Pinned toot

I spent a bit of time this week writing a sizable blog post containing some of my reflections on the "Google, Play Fair!" website that Aptoide launched a while ago. jfenn.me/blog/2019-06-13-Aptoi

Pinned toot

A reminder that Status is a giant hack that shouldn't work: this issue was resurfaced in an email today. github.com/fennifith/Status/is

Pinned toot

I decided to publish something I wrote for class about Apple and @RepairCoalition@twitter.com. My writing is far from perfect, but I believe it is a decent summary of the issues / arguments surrounding the Right to Repair movement, and what is being done to improve. jfenn.me/papers/2019-04-14-Rig

It's also a little ridiculous, as I fully realize that part of this is basically just reinventing Android's "View" APIs at a much higher level. Why on earth did I choose to make the configuration file in XML? Whatever works, I guess.

It's a bit tough, but I'm getting excited at the thought of finally being able to write something like `repo="github:fennifith/Attribouter"` alongside a "gitea:example.com/someone", maybe to add a contributor that wasn't included because they use a different platform.

I'm currently in the progress of adding support for different services (GitLab, Gitea, etc.) to Attribouter at the same time as rewriting it in Kotlin... github.com/fennifith/Attribout

James Fenn boosted

@drwho I see http as a fundamentally pull protocol, not a push one. If I'm visiting a website in a client that doesn't support images, I'm not blocking images, I'm simply not requesting them, same with all the tracking garbage. It's a misnomer to call it "blocking", I'm just not asking for them. To pretend that that's some kind of hackery and breaking the website, is disingenuous at best, as there's nothing in the way that the web works that requires websites to be packaged in a certain way.

James Fenn boosted

These videos don't "threaten the world of cybersecurity and enable bad actors". They educate people about technology and prevent negligence by companies that forego security practices for an easier paycheck.

Hiding instructional videos won't fix the internet. Any "malicious actors" looking for info will find it elsewhere. What it _will_ do is prevent people from learning about security, discovering flaws, and having the ability to prevent them.

The same goes for open source - projects such as OpenSSL aren't widely used _despite_ being OSS, but because of it. Anyone can find out how it works, find potential issues, and contribute to it, fixing problems before they're able to be misused at scale.

YouTube's "hacking ban" is based on an annoyingly common argument - that hiding knowledge about software will somehow make it "more secure". theregister.co.uk/2019/07/03/y

If telling someone how your software works will make it insecure, then it wasn't secure in the first place.

I've gotten countless emails asking me to "implement an SDK" in my apps to earn money - while somehow displaying no ads and not impacting the user experience. How does this make any money? It doesn't - but it's a part of something bigger that does.

An interesting project, and thorough research to go along with it. The main purpose seems to be blocking apps and services that identify the user and their location by "listening" to the environment around them:
cityfreqs.com.au/pilfer.php

One detail that I *really* appreciate here: the note that companies make this privacy-infringing software available to app devs through SDKs, who then willingly use them in the hopes of gaining just a tiny sliver of revenue.

James Fenn boosted

The reason for this is essentially that the computer is being used by "human beings." More specifically, the trade-offs that would make it secure also make it useless (execution restriction, namely). The purported design does not actually employ any such trade-offs. (magic!)

I'm not averse to writing some server code to manage the connections between clients for this project, but it'd be really great if I could implement an existing standard because that'd make it much easier to manage in the future.

Question: are there any good C/Kotlin libraries out there for decentralized communication / messages between various clients? Ideally I'm looking for something fairly simple, just to connect multiple clients to a "host" user and send text between them.

Previously looked at WebRTC, for which a somewhat simple C++ lib exists that I might consider using. There's also go-libp2p, which seems way to complex but is at least possible to interface with C / Kotlin interop.

My thought is that by using a poll to decide, I can effectively shift the blame from myself when the project inevitably fails to achieve its actual goal. The ultimate scheme.

Trying to decide on a language to use to build a Linux CLI for, err... filesharing? Yeah, something like that. Current options I'm considering (poll):

I'm noticing a lot of helper libraries for building command line apps in Kotlin, and can't decide if it's a good choice for small CLIs or not.

On one hand, Kotlin is easy to work with and makes it possible to write things cross-platform (I could make an Android app with the same codebase), but the JVM is still a heavy dependency for a simple utility that could just as easily be written in C or Go.

I tried to stream some work on github.com/fennifith/Alarmio today, but my laptop somewhat died under the pressure of Android Studio and OBS running at the same time.

I guess streaming any Android dev will have to wait until I either get an external GPU or a desktop machine. Or find a way to build/edit on command line that doesn't take three days to finish a build.

James Fenn boosted

Im still writing a blog post about ethics in software, and how that relates to Open Source Software and Free Software.

One thing I am stuck on is how Free Software's ethics implicitly relies on the assumption that "all users have the technical literacy to modify and run software". And I use literacy to truly mean a fundamental capability that should be taught to everyone, because Free Software assumes "the user" can "modify" said software in order to satisfy it's ethics.

I don't like this flaw

James Fenn boosted

Now I totally admit this: Android has much more stable and quality software available than on iOS, and it is cheaper (if costs any money at all). Kotlin seems to pay off better then swift does

If you're an Android developer with published apps, I'd take a bit of time to look on Aptoide (and other sites) and see if any of your apps are being illegitimately hosted there. I've found some of my own, and a few other developers' projects which probably shouldn't be there...

Show more
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either! We adhere to an adapted version of the TootCat Code of Conduct and have documented a list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators. Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!