I wonder how many GrapheneOS users are there. Not sure why none of the existing OEMs are interested in a collab, is it really that low? You have world class security experts willing to work with you for basically free and you sell a few dozen (?) thousand phones to the people who’d never buy from you otherwise. I’d love to see Samsung get involved as they’re the only decent non-US, non-CCP OEM out there.

Browsers allow websites to have persistent storage apart from cookies.

https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API

The user not having a choice is dumb either way. VPN users are the minority.

Browsers (except for Tor) doing this in the name of privacy is so dumb. Our timezones are already apparent due to our IP addresses. Not only does this not hide the timezone but also makes the user more fingerprintable. Now I’m the dumbass from Ohio who’s browser reports UTC timezone for some reason.

I gave you the real reason it should be controversial. Brave’s fuck ups have not been significantly worse than other companies’.

re: open source In theory: yes. In practice: maybe. It’ll probably eventually be caught by some researcher but unlike popular belief all open source code bases are not constantly being audited by the community. A random person can’t just read Brave source code for all platforms and accurately gauge if they’re doing something nefarious. It is very easy to hide stuff in code or misuse a protocol for evil purposes, etc.

You can modify the source code but as evident by the fact that there’s no Brave fork with crypto removed (there was one but their branding was too similar to Brave’s so they got sued), it’s not an easy feat to maintain that.

Running those adblockers on your devices is extremely insecure. They register as a VPN and intercept HTTPS traffic. They decrypt the encrypted traffic, filter it, and encrypt again meaning all your communications are signed by this single app’s certificate. Not to mention any vulnerability would wreak havoc.

https://grapheneos.org/faq#ad-blocking-apps

It’s backed by Peter Thiel who is a war mongering Nazi billionaire.

Can you really talk about E2EE on a closed source app? The whole point of E2EE is I don’t trust the vendor. If they give me a blob as a client and tell me it’s E2EE, am I supposed to just trust them all of a sudden?

What about people planning terrorist attacks before they go into Austria? The geniuses did not think about that.

I know Brave is controversial but they were the only ones (edit: not sure about Vanadium, I’m curious if they were vulnerable) disallowing JS to access localhost thus blocking Meta and Yandex’s recently discovered spying.

Sounds like such a no brainer to not allow random websites to communicate with the localhost and very easily circumvent all sandboxing you spent thousands of hours building. Looking at you Android (Google) and all the browser vendors (also Google?, huh).

What’s up with the attitude like gpu accelerated terminals aren’t extremely popular? If you’re fine with what you’re using, have fun and tone down the high horse.

Is there an easy way to transition from Spotify other than looking for all of your songs yourself?

Yeah Jellyfin was forked from Emby’s last open release IIRC.

Anything is fine unless you’re using the terminal very heavily. Almost all of my workflow is within the terminal so I want everything to be as fast as possible. I want a minimal, low config, fast terminal that has the exact same behavior when using the same config on Linux and MacOS (I know, fuck me, I have to use it for work). And those are Alacritty and Ghostty. I hate Alacritty’s horrible icon so I use Ghostty.

Yeah the protocols are there, portals support it, OBS works. It is great that random applications cannot capture the framebuffer.