome), or the product owner was written off by the Cybersecurity community as a lost cause (rare, but it happens).

Signal is weird about actually allowing others to reproduce the APK builds.

Specifically, they are the kind of weird about it that one would expect if the Signal client app had an NSA back-door injected at build time.

This doesn’t prove anything. It just stands next to anything and waggles it’s eyebrows meaningfully.

Or am I reading this wrong and this is just because they have to send your data to the brokers to process deletions?

You are reading it correctly.

If they only used your data to process deletions, it would read along the lines of “data shared with partners as necessary to provide (data deletion, etc) services.”

It should also normally be followed by a sentence that links to each partners privacy policies, and says that each partner complies with similar restrictions on using your data only for the same purposes listed in the earlier sentence.

And it feels incredibly clunky to use with gdm when signing in, where no extension can help it…

That’s true. Windows also did this badly, on the same tablet, so I didn’t notice.

If KDE does better, I might switch. I think I would use my tablet un-docked more often if logging in wasn’t so clunky.

Thanks.

I was expecting gnuImp.

I run Gnome on Debian on a tablet, and I find it wonderful.

Of course, my only points of comparison, so far, are iOS, Android and Windows tablets. Gnome is (per my own arbitrary last use of each) quite a bit nicer than any of those, at least.

You hate to see this kind of senseless undirected violence when there’s so many easily researched shitheads out there who it could have been directed at, instead.

Let’s all work towards a safer more peaceful world.

And until we achieve that better world, let’s remind each other that no one without body guards and a private yacht is causing the big ugly problems.

Lol. Even among those less stupid, most didn’t hire junior developers for the last three years, to hedge their bets.

Well, it’s three years later, AI didn’t solve shit, and we are facing an entire missing cohort of senior developers.

We’ve seen this before - back when web frameworks “made all of us obsolete” back in 2003.-

Here’s what comes next:

Everyone who needs a senior developer gets to start bidding up the prices of the missing senior developers. Since there simply aren’t enough to go around, the “find out” phase will be punctuated.

Losing bidders get to pay 4x rates for 1/3 the output from consulting companies.

Cheers!

Source: I was made obsolete by web frameworks so hard that I entered a delusion where working with web frameworks just let us produce bigger buggier websites even faster - and where the demand for web developers skyrocketed and I made some seriously respectable money while helping train up junior developers to help address the severe shortage.

TL;DR - Google makes (arguably insane) claim that it previously acted responsibly with regards to fingerprinting, and says they will begin acting irresponsibility with fingerprinting in February.

Practical take-aways you probably already knew:

• Today’s Google may do or say anything to make an extra nickel.
• Today’s Google, while it employs some excellent privacy minded engineers, has not demonstrated an organizational commitment to user privacy.
• It is probably wise to assume that the next serious data breach at Google will end marriages, get politicians arrested, get famous people canceled, fuel successful scammers, and have every other privacy impact you can imagine. We know the Google data pool is massive, and we have reason to believe it is incredibly personal. I’m aware that Google has anonymozation solutions in play, and I do not believe those solutions will be effective in a breach scenario.
• I believe that the average person will likely be better off ten years from now if they interact less with Google services.

Debian is a full day of romantic walks on the beach, fine dining, dancing, and taking in a romantic comedy, followed by easy quick familiar sex and then falling asleep in front of an episode of cozy reality television.

(It can become anything I imagine, but the defaults are just so comfortable…)

Honestly, refreshing news.

I love to see folks thinking about hardware reuse for longer term sustainability. As we reach the natural limit of Moore’s Law, it’s a great time to think about the possibility that a simple computer produced today may be perfectly functional in half a century.

Edit: And I’m calling it now - “Antique Computers” are going to be all the rage, particularly if they’re actually able to run functional home solutions.