Seems trolls were spreading mistruths about Linux Snaps vs Flatpaks and AppImages

Seems partial truths were amplified out of context, and that is not doing justice to Canonical's Snaps. I would have preferred to have heard the full context and then made up my own mind about snaps.

The crux of it is, that yes Canonical's own Snap Store backend is not open source (same I suppose as Google's Play Store), but they have pointed out you do not have to use that Snap Store, and anyone else can actually host their own Snap Store using the front end open source software. The linked article provides a link (near the end) to a blog post explaining how this can be done.

As far as snapd goes, firstly it is open source, and secondly you can actually run snaps without even using snapd. The packaging format is an existing, documented one used by most distros. The tools used for confinement are existing third-party ones, already used in other distros. For example, Debian and the SUSE family also use AppArmor, as described in the Arch wiki, while its main rival, SELinux, is more complicated and mainly used in Red Hat and its derivatives.

There was an issue also a long time back with snapd using a lot of system resoirces, but I'm not sure if that is an actual issue any more (compared again to Flatpaks and AppImages).

Given all that, it does not look like snaps have been given a fair deal. I'm not saying they are better than Flatpaks or AppImages, but I know AppImages have had issues with not having any in-built package update manager.

See https://www.theregister.com/2023/11/10/snap_without_ubuntu_tools/

#technology #Linux #Snaps

Samsung Galaxy SmartTag 2 Review: Why You Should Wait Before Buying!

The Galaxy SmartTag 2 is the second generation of Samsung's line of smart trackers. It features some advantages when compared to rivals such as Tile, Chipolo, and even the Apple AirTag. Not even those, however, are enough to warrant a recommendation on the new model. Read below about the pros and cons of using the SmartTag 2 to not lose your keys, luggage, or pets, and why it is probably better to wait before purchasing one.

Key for me is there is no indication that it will support Google's Find My network. Although right now Samsung has the most Android phones revolving around the planet, the launch of Google's Find MY network is imminent. With that network, it will turn all (or most) Android phones into a better network than Apple's for finding lost tags. I'm dead set against buying any tag that relies on someone else to have installed a specific app to find it.

I do like it's metal ring (no cover required and should last longer) as well as the easy battery replacement, but it is also probably a shade too thick for me to fit inside my wallet. An Apple AirTag is fitting inside my wallet OK, but this Samsung tag does look a bit too thick for that purpose.

So I'm waiting a bit...

See https://www.nextpit.com/samsung-galaxy-smarttag-2-review

#technology #trackers

EFF's Privacy Badger Now Blocks Ever More Trackers With Their New Badger Swarm

In 2020, the EFF updated Privacy Badger to no longer learn from your browsing by default, as local learning may make you more identifiable to websites. In order to make this change, they expanded the scope of Badger Sett-powered remote learning. They then updated Privacy Badger to start receiving tracker list updates as part of extension updates.

Since Badger Sett automates a real browser, visiting a website takes a meaningful amount of time. That’s where Badger Swarm comes in. As the name suggests, Badger Swarm orchestrates a swarm of auto-driven Privacy Badgers to cover much more ground than a single badger could. On a more technical level, Badger Swarm converts a Badger Sett scan of X sites into N parallel Badger Sett scans of X/N sites. This makes medium scans complete as quickly as small scans, and large scans complete in a reasonable amount of time.

Badger Swarm also helps the EFF produce new insights that lead to improved Privacy Badger protections. For example, Privacy Badger now blocks fingerprinters hosted by CDNs, a feature made possible by Badger Swarm-powered expanded scanning.

You may want to opt back into local learning if you regularly browse less popular websites. To do so, visit your Badger’s options page and mark the checkbox for learning to block new trackers from your browsing.

As a compromise to avoid breaking websites, CDN domains are allowed to load without access to cookies. However, sometimes the same domain is used to serve both unobjectionable content and obnoxious fingerprinters that do not need cookies to track your browsing. Privacy Badger now blocks these fingerprinters.

There are still those who think that their browser data can be publicly used as they have nothing to hide, but it is not about blackmailing or phishing you at all. It is not only about highly selective targeting for commercial advertising, but also for governments and other shady actors to incite anger and outrage type responses to influence voting, religious based reactions, etc. It is not just advertisers who buy this data.

See https://www.eff.org/deeplinks/2023/10/privacy-badger-learns-block-ever-more-trackers

#technology #trackers #privacy

Positive Carbon wants to make commercial kitchens sustainable, and claims a 50% reduction in waste

Positive Carbon uses both camera and LiDAR sensors. Perched on the ceiling above food bins, they autonomously track exactly what enters the bin.

The sensors are connected to the customer’s purchasing software. As a result, the system can monitor what a business buys and connect that information to the waste.

The data is then aggregated to generate targeted interventions. Purchasing plans can then be adjusted accordingly. That might mean buying less of a specific ingredient, preparing fewer portions of a specific dish, or simply putting less food on plates.

The use of sensors is quite clever, along with the analysis, but in essence it is nothing that a micromanagement chef can't do. I suppose it makes the chef's job easier in that they can concentrate on making food, and rely on a constant analysis being done around waste. The AI side would help with predictive ordering.

It's good use of technology and AI, as no human gets replaced, it just extends their functionality and efficiency.

Yes, I can see it going further eventually too into domestic households as so much waste is also often not necessary. Certainly for recognising too what is recyclable waste versus garbage.

See https://thenextweb.com/news/positive-ventures-sensors-fight-food-wastage

#technology #waste #foodwaste

Fitbit is pulling out of South Africa

Fitness device manufacturer Fitbit is withdrawing from the South African market in line with parent Google’s decision not to sell consumer hardware products in the country.

In a terse statement in response to questions from TechCentral about the development, a Google spokesman said the company has decided to stop selling Fitbit and Nest products (both owned by the company) in select countries “to align our hardware portfolio to map closer to Pixel’s regional availability”.

Well, we've never had the Pixel phones officially on sale in South Africa, and I've had so many issues the last few months with my Fitbit Aria scale that I don't really feel like buying any more Fitbit devices. I'd already stopped buying Fitbit fitness trackers about 5 years ago due to strap issues. So, I for one, won't be missing them. Ever since the buyout by Google it seemed like Fitbit was anyway no longer what it used to be.

See https://techcentral.co.za/fitbit-is-pulling-out-of-south-africa/234830/

#technology #Fitbit #SouthAfrica

Withings Body Scan review: A smart scale that tracks cardio health, body comp and more

Given all the ongoing issues that Google Fitbit Aria Scale users have been experiencing, I see many had moved to Withings scales. So, it was interesting to read this review as I'm considering a similar move in future.

The review certainly shows some issues, some of which can be explained through reliability of algorithm reasons, but it does seem that Withings users have generally been happier than Google Fitbit users (many of whom can only now get readings for one person on their scales).

When a scale reads done to 50g of accuracy though, it is true that you can't get too hung up about the change of measurements throughout the day, and you need to look at the trends over days whilst keeping the measurement conditions as constant as possible.

Withings relies on sending a tiny electrical charge through the user’s body to measure arterial stiffness, too. It does this by tracking the time it takes for a wave that’s created in the blood as the heart beats to arrive at the foot — a measure called Pulse Wave Velocity (PWV). The app records and tracks a speed value for PWV, to monitor changes over time. It also provides a comparative rating for “Vascular Age” (vs the user’s age) — charting whether it falls in the normal, not normal or optimal range.

Another flagship feature of Body Scan — one of two that’s been approved by medical device regulators in the US and Europe — is a 6-Lead Electrocardiogram (ECG) which can detect AFib (aka atrial fibrillation), a common cardiac rhythm disturbance that can cause stroke and heart failure.

See the review at https://techcrunch.com/2023/11/07/withings-body-scan-smart-scale-review/

#technology #health #Withings

There is a new AUR package called proton-vpn-gtk-app - but myself and some others are getting build errors which probably have to be sorted out first

Proton finally brings their VPN app for Linux up to par with the Windows version

The Proton VPN GUI app for Linux has not been popular, with many complaints of bugs and missing features, but Proton promises the new version is much improved.

Their official app for Linux now natively supports all these advanced Proton VPN features, including:

* NetShield Adblocker

* Kill Switch

* VPN Accelerator

* Moderate NAT

* Port forwarding

* Auto-connect at startup

* Pin servers to tray

* OpenVPN DCO (which provides similar performance to WireGuard)

The only snag is that they provide the binary installs for Debian, Ubuntu, and Fedora only. This leaves out the Arch distros. There was an AUR package (and a Flatpak) available that wrapped the previous Proton VPN app into an AUR package that an Arch distro could install, but it has not yet been updated.

I see that Proton says they can really only provide support for limited distros, but it probably also highlights the need for creators to support something more cross-platform like Flatpak or AppImage. Flatpak is probably more preferable as it has a package updater, versus AppImage relying on the app itself to do the updating.

I hope the AUR package will be updated soon, but it is less than ideal having something like a VPN app being provided by a 3rd party.

See https://www.howtogeek.com/proton-vpn-linux-app-update-2023/

#technology #ProtonVPN #Linux

We need more USB-C cables with bandwidth and USB versions on them

https://void.cat/d/EMsv8HzA5yXTkxmMeA5wiC.webp

Elgato hasn’t just made an excellent teleprompter, it’s also made a great USB-C cable that ships with it. Professional audio engineer Matt “Spike” McWilliams spotted that Elgato’s latest USB-C cable has the bandwidth and USB type imprinted on the connector, and now I wish all manufacturers did this.

Once you've collected a drawer (or two) full of different USB cables, it is really useful to know which ones are what type. Using inferior spec cables, means that even with an expensive charger, your device may only trickle charge instead of fast charge, may not transfer data, etc. It is not always very obvious what the issue is, but it often comes down to the incorrect USB-C cable.

When it comes to USB-C cables, a cable is not just a cable.

See https://www.theverge.com/2023/11/6/23948486/usb-c-cables-marking-speed-power-delivery-elgato

#technology #USBC

My web based OpenWebRx receiver has been upgraded to the Plus version with aircraft location data etc

https://void.cat/d/3JL1AiYWmMxaf8ub8KYPKt.webp

I featured my OpenWebRx receiver about a year or two back, which allows you to use any desktop or mobile browser, to be able to listen to various radio transmissions that are received at my home in Cape Town.

The previous version would allow you to tune into ham radio bulletins, repeaters, and simplex chats, including SSB on VHF and UHF, and even DMR repeaters. It also had decoding for APRS location beaconing for vehicles, weather stations, etc.

By upgrading to the Plus version, my station is now also able to receive and decode the ADS-B locator beacons sent out by planes on 1.09 GHz. Not new to the Plus version, but I also added a profile for Cape Town International Airport's Tower and Approach frequencies.

To view APRS or plane ADS-B beacons on a map, first open the correct profile (see red circle on attached image) and choose RTL-SDR Air ADS-B for the planes, or RTL-SDR 2m VHF Digital for the APRS beacons. Then, once they start to show data, click on the Map button at the far top right of the screen to view the map with those locations updated. In both cases, those profiles open on the correct frequencies ready to use.

Be aware though that up to 15 users can use this service, but everyone controls the same view. So, if you are listening to the plane beacons, someone else may switch it to APRS beacons and everyone sees the APRS view. And of course, if tow or three people try to control it, it could become chaotic. I may have to think about limiting it to one person at a time if the experience is not a good one.

You can click on the very top bar where it says ZS1OSS Cape Town, South, and the bar will expand to reveal more information.

See https://openwebrx.gadgeteerza.co.za/

#technology #hamradio #planespotting #capetown

Fnirsi FNB58 USB Fast Charge Tester Review

https://void.cat/d/VzzyhgeJcbA6nDyznVU6Uy.webp

Recalling my recent post about USB sticks not delivering the stated storage sizes, this tester looks pretty interesting for testing USB fast chargers. There are supposedly similar issues around USB fast chargers that chronically overheat and are not up to spec.

Most USB charger testers are just voltage and current measurers, but this device goes way beyond that. Not only does it test for the various USB-C charging modes, ripple and noise testing, eMarker detection, and lots more.

The device claims the ability to monitor 4-28V, 0-7A, 0-120W and can integrate capacity/consumption. Resolution is claimed to be 10uV/uA/uW. It supports USB-A, micro-B and type-C connections.

It also has PC and Android apps to obtain more advanced views.

I see many people complaining they don't get full speed charges, or a device is not starting properly, and it is mostly due to the USB-C power output not being sufficient. With a device like this it is a lot easier to diagnose whether it is the charger or the cable at fault (an incorrect USB-C cable will negate advanced USB-C charging or power delivery).

See https://goughlui.com/2023/04/29/review-tested-fnirsi-fnb58-usb-fast-charge-tester/

#technology #USBchargers #testing

Bitwarden begins adding passkey support to its password manager

https://void.cat/d/BQpCshmoonev6L7iSqzbUf.webp

Although Bitwarden now supports storing and logging in using passkeys from its browser extensions, it’s not currently possible to store passkeys in the company’s mobile app. According to Bitwarden’s FAQ, this feature is “planned for a future release.”

Finally, it arrived for me today on Bitwarden. Seems to work seamlessly enough, as the extension pops up automatically when you choose to add a passkey on a website. For sites with multiple logins, it prompts you to select which one to use.

The theory, for me at least, is that I can use these passkeys across all my OS's and devices (when mobile support is finally added). In the meantime, for mobile, the normal ID and password still work as before.

See https://www.theverge.com/2023/11/2/23943173/bitwarden-passkey-support-released-browser-extension

#technology #passkeys #Bitwarden

Just don't tell them about that ;-)

How to host your own website, or a secure chat service, on the Dark Web with open source OnionShare

https://void.cat/d/CvhCJA4EHuHGs43xz5hcZQ.webp

I last covered OnionShare I see in 2020 and 2021. Not much has changed as they seem to offer the same services, but this a good "how to" video if you want to set up something like this at home.

I'd recommend you do it on a Raspberry Pi just to keep it fully separated from your desktop PC. Also, a Pi can run 24/7 which is more useful.

OnionShare is going to provide a dark web Tor onion address that you can share for others to find your service. But both your and their IP address won't be known to the other party (in fact this may be a better way to share a website from home than with a normal https website).

OnionShare can host a website anonymously, it can provide secure file sharing, and also private chat communications (especially useful for activists, journalists, and others who need to protect their communications). You'll notice two things from an onion address: Firstly, there is no https (with an s) as it uses a different secure protocol, and secondly it's a very long random address (which explains why sites are more difficult to find on the dark web, and why many links are dead).

Watch https://youtu.be/CurcakgurRE?si=ccjfKKHjKBJ1PGCT

#technology #privacy #darkweb

With Russia blocking 167 VPN services: How to make your VPN undetectable and bypass geo blocks

https://void.cat/d/DRdUkJ3gHsbFjSuKNQLak3.webp

The head of the Russian department responsible for identifying threats to the "stability, security and integrity" of the internet, has revealed the extent of the Kremlin's VPN crackdown. Former FSO officer Sergei Khutortsev, a central figure in Russia's 'sovereign internet' project, confirmed that 167 VPN services are now blocked along with over 200 email services. Russia is also reported as stepping up measures against protocols such as OpenVPN, IKEv2 and WireGuard.

But it is not just Russia, as there is also the Great Wall of China, and to a lesser extent many other governments practice similar blocking or interceptions. Even the supposedly "free" governments also practice some forms of censorship (e.g. Australia), so actually the issue of privacy and access to information does really affect everyone.

The main article I've linked to below has some good guidance on how to overcome some common issues with VPNs being blocked. I realise it is still focused on China, but the suggestions would work as well anywhere else. I've also added a link to the EFF's article about the use of Snowflake, as that was primarily intended to hide VPN activity where VPNs may be blocked.

Anyone thinking they may need such solutions in future, really should prepare today for such an event. It becomes far more difficult once the restrictions are already imposed.

See https://privacy.net/undetectable-vpn-bypass-blocks/ and also about Snowflake at https://www.eff.org/deeplinks/2022/10/snowflake-makes-it-easy-anyone-fight-censorship

#technology #VPN #privacy #censorship

Comparison of some hardware devices used for Ham Radio Digital Modes

https://void.cat/d/4Rvq38apHRKqgyVQqVgRcA.webp

As I'm often having to choose how to use what digital mode on different radios that I have, it has meant also trying to understand which device works with which radio, and what modes it will support (not to mention radio functionality).

It has taken me a while to try to understand some of the differences, as there is no one device that just does everything. So this linked webpage is my attempt to clarify this for myself. I'd be happy to also get input from others so that I can improve or correct it.

For anyone else trying to decide which device they should buy first (or do they even need one?), this webpage will hopefully help to quickly clarify things a bit.

For now, I have just added details for the SignaLink USB, Mobilinkd TNC, and the DigiRig, as these were the options I'd been actively looking at.

See https://gadgeteer.co.za/hamradio/hardware-devices-for-digital-ham-radio-modes/

#technology #hamradio #amateurradio

3 reasons to ditch Nvidia for AMD in 2023

https://void.cat/d/9z9csMQHxkW6VKxsg9BxaR.webp

Nvidia's GPUs are considered second to none in the enthusiast PC space, and there are plenty of convincing reasons to go with Team Green for your next build. XDA Developers highlighted a few of those reasons to consider an Nvidia GPU over an AMD one recently, going over things like DLSS and the raw performance of RTX GPUs. AMD graphics cards, however, have also come a long way, and they aren't trailing too far behind in 2023.

In fact, there are some good reasons to consider them over Nvidia's options, and you certainly can't count them out of the race. If you are in the market to buy a new graphics card and are split between AMD and Nvidia, then here are a few reasons why you should consider an AMD GPU for your build.

OK, admittedly two of the reasons are related, so this could be more of two good reasons. I did opt to go with an AMD Ryzen 7 for my last CPU I bought (my first non-Intel in decades), and I've been very happy with that choice. I only realised a month later, after I'd bought an Nvidia GPU, that I never really took a serious look at the AMD GPUs.

I'm certainly going to do so next time I buy a GPU (I don't buy them with every PC upgrade I do). In my case, too, I'm using Linux, so I really don't get to use some of those additional extra Nvidia Windows-only features. I have way less to lose, actually.

A GPU comparison for Linux users would be quite interesting to see, where it compares head-to-head on open source as well as OEM proprietary drivers.

See https://www.xda-developers.com/reasons-ditch-nvidia-for-amd/

#technology #GPU

Real-time text on Android and iOS is helpful for those with hearing or speech disabilities to converse in real time with text

https://void.cat/d/KTkd1NyfSmrWyj1AgF6mRY.webp

While texting is great for asynchronous conversations, calls are still the way to go if you want real-time conversation.

That's not an option for people who are hard of hearing or have speech difficulties. RTT or Real-time text solves this issue by allowing people to text in real-time. In this guide, Android Police explain the RTT feature, how to activate it on Android smartphones, and how to use it in different situations.

One benefit of RTT over text messaging is that it allows you to connect to businesses, government agencies, and emergency services. To connect to emergency services using RTT, all you do is dial 911 (in the USA) in RTT mode.

This feature makes emergency services accessible to people with hearing or speech disabilities and allows everyone to connect to emergency services without speaking. If you are in a situation where speaking out loud can be detrimental to your safety, use the RTT feature to connect to 911.

To connect to government agencies or businesses, you can use the Relay service. People who are hard of hearing or have speech impediments can connect to the relay service by dialling 711 (probably also USA). An operator picks up their call and connects them to the desired service.

See https://www.androidpolice.com/what-is-rtt-calling/

#technology #disabilities #accessibility

Google can turn ANC earbuds into a heart rate monitor with no extra hardware - with interesting upsides

https://void.cat/d/HViEJVQdmVWY8kZuiCVHSt.webp

Google performed two sets of studies with 153 people that found APG “achieves consistently accurate heart rate (3.21% median error across participants in all activity scenarios) and heart rate variability (2.70% median error in inter-beat interval) measurements.”

Compared to existing HR sensors, it’s not impacted by skin tones. Ear canal size and “sub-optimal seal conditions” also do not impact accuracy.

So apart from the skin pigmentation advantage, there is also no extra device or hardware required, and wearing ear buds during exercise is a pretty common behaviour. The downside is that no-one really wears earbuds 24/7.

See https://9to5google.com/2023/10/27/google-anc-earbuds-heart-rate/

#technology #exercise #health #heartrate

The Best Hardware Security Keys of 2023

https://void.cat/d/8ggMD2V711SKm1HZEff2DQ.webp

A hardware security key makes your online accounts even more secure. When you sign in, you'll have to plug in your key and press a button---or touch it to your phone. They work on websites like Google, Facebook, and many more.

If you've been on the internet, then you've probably heard of two-factor authentication, usually abbreviated as 2FA. Typically, 2FA involves receiving a code you have to insert after you enter your password correctly. You can receive this code either through an SMS message, an email, or an authenticator app.

These solutions can have problems though, especially since SMS messages can be intercepted through SIM-swapping attacks, emails can be broken into with social engineering, and authenticator apps lose their value if your phone is stolen or you forget it somewhere.

This is where security keys come in. Using Multi-Factor Authentication, or MFA for short, means using more than just one authentication vector, so 2FA is part of MFA.

Where physical security keys shine is that they don't have the issues stated above regarding interception or breaking in. Of course, they can be stolen, but some keys have biometrics in them or require another PIN, making it a true MFA key so that even if it's stolen, people can't hack into your accounts.

The linked article goes into a bit more detail about what to look for in a hardware key, and it provides some comparisons of what the most popular keys offer. I did not even know about the open source option one.

Because security is a bit more serious with the hardware key option, you can (hopefully) expect the service not to just issue a new password reset via e-mail if you lose your key. For this reason, it is vitally important you note down any backup codes for that key - preferably also written on a piece of paper and stored in a safe. I do this not only for me to regain access to any accounts, but also in case anything happens to me, that my family can access it in a usable form.

See https://www.howtogeek.com/785677/best-hardware-security-keys/

#technology #2FA #security