Dude, I know I live in nyc 😂
Dude, I know I live in nyc 😂
Same, but with a 22TB drive for /data loooool
Can we leave New York alone for a bit? We’re already getting every Marvel villain now we gotta deal with terrorism too?
Yep, I’m aware. It’s how that one guy hacked his airplanes wireless, by setting up a certificate with his domain and the airlines and then using that domain + port 443 as an ssh or vpn tunnel.
So TLS rollout is slow because the websites can still be seen with packet inspection? We’re talking about TLS 1.4 right?
I don’t use chrome but this is a whole lot of nothing. It’s basically saying if you save a file or an article to your reading list it’ll still be there…and that remote websites will still stuff your face with cookies and try to track you…but it’s not like they’re giving you a special chrome cookie to link your private and non private browsing. Server side tracking never goes away, not even with Firefox.
Anyways, who cares. Delete chrome and start using Firefox. But again, make sure you delete the files you download in incognito or they’ll still be there. And your ISP can still see which domains you’re going to if you use them as your DNS.
Nope. That’s extremely misleading.
I’m not judging, not sure how or why you think you’re failing but it’s not coming from me!
I’m like you, I use Bear for when I’m lazy and emacs for everything else. Two polar opposites but at least with Bear I can collaborate with my wife without complication.
I looked at their test app and nothing looks like zero knowledge to me in the settings. The closest thing I see is private vault but that just sounds an extra layer of password locking (and encryption too) but not in a way that would prevent the company itself to see its contents (confirmed here). The dev in that thread failed to disabuse the user of that notion will leads me to believe the term is being knowingly misused.
Zero knowledge is supremely annoying to implement and also very risky because if your users lose access to their private encryption key that they have to write down during signup, their data cannot be retrieved and it’s gone forever. That means if you specifically were using that feature, you would know it from all the nagging during signup about those risks.
And again, there’s a very simple way to test this. Just try logging in from a new device. You should not be able to see any decrypted notes without either entering in that private key or having another device be online to share it. If you’re thinking maybe the private vault is a secret key only you have, just see the github issue above. It’s not.
Having said all that…
I’m not advocating for zero knowledge in every service. I mentioned it because the marketing bugged me and felt misleading. I honestly have no idea if their app is good or not but it does look pretty. Just make sure you trust them with what you’re putting on their servers.
/edit I’m sorry I want to make sure I’m not spreading misinformation and stumbled on this thread where the author claims they cannot read any of the users’ data on their servers but then everyone else in the comments is debating whether it’s just end to end encryption or some other derivative marketing term. Honestly I’m just gonna say it “I don’t know”. If it’s zero knowledge and you didn’t get a special string on top of your password then that means your password is your key and password resets should be impossible or come with a side of “losing all of your notes”.
That’s fine, I was just trying to add the the conversation.
There’s this page that actually explains the encryption as it is: https://vericrypt.notesnook.com/ Zero knowledge is mentioned here and in a few other places. They’re misusing the term as a marketing device, knowingly or not I couldn’t say.
As for how I know? It’s easy enough to check zero knowledge by logging into the service. If a password is enough to display your notes, the service is not zero knowledge. There should be a second set of credentials known only to the user that gets entered with each new login to actually decrypt the contents of your notes. If you’ve ever used matrix chat you would either enter in the private key yourself or match some emojis on an already authenticated client that would then pass that private key in a peer-to-peer fashion.
I haven’t verified this myself but I can clearly see from the website how the encryption is described vs the marketing terms being used.
Notesnook makes that claim. Why wouldn’t you consider that relevant when it’s the first thing you’re presented with on their website? And don’t even mention self hosting, that’s not only the last item on their roadmap but it’s also been there for a very long time with no updates.
Not sure why you’re getting defensive, this has nothing to do with you.
Just fyi notesnook is not really “zero knowledge”. They’re misusing that term.
I’m on NixOS using the beta drivers and it does everything as far as I can tell. DLSS, ray tracing all work and performance is the same as windows with the same settings. I don’t think I ever need to go back to windows.
“No entry found for ‘time flies’”
I replied elsewhere but YES! Telemetry is notorious for causing devs to hyperfocus on shit features due to their high usage. Just because a user is clicking X over Y doesn’t mean Y sucks and X is better. Maybe Y is in their periphery, or camouflaged by the background artwork or worded badly. But hey, since X gets a lot of clicks, it must be good, right?
How about shit breaking because everyone at some point is a bad programmer? Even Apple Music doesn’t work when I walk into the elevator until halfway through presumably because hitting play sets of a bunch of useless blocking network calls for music I have saved locally.
What those calls are, I can’t say for sure. Downloading artwork, license checks or telemetry. I’d venture to guess it’s the latter since music will play with placeholder artwork on a slow connection and license checks aren’t required if the subscription was recently validated (works offline for days).
But who really knows. I never bothered to inspect the traffic. The point is, if a company like Apple is creating such a crummy experience for a function so absurdly basic, you can imagine how easy and prevalent telemetry based user degradation is. Go browse the web with a tracker blocker and tell me it isn’t snappier.
PS: I’m also a programmer and collect error reports. So many developers will forego using connection pools, much less collect data with async api’s.
And let’s not even get into how telemetry is a shit tool that is misused 99.99% of the time and only used to surface popular features that aren’t necessarily good features only because we attach causation to every metric (x feature is highly used, therefore it must be good).
And now you can do it with curl!
Maybe you’re a dev on the Reddit team and own a lot of shares for what you know is about to go public?
Cloud doesn’t have access to local drives…but in this day and age, python could be containerized or sandboxed. Sounds messy though.
Nixos…from arch.
I can literally see them testing the 9/11 memorial lights from my apartment