I imagine it’s like everything else, you can only realistically verify against a random sample. It’s like trucks passing a border, they should ALL be checked but in practice only few gets checked and punished with the hope that punishment will deter others.

Here if 1 chip is checked for 1 million produced and there is a single problem with it, being a backdoor or “just” a security flaw that is NOT present due to the original design, then the trust in the company producing them is shattered. Nobody who can afford alternatives will want to work with them.

I imagine in a lot of situations the economical risk is not worth it. Even if say a state actor does commission a backdoor to be added and thus tell the producing company they’ll cover their losses, as soon as the news is out nobody will even use the chips so even for a state actor it doesn’t work.

They asked for an alternative to airtags. I provided one.

And even though I’m not OP I’m genuinely grateful for that.

Doesn’t matter if they were compromised because like I said, everyone is eventually.

No! That’s the whole point of this Privacy community! If someone is using, using home automation as an example, Apple HomeKit or Roomba or Google Home they will eventually get compromised BUT if they are using something local, e.g Zigbee with HomeAssistant they WILL never get compromised because by the very local only architecture of that solution no data is leaving the home and thus can NOT be compromised.

The ENTIRE reason d’etre of this community is not to say “Oh well… the default solutions are imperfect, we have to shrug and accept the statu quo” but rather provide genuinely alternative.

I understand a lot of people can enter into a learned helplessness mindset imagining that only poor solutions exist and thus, better pick the least worst one, but by doing that we are giving power to Big Tech, surveillance capitalism, etc.

Please do NOT say that “everybody gets compromised” when you actually mean that “the vast majority of people who accept to use a popular solution with trade offs that are not good for privacy”. It sounds like a finicky difference but it’s actually totally different because it shows that it’s not inevitable.

By taking shortcut in your language you limit what’s conceived as possible by others who are asking for help, again, in a Privacy focused community.

True yet still not OK.

That’s also why a lot of us do try to avoid, as much as is realistically feasible, to provide any data to any company that should store it. Hence why a lot of questions here are about self hosting, no cloud, etc. It’s not paranoia, it’s because companies cut corners and as you correctly point out, fail to keep us safe. So it’s not about Tile specifically, they are just yet another poor example. Let’s not defend them nor this kind of practices. If people in the Privacy community are OK with that, we have a rather deep problem.

The same way you would do it with a black box while optionally taking as many shortcuts as one is comfortable with by virtue of assuming having a better understanding of it’s been built?

Get it audited by tools, e.g OneSpin, or people, e.g Bunnie, that one trusts?

I’m not saying it’s intrinsically safer than other architectures but it is at least more inspectable and, for people who do value trust for whatever, can be again federated.

I assume if you do ask the question you are skeptical about it so curious to know what you believe is a better alternative and why.

Buying other hardware that you (well… not me ;) can inspect and verify, e.g RISC?

For now the performances are pretty terrible BUT one can imagine, assuming they have the right discipline and mental model doing what’s actually personal on a verifiable processor, e.g browsing and reading emails, and what’s not, e.g watching a TV show on another machine with CPU/GPU with an unverifiable architecture.

PS: I have a Precursor and a Banana Pi BPI-F3 with SpacemiT K1 8 core RISC-V chip and that’s the main idea behind them both, i.e knowing, as a community, how it works all the way down.

Neat.

Warning disclaimer : I’m not a cryptographer.

I actually tinkered with https://github.com/open-quantum-safe and it’s actually quite simple to become “post-quantum” whatever. The main idea being that one “just” have to switch their cryptographic algorithm, what one uses to encrypt/decrypt a message, from whatever they are using to a quantum-resistant (validated by NIST or whomever you trust to evaluate them) and… voila! The only test I did was setting up Apache httpd and querying that server with Chromium and curl, all with oqs, while disabling cryptographic algorithms that were not post-quantum and I was able (I think ;) to be “safe” relative to this kind of attacks.

Obviously this is assuming a lot, e.g that there are not other flaw in the design of the application, but my point being that becoming quantum-resistant is conceptually at least quite simple.

Anyway, I find it great to demystify this kind of progress and to realize how our stack can indeed, if we do believe it’s worth it now, become resistant to more threats.

RPi with minidlnad, all devices at home from computers, phones, tablets, video projector, even VR HMD, can play content with e.g VLC.

Very quick to install (basically have a media directory with your videos inside) and still very flexible, e.g new content is added simply by copying from any other device with access, e.g scp which itself can be a script after downloading something.

I keep track of parts of such a solution at https://fabien.benetou.fr/Content/SelfHostingArtificialIntelligence namely TTS, STT, LLM, etc. There is also a recent HomeAssistant article https://www.home-assistant.io/blog/2024/06/07/ai-agents-for-the-smart-home/ which is quite interesting… but also concludes that they don’t believe it’s ready for prime time for most.

If you have specific use cases in mind, happy to give more pointers for solutions I believe might fit. That being said I’m not personally convinced as I don’t use any assistant on a daily basis. Still I believe FLOSS alternatives are interesting to consider for any topic.

Just ran a VR game for Windows just this morning, worked like a charm, didn’t tinker one minute (using Proton and SteamVR, Valve with NVIDIA, just for context).

Then you also read things like https://www.forbes.com/sites/jasonevangelho/2024/08/21/linux-scores-a-surprising-gaming-victory-against-windows-11/ on non technical websites… and can’t help but wonder if it “will” be easier or… if it’s already done.

plain old Konsole

Come on now, it’s pretty active! Cf https://invent.kde.org/utilities/konsole/-/commits/master/?ref_type=HEADS 13hrs ago, a new feature weeks ago and https://konsole.kde.org/changelog.html

Look at /r/deGoogle and you will, sadly, see a lot of people that have a problem stopping.

A typical example is how services from Google, e.g Google Docs, Meet, etc do everything they can to avoid not logging in, and while having to do so, prefer to use a GMail acccount, or “at least” a Google account (which might not require a GMail email).

So… a drug no but a dependency hard to ignore for a lot of people, the same way some people feel “forced” to use WhatsApp.

You are extremely privileged if you never felt that way.

To not rely on it anymore? Not be tempted?

I suggest to delete it but giving yourself a grace period, e.g 1 year where you redirect emails until you are sure you updates most people and services accordingly. After that period, better to delete and this way hope that Google doesn’t have any of your data anymore.

What if your domain registration lapses and someone else grabs it?

Registrars do warn quite a bit but indeed you can add a yearly notification 1 week ahead in your calendar.

What if you can’t afford the cost five years from now?

You are in quite deep trouble then because the registrar itself is relative cheap, e.g $10/year. It also does not seem to increase significantly. If you can’t afford that you probably should focus on basic necessities first. If you are serious about it though, just like with the yearly notification, set $1/month just for this.

What if you just don’t like the domain name someday?

I mean… you change it? Just like when you went from person@gmail.com to person@mydomain.tld . That process is a bit annoying but as you’ve done it once, it will be easier.

All of these reasons will be problematic and some can result in identity theft and significant fraud. It’s definitely not a decision to be taken lightly, particularly if you have a lot of online accounts.

It’s not a light decision BUT it’s also not such a big deal. If I want to go back to person@gmail.com I can just do so any moment I want (well person-something@gmail.com to be precise). I will keep a 1 year grace period for the transition, start with the most critical accounts first, e.g government and banking then social media, then random accounts based on my history. It’s annoying but it’s a matter of hours over few weeks at most.

The only challenge is to be methodical and giving up on the idea that you’ll update 100% of the account. Getting 99% of the account that truly matter is enough IMHO.

PS: for actually sensitive data, and assuming you somehow didn’t manage to get the grace period YET still are smart enough to think ahead, multi-factor authentication will keep your accounts safe. Honestly I don’t think the overlap though between somebody who cares enough about that AND let’s domain expire is very big though.

Clarifying privacy from whom could help identify possible solution.

Because without privacy you can’t be a proper human being. You need privacy in order to have the safe space to develop, to dare try, to explore without the constant judgement of others. If you can’t be a proper human being, can you genuinely have democracy?

It’s both a per-requisite for humanity and what the political system that is often considered as the most just.

That’s why I care.

I’d clarify that the shear customizability of Linux is optional.

Take a SteamDeck with SteamOS versus a RPi with e.g Debian.

If you “just” play with the SteamDeck and you don’t tinker, well, it “just works”. In most, even though not all, normal situations, e.g plugging a screen, pairing a BT headphone, mouse, keyboard, etc it is solid. It has no problem even while using a compatibility layer like Proton for games themselves made for Windows. It even enable some tinkering thanks to its immutable OS and let the player switch to desktop mode. Not everything works but my personal experience since it’s been out has been pretty much flawless.

Now, take a RPi, with just as stable hardware, with Debian, even stable, and put on it some IoT device, make some weird modifications for it, try a bunch of stuff, remove package, tinker more, chances are it will still work. Tinker more, make stranger modifications to the point it becomes unstable. Is it Linux itself? I’d argue it’s not. I’d argue that instead because we CAN tinker we sometimes do then forget that it’s not the same context as something expected to run without hiccup because it’s been limited to basically the same verified usage.

So… IMHO Linux is even better than it is, we just shouldn’t confuse weird (and important) tinkering with how it can be actually used day to day.

“e” stands for the Euro currency, thought EUR was a bit much and was too lazy to look for €. Apology for the confusion.

never really gotten into the whole “Internet of Things” thing.

Honestly… it’s not worth it. It’s fun, sometimes convenient, but nobody truly needs it except in some very specific situations. That being said it’s also now relatively easy and cheap to setup, e.g RPi4 then add a Zigbee dongle (30e) with a Zigbee lightbulb (20e) or switch (15e) or sensor (e.g temperature for 15e), install HomeAssistant in an hour … and voila, you have a setup you can play with and move from any home to any other in minutes. So it’s not a “big” deal to start but again, what for. I personally do it because I love tinkering and want to feel that I can be at the “state of the art” of technology WITHOUT surveillance capitalism, so it’s more an intellectual and more pursuit rather than a pragmatic approach. So I don’t recommend it but I also had to clarify it’s not that complex or expensive anymore.

Thanks a lot for taking the time to explain.

I did notice CTF on the description so I imagine “escaping” it is “harder” than with containers. I recently participated to SplinterCon which included a “block-a-thon” (cf day 2 of https://splintercon.net/brussels/ ) to try to escape a limited environment, approximately simulating the limited Internet access of some political regime. It might be interesting in that context too.

Could also be interesting then to distinguish which defaults are changed compared to Docker ones or examples for which nsjail is currently preferred.

No and to be honest without a clear comparison with the advantages AND disadvantages with the most popular solutions, e.g containers with implementations like Docker or Podman, I don’t think I ever will.

Obviously it’s nice to have alternatives which I bet can be interesting in specific use cases but without a way to understand in which specific situations it would be worth investing to learn the tooling, principles, etc then I would, naively, stay with the status quo.

TL;DR: any comparison vs Docker?