Dark Arc

It’s a lot more than a random text editor.

It’s a text editor from (at least some of) the people that made Atom at GitHub (with the explicit premise of learning from Atom/building a faster, better, Atom).

The business plan is to sell collaboration features (e.g., remote pair programming).

Google is introducing planned obsolesence in Fitbit

Have they? In what way?

They’ve done good work for Android and Pixel, promising 7 years of updates for the latest Pixels. Samsung has also gotten much better about this with their recent phones. That’s going to put a huge dent in the e-waste as Android phones have surely been heavy contributors (certainly much higher than fitbit).

TVs get bricked with firmware upgrades.

What TVs? Vizio, Hisense, the Chinese junk budget brands?

Very sympathetic to your e-waste concerns; I think the source of the problem is actually getting better not worse though. In general, the mobile tech sector is “growing up” and supporting products longer.

In a selfish way… I’d like for the UK to do this and for it to go horribly horribly wrong for them. Maybe that would finally get the US reps to get their heads out of their butts so l don’t have to keep signing petitions and writing essays about why weakening encryption is a horrible idea.

This is definitely top 10 Linux memes of all time for me.

I mean… if you’re running millions of sites on one box, and that itself isn’t an issue, I’d assume your port saturation/traffic is pretty low.

I don’t know anything about Netbird, but I’ll link you to my ZeroTier pitch the last time I noticed someone talking about Tailscale: https://lemmy.world/comment/1058287.

Yeah, it would be nice if they let people buy storage at a reasonable rate.

I’m using one for myself and one for my grandpa (who gets tons of landline spam calls).

I haven’t noticed a lot that’s different for either of us. I think the real reason to use one of these sites is if you want your contact information to be a bit harder to find.

That only stands true when the issue is not being actively exploited.

If you send these files over SSH, you’re good as that’s encrypted by ZeroTier and then encrypted again inside the SSH connection (and SSH does have perfect forward security).

See their cryptography section of their docs for more info.

You can read more here about what they’re working on:

• https://www.zerotier.com/blog/research-notes-on-2-x-cryptography/
• https://www.zerotier.com/blog/research-notes-aes-gmac-ctr-siv/

It’s been to long since I’ve read that to give anything more than a condensed “they’re improving their crypto significantly with ZeroTier 2” (not to mention memory safety via Rust).

I think it’s pretty secure and it will be getting better soon. In reality, I think it’s much more secure than what most people will end up with otherwise.

ZeroTier is open source, long running without incident, and the traffic is encrypted between peers.

The threat model is basically two fold though, in theory someone who has control of the ZeroTier roots (if you’re not using your own controller, if you’re using your own, then s/their roots/your roots/) could add routes to your devices, and add/remove devices that are part of your confirmation.

The encryption also doesn’t currently have perfect forward security, so if there’s a compromise in one of your connections, in theory some past state of that connection could be decrypted. In practice, I’m not sure this matters as traffic at a higher level for most sensitive things uses its own encryption and perfect forward security (but hey maybe you have some software that doesn’t).

The other thing I will note about that last point is that they’re working on a rust rewrite that will have updated crypto, including perfect forward security.

FOSS just means the software is open source. As I said, you can self host ZeroTier and not involve their servers (if you’re not doing things commercially, you pay for the license but still run your own controllers, or you use an older version which has been automatically relicensed by the change date to Apache 2.0).

That said, the traffic is peer-to-peer, in the majority of use cases there servers are acting as a bit more than syncthing’s servers (acting to facilitate the connection between two devices that want to talk together). See the other comment for some more thoughts here.

You got it right, lots of drama, not really anything to worry about unless you’re very fringe and have people you email via PGP with “super secure” PGP keys (and honestly I’d trust Proton more than I’d trust most people to roll their own PGP… it’s hard stuff to get PGP right).

I’ll pitch ZeroTier instead, it’s the same concept, but it’s more FOSS friendly, older, doesn’t have the non-networking “feature bloat” of Tailscale, and can handle some really niche cases like Ethernet bridging (should you ever care).

Just:

1. Go to their website, create an account, and create a network
2. Add ZeroTier to the devices you need to connect
3. Enter your network ID on those devices
4. Approve the devices in the web control panel

If you want to go full self hosting, you can do that too but you will need something with a static IP to control everything (https://docs.zerotier.com/self-hosting/network-controllers/?utm_source=ztp) this would replace the web panel parts.

You can also do a LAN routing based solution pretty easily using something like a Raspberry Pi (or really any Linux computer).

Just an FYI, looks like you double commented

No, you can set up PGP encryption to send PGP encrypted mail to non-proton customers via Proton. They’ve also been trying to work on standards that would make retrieving public keys/knowing the recipient accepts PGP automatic.

You’re blatantly misinformed, and it’s irritating.

Edit: I’ve blocked this person following their reply, but to their last point, “via Proton” literally means you use their service as a standard PGP mail client no strings attached, that can interact with any other PGP, and with no vendor lockin. That is literally the definition of using an open standard. There’s no insidious plot here.

Jesus, they literally use GPG and integrate with 3rd party GPG. How did you make that leap?

https://github.com/ProtonMail/proton-bridge/issues/320#issuecomment-1350901372

That mentality is part of the problem. More options is not inherently better, it’s more to maintain, more complexity, more feature requests in that direction (“well can I store a PGP key in the browser that isn’t uploaded to your servers so I can read my non-synced PGP mail”, “can I write mail using that”, “oh I changed my mind, can I convert mail to your PGP key from my PGP key”, “oh I changed my mind again, I’d actually like all my emails changed to my PGP key”, “oh could you sync my PGP key for me”, etc).

It happens all the time, bending over backwards as a company for niche customers that want to use your toaster as a waffle iron rarely works out well.

Put another way…

You went to a custom shoe maker and said “make me a custom shoe” then you went back to them and said “I wanted to do it myself! Why won’t you let me change out the insoles in these shoes!”