• IMAP mailboxes can be shared between users: https://doc.dovecot.org/2.3/configuration_manual/shared_mailboxes/shared_mailboxes/
• A contact email address could feed into an issue tracker / ticket type system.

Ok, it’s beginning to look like bad UI design on accounts.firefox.com:

If I click sign in at monitor.mozilla.org, it redirects me to an oauth process hosted on accounts.firefox.com which prompts me for my password then sends me back to monitor.mozilla.org.
The settings page at accounts.firefox.com then lists Mozilla Monitor under “Connected Services - Everything you are using and signed into” along with all my browser/device instances. But it doesn’t disappear when signed out from monitor.mozilla.org in the same way that a browser instance disappears when signed out from sync browser-side.

I’m supposing that list does not indicate what has access to sync data, which as far as I understood uses its own strong private keys browser-side which are never shared with the servers.

I’ve seen no documentation that Mozilla Monitor works by accessing one’s sync data.

The interface suggests that it only monitors email addresses manually added on monitor.mozilla.org’s UI.

Yes, I was aware of that at the time, and I probably assumed that my browser would be hashing each piece of data (e.g. each email address or username) before sending it to Mozilla Monitor or haveibeenpwned.

What concerns me is Mozilla Monitor appearing in the list of devices/browsers synced, each of which is implied to have cleartext access to all the data I decide to sync (bookmarks/history/tabs in my case, logins+passwords and more for many other people).

Most mass-marketed VPN services (the type marketed for accessing the internet) allow you to VPN into their private subnet where the thing you can access is their gateway router (which you use in place of your home gateway router/modem for connecting to the internet). You don’t need a VPN service to use VPN software between two points you control.

ublock origin does not have this disclaimer. It works well and is widely trusted.

If you’re using Mozilla’s level of endorsement as a metric, note this prominent disclaimer on the addon’s page:

⚠️ This add-on is not actively monitored for security by Mozilla. Make sure you trust it before installing.

[…] the attack is an extremely expensive nation state level operation that doesn’t scale.

About $250 at most. Quoting the linked page:

Below is a list of equipment we used for the experiments.

• (1) Software Defined Ratio (SDR): Ettus USRP B210 USRP, ~$2100.
• (2) Low Noise Amplifier (LNA): Foresight Intelligence FSTRFAMP06 LNA, ~$200.
• (3) Directional Antenna: A common outdoor Log-periodic directional antenna (LPDA), ~$15.
• (4) A laptop, of course.

Note that the equipment can be replaced with cheaper counterparts. For example, USRP B210 can be replaced with RTL-SDR that costs ~$30.

To reproduce the attack: our GitHub repository provides the codes and instructions for reproducing and understanding the attack. We have prepared a ready-to-use software tool that can produce real-time reconstructions of the eavesdropped videos with EM signal input from the USRP device.

Conversations can be a unified push distibutor: https://unifiedpush.org/users/distributors/conversations/

…and I’d trust it (battery-wise) with that. I have an old tablet with conversations running without battery restrictions on it, and if I’m not actually picking it up and using it it regularly goes 1-2 weeks on an 80% battery charge before it dies, the whole time giving audible notifications for XMPP messages/calls (which I attend to on other devices).

2 black pieces can move per turn?

Cryptpad:

• Full-on google docs / office365 / libreoffice type replacement with collaboration.
• E2EE
• The complexity means it doesn’t work well on mobile, takes a while to load on a slow connection, more frequent bugs. (3.5 MiB page transfer)
• Self-hosting is complicated.

Etherpad:

• A competent collaborative rich-text editor. Doesn’t do spreadsheets or presentations or […].
• Not E2EE (you need to trust that the server a bit more).
• Lightweight, works on slower connections, works alright on mobile. (1.7 MiB page transfer)
• Self-hosting quite simple.

PrivateBin:

• Super-simple plain-text/markdown pastebin. No editing possible once saved.
• E2EE
• Very small. Works fine on slow connections and mobile. (0.2 MiB page transfer)
• Self-hosting very simple.

Sorry everyone, I did try searching the lemmyverse for any previous postings of this article using “signal” in the search feature on my instance, but it turned up nothing at the time.

Lemmy.world seems to have a handle on all the cross posts: https://lemmy.world/post/9121235

Of course they would.

Having wider tyres ~2"/50mm or so pretty much eliminates the risk (and gives a comfy ride). If you really like the speed of narrow tyres, it’s really quite safe with the right technique – crossing tracks at an angle to avoid mishaps (I find 30° is sufficient, 90° is never a problem), and when they’re slippery, treating them like ice. It becomes second nature soon enough.

I think there are some rubber/elasromer inserts which have been developed which also eliminate the groove – it presents a flat surface to bikes, yet squishes down for the tram wheel flange under the immense weight.

The nuance is recognising the Google hegemony is supported by choosing Chrome.

The understanding is realising what is happening to the open web as a result.

Yet for others it can make it way worse: https://en.wikipedia.org/wiki/Sexual_headache

• US: 77⁄256 cubic inches vs 0.50 US fl oz (~4.929ml vs ~14.787ml)
• Australia: 5ml vs 20ml
• Rest of World: 5ml vs 15ml

WTF is a square pound!? You’ve ruined my day.

Nice.

But !fuck_lawns@lemmy.ml?