Jami: A Versatile Cross-platform Open-Source Peer-to-Peer Decentralized Communication App
I can't believe I last did a proper post about Jami as far back as 2019 last. I mention it a lot, and it was included run a debate today on my Friendica site, but I realised it does deserve a proper feature post of its own.
Jami is a proper peer-to-peer messaging app, much like RetroShare, but Jami is probably a bit easier to use than RetroShare. It has no central servers that can be blocked or denied service. It has clients that can install easily on all operating systems, and all your data is stored locally on the client.
So, as with other P2P apps if you lose your private key or configs, you've lost all access to that client identity. There is no central service to reset any password. So rule 1 is to backup your credentials, or have it also work on a second device.
The other important thing is Jami requires no e-mail or phone number to register with. There is no way for that identity to be linked to you personally. And like with RetroShare, SimpleX, Session, Wire, etc there is also no way any friend or anyone else can find you, unless you tell them how to connect with you. There is no way to search for friends etc. Security and privacy-wise, it is very much on par with apps like SimpleX, RetroShare, Session, etc.
It is fully open source and has E2EE for messaging. On a local network it requires no Internet to connect clients. Across the Internet the application uses distributed hash tables (DHT) to establish communications. This technology eliminates the use of centralized registers (servers) and the retention of personal data. Mass surveillance can not be undertaken by the servers as there is not any.
It has the following features:
* Instant messaging
* Group chats
* Video Conferences
* Audio calls
* Audio and video messages
* Screen sharing
* File sharing
* Extensions for enhanced functionalities
* Ability to use it as an SIP (Session Initiation Protocol) client
So, it is also much more than just a plain messenger app.
The linked article below does not go into its technology, but is focussed more on how to install and use it.
#technology #P2P #decentralised #privacy #opensource
What Is an Immutable Linux Distro, and Should You Use One? Think of it as Linux booting as a Container Image
An immutable Linux distribution is an operating system (OS) that is read-only at its core. That means you can't easily modify the OS. This includes the file system, directories, applications, and even configurations. Even as an administrator, you can't make any modifications to the distribution.
If something gets changed in an immutable distro, it's only temporary and reverts when you reboot. That's why these OSes are called "immutable."
This is one of those "because you can" type perspectives. This is not the same as using a Linux LiveCD boot, as those generally don't keep settings and changes between sessions.
I can liken this closest to using containers, where your OS (or app) boots from the read-only image, but you have volumes which store the user settings changes and documents etc between sessions. A lot depends though on the particular Linux distro as whether it allows the saving of any config files at all, or just limited to maybe the /etc folder.
Obviously, these distros do increase both security and stability (from dependency updates) as the key OS reverts after rebooting.
But, as the article points out, these types of distros may not be for everyone as they have quirks of their own. It is interesting though to see that the Steam Deck actually uses an immutable Linux distro.
See https://www.howtogeek.com/what-is-an-immutable-linux-distro/
#technology #Linux
An old Bluetooth vulnerability shows why it is vital that all OS's get updated regularly
Bluetooth vulnerability exposes Android, Linux, MacOS, and iOS devices. Hackers can access your device without special hardware and run commands without your consent.
Security fix for Android 11 through 14 available, but older versions remain vulnerable. ChromeOS has been patched, but Linux-based OSs are still prone to hacking.
Some OS's update better, or are supported longer, than others. This is where Android especially suffers, as many phones only got two years of OEM updates.
If you have an Android, in particular, a bad actor could access your device if Bluetooth is simply enabled. The hack is possible on Linux if Bluetooth is discoverable, and iOS and MacOS devices that have Bluetooth enabled with a paired Magic Keyboard are vulnerable as well.
It requires nearby access, though, so this may not be very high risk unless you regularly attend conferences and spend a day sitting in such a place.
One also wants to choose new purchases to also include the consideration around how long a device will get updates in future.
See https://www.androidpolice.com/android-ios-linux-macos-bluetooth-vulnerability/
#technology #security #Bluetooth #vulnerability
These 3 services can help you transfer playlists between music streaming services
Music streaming services are not standardised like RSS readers, which have OPML files for easily exporting and importing feeds between different readers (I wonder why not). So, this makes it difficult to easily switch to another music streaming service and just pick up where you left off with your 1,000+ collection of songs and playlists.
But there are at least three services which will help you do this, namely Soundiiz (at https://soundiiz.com/), TuneMyMusic (at https://www.tunemymusic.com/), and SongShift (for iOS only at https://songshift.com/).
Most offer a free limited service, but as one suggested, you just sign up for a month and then cancel it before the end of the month.
And there are probably many more such services, but hopefully this makes it easier for anyone to break free from their lock-in if they wish to.
#technology #musicstreaming #music
New systemd update will bring Windows’ infamous Blue Screen of Death to Linux - Bring on the Memes!
Windows' infamous "Blue Screen of Death" is a bit of a punchline. People have made a hobby of spotting them out in the wild, and in some circles, they remain a byword for the supposed flakiness and instability of PCs. To this day, networked PCs in macOS are represented by beige CRT monitors displaying a BSOD.
But the BSOD is supposed to be a diagnostic tool, an informational screen that technicians can use to begin homing in on the problem that caused the crash in the first place; that old Windows' BSOD error codes were often so broad and vague as to be useless doesn't make the idea a bad one. Today, version 255 of the Linux systemd project honors that original intent by adding a systemd-bsod component that generates a full-screen display of some error messages when a Linux system crashes.
On the plus side it does often happen that a specific error gets a bit burying in lots of streaming text output in the CLI (or in a log file), so from that perspective this may better highlight an actual issue. For new users it may help bring a lot of focus.
I strongly suspect though for the many users that have mastered log files, and that don't like Windows at all, this may grate a bit. Then many also love to hate systemd itself, and this will add some fuel to those flames too.
That all said though, change is also never popular, and in most cases, if it also proves useful, it will be accepted after a while. I'm sure we're going to see many new Linux memes now about the BSOD.
#technology #Linux #BSOD
Calibre eBook App Now Supports Audio ePubs & Custom Notes
If Calibre, the popular open-source ebook manager, was a book itself it’d surely be a perennial bestseller, thanks to an exhaustive, multi-faceted feature set.
And in the latest Calibre 7 release, the feature set expands yet further. The latest version introduces a clutch of new capabilities to the manager’s existing roster of ebook conversion, syncing, reading, and editing options.
The standout addition in Calibre 7.0 is the ability to store notes linked to various book attributes within your Calibre library. You can stash notes related to authors, publishers, book series, and more so you can keep track of information relevant to you.
The notes are exactly what I've been needing to keep a chronological list of a specific author's books, as he published them in a different order to that of the actual events. This is now allowing me to keep that reference on hand as I push the nest book through to my e-reader.
Calibre 7 also lets you attach “data” files relevant to a book with that book, and manage and access said data within the app. What kind of data? Well that’s up to you, but it might be PDFs, web links, office documents/essays, images, etc.
These are really some substantial updates to the Calibre app.
See https://www.omgubuntu.co.uk/2023/12/calibre-ebook-manager-now-supports-audio-epub-notes
#technology #Calibre #reading #books #opensource
Does Your Next Monitor Need a KVM Switch?
I never thought about this before, really for a monitor. I've heard about them being used as standalone switches, and still think that may be more flexible.
However, if you have one ultra-wide monitor, maybe it would make sense to split that display into two sides, and have a computer working on each side (a bit like having two physical monitors).
The main point of a KVM switch is to improve your productivity by allowing you to use multiple computers with one monitor, mouse, and keyboard. It's there in the name: KVM stands for "keyboard, video, mouse," and when a monitor is equipped with a KVM switch, you can easily swap between multiple devices utilizing it.
Where I certainly can use a KVM switch is for the times I just want to connect my Macbook Air, or maybe even my Samsung Dex on my phone, to one of my monitors. The reason is right now when I connect a different device to one of my monitors, the OS recognises the monitor as disconnected, and it rearranges my desktop. If a KVM switch can make that operation a bit slicker and smoother, it could be useful.
I'll certainly not be rushing out though to go buy a monitor just to get a KVM switch. I'd really only think about this when buying another monitor, and I'd also need to consider whether I'll just replace one of my three monitors, or buy an expensive ultra-wide monitor with a KVM switch. Really decisions only for a future time, I hope.
I've only previously looked at KVM switches for remote management of a computer, but I'm thinking it is time to get to know more about just how KVM switches can be used.
See https://lifehacker.com/tech/your-next-monitor-needs-a-kvm-switch
#technology #KVMswitch #monitors
Apple admits to secretly giving governments push notification data: Push notifications contain useful metadata
Push notifications are used to provide a wide variety of alerts to app users. A friendly ding or text alert on the home screen notifies users about new text messages, emails, social media comments, news updates, packages delivered, gameplay nudges—basically any app activity where notifications have been enabled could be tracked by governments, Wyden said.
According to Wyden, many app users do not realize that these instant alerts "aren't sent directly from the app provider to users’ smartphones" but instead "pass through a kind of digital post office run by the phone's operating system provider" to "ensure timely and efficient delivery of notifications."
A source familiar with Wyden's probe told Reuters that "both foreign and US government agencies have been asking Apple and Google for metadata related to push notifications to, for example, help tie anonymous users of messaging apps to specific Apple or Google accounts."
Apple has since confirmed in a statement provided to Ars that the US federal government "prohibited" the company "from sharing any information," but now that Wyden has outed the feds, Apple has updated its transparency reporting and will "detail these kinds of requests" in a separate section on push notifications in its next report.
Ever since SMS text messages came into being, governments have been accessing message content and metadata. Since many messengers now have end-to-end-encryption of the message content, they can no longer read the message content. But the metadata is still available. This is the same metadata that WhatsApp has been passing upstream to Facebook (as contained in its privacy policy).
The fact is, there is a lot of value around metadata, and more so when harvested in bulk. The only way to get around this is to disable push notifications for sensitive apps. Some open source apps installed from, for example F-Droid, will not use Google's push notifications. But any other push notification service will still see the same metadata. It will be interesting to see how this is able to be locked down.
Android's OS settings only go as far as preventing content displaying on the lock screen, but the data is still passing through the push notification system itself.
Signal messenger does have an in-app notification setting to display name and message, name only, or no name or message. So, in Signal's case, you can change this to name only (it will leak the person's name and when they messaged you), while the no name or message may be best as it will probably just inform you there is "a message".
But this type of granular in-app push notification setting probably does not yet exist in Google Messages, Apple Messages, WhatsApp, Telegram, etc.
#technology #privacy #government #metadata
The best Raspberry Pi alternatives - There is no exact alternative though
Raspberry Pi's are no longer the cheap $35 single-board computers that they once were. There are however quite a few alternatives, but all lack or add some features. Of course, the Pi has also improved quite a bit.
But even with the Raspberry Pi itself, it is worth buying for what you need to get done. Sometimes something smaller does the job just as well. A Raspberry Pi can be a complete overkill for many tasks.
For benchmarking purposes, the Pi Zero 2 W costs $15 and the Pi 4 Model B with 2 GB of RAM is $45, and the newest Pi 5 with 4GB of RAM is $60. Then usually a case and power supply are also needed with it (another $24).
See https://www.xda-developers.com/best-raspberry-pi-alternatives/
#technology #RaspberryPi #alternativeto
How Teachers Can Catch You Using ChatGPT by using GPTZero and other methods
ChatGPT is a valuable studying tool. It can help you brainstorm, it can quiz you, and it can explain answers to you in a really thorough way. Of course, it can also be used to cheat, since it can generate long answers (and even entire essays) based on prompts. I’m not here to argue about morals or academic integrity, but I will say that teachers are getting wise to the ways of students who use the AI tool to complete written work. Here’s what they’re looking for and how you can still use ChatGPT to help you with written assignments in a way that won’t get you in trouble.
I suppose, like with criminals getting caught, it is the lazy ones who caught out by copy-pasting (same modus operandi). If ChatGPT is used as an aid, like search, dictionaries, spell checkers, etc, and the student formulates their understanding using their own words, ChatGPT (and similar tools) will be just fine.
It is actually an important part of the learning process to formulate and express one's understanding using ones own words. The text from a textbook could also just be copied as is, but that won't be original work, nor will it be expressing understanding of the work.
Rewrite completely what you get from ChatGPT, and make sure to fact check it, and you will actually learn something.
I tested out GPTZero on some of my blog posts, and it is good to know I'm certified as 100% human.
See https://lifehacker.com/family/how-teachers-detect-ai-chatgpt
#technology #education #ChatGPT
New Beeper Mini app lets Android phones appear as blue bubbles in iMessage chats
This is a dedicated stand-alone Android app by Beeper which will carry a $1.99 pm subscription after the 7-day trial period. It validates via SMS as an iPhone 7 (just as an iPhone would) so no Apple ID is required, but there is also an optional Apple ID sign as well.
Beeper Mini claims to secure your chats with full end-to-end encryption so that neither Apple nor Beeper can read the contents of the message.
Beeper Mini does not use a Mac relay server in a data centre. Instead, the app connects directly to Apple servers to send and receive end-to-end encrypted messages. Encryption keys never leave your device. No Apple ID is required. Beeper does not have access to your Apple account.
Features:
- Send and receive blue bubble messages from your Android phone number.
- Full size photos and videos, plus replies and reactions.
- Join iPhone-only group chats.
- Secure and private, with end-to-end encryption.
- Sync existing iMessages across multiple Android or iOS devices, including Macbooks and iPads.
- read receipts, typing indicators, emoji reactions, media galleries and more!
The roadmap is apparently ending later on, with the existing iMessage functionality in the free Beeper Cloud app being closed down. That functionality is working still, and will probably continue to do so for a while. The plan is to monetise through the Beeper Mini subscriptions to make the service sustainable and to keep adding features.
The picture though will likely change again later in 2024 as Apple includes RCS in their Messages app. Yes, it will probably only show green bubbles, but it will be E2EE and otherwise fully functional. It may miss out on iPhone-only groups, though.
So far, for me, Beeper Mini got up and running fine and did authenticate via SMS for my Android phone. One of my iPhone contacts though says my message showed up grey. This could be that the app was very newly registered, or because it was a chat previously started on the main Beeper app. Another contact that I started a new chat with, confirmed he sees blue bubbles from me.
I suspect this app may be more of a hit in the USA that is far more iPhone-centric than the rest of the world, and once RCS integration takes hold inside the Apple Messages app, the world may then already become more integrated.
See https://blog.beeper.com/p/introducing-beeper-mini-get-blue
#technology #iMessage #BeeperMini
The Best Apps for Improving Memory - Because Practice Makes Better
I've certainly seen from playing Wordle every day that your game improves over time. The brain is like a muscle (not in how it functions) in that practice and time spent sharpening it, does show improvement. It's like any hobby you do too - practice makes better (or perfect if you really dedicate regular time).
There are many apps out there that purport to beef up your memory skills, though research on whether they work has been spotty and conclusions about efficacy are pretty limited. One thing we do know is that they're not going to magically cure major cognitive decline. Still, if a few puzzles a day help you feel better and get your gears going, it could be worth a download just to get that rush. Apps are just one of many ways to get a little brain boost, but below are some of the better ones out there.
I've tried Lumosity and Cognifit so far. Lumosity is quite nice in that it benchmarks you against others of your age profile. Cognifit was a bit more difficult and the finesse you can use your mouse with, does also make a difference. Most are time based, so you also want to make sure you are in a space where you won't be disturbed at all. Any phone alert etc is going to pull your concentration away.
See https://lifehacker.com/tech/best-apps-for-improving-memory
#technology #memory #brain #health
Open source PowerToys 0.76.0 for Windows releases with heaps of features, fixes, and tweaks
I only realised this month that I needed PowerToys on my Windows 10 VM as I was trying to remap a key binding. I did not know that key bindings and shortcuts are not built into the Windows OS. This is something you must install PowerToys to achieve.
If you find Windows' default tools lacking, you should give PowerToys a try. PowerToys is a pack of tools developed and supported by Microsoft that adds a ton of features, quality-of-life updates, and tweaks to the operating system. Now, PowerToys has released version v0.76.0, and it contains a heap of features, fixes, and visual upgrades.
If you have trouble installing this app through the Microsoft Store (like I did) there are also a few other optional ways to install it (see their GitHub project).
See https://www.xda-developers.com/powertoys-0760-release/
#technology #Windows #tweaks #OpenSource
Although then quite removed as there is no operational involvement? Things is SimpleX know next to nothing about its users as nothing is zero personal info is required to register. Nothing links a user back to an e-mail, phone number, etc.
Beware of claims by marketers of non-invasive blood glucose monitoring watches
We still await an acceptable blood glucose monitoring watch, but this has not stopped some marketers from claiming their watches can be use "for reference purposes".
This may not be a scientific test but does at least demonstrate how far out these watches can be, and that they in no way should be used really for blood glucose monitoring.
You get what you pay for, and some form of medical clearance is really what you want to use.
See https://youtu.be/sWadFt4vBtY?si=mRk2DsyxIa8HqJMV
#technology #health #bloodglucose
This XDA Reporter replaced their monitors with XREAL smart glasses for a full week
Not made by Meta = Tick. The price though is almost the cost of three monitors...
These may not be full time permanent replacements for monitors, but they are great for portable use, and could potentially save a ton of desk area space. You can also work in a confined area (even on a plane trip, without the neck strain of having to look down the whole time), with the illusion of space and the monitors being further away from you. Or they can also be used so that they don't disturb someone sleeping (or working) next to you, or you can use them instead of having a large screen TV.
At even 60Hz to 120Hz, that is a pretty decent refresh rate, and more than I expected it to be. They are also not as heavy or cumbersome as many VR goggles are, weighing it at around 75g. Resolution is 1080p per eye.
It seems too that the glasses can connect to Linux computers that support USB-C DP video output.
But this type of device really needs to be tested in person before buying. It's not the sort of thing you can easily show someone remotely, or via a video, to help make a choice.
See https://www.xda-developers.com/replaced-monitors-smart-glasses/ and the video at https://youtu.be/m5pTpB9x-es?si=V1K--m2ZwWQxPSLM is also worth watching
#technology #glasses #smartglasses #AR
Character AI allows you to create your own chatbot or to converse with many others, including famous 'personalities'
Character AI says it is bringing to life the science-fiction dream of open-ended conversations and collaborations with computers. Their dialogue agents are powered by their own proprietary technology based on large language models (so not ChatGPT), built and trained from the ground up with conversation in mind.
Needless to say, a hallucinating supercomputer is not a source of reliable information. Still, they hope that you find Character AI a useful tool for imagination, brainstorming, language learning, and a host of other purposes they have themselves not yet imagined.
For creation of your own character, they support two different creator experiences. Their Quick mode allows creators to create interesting Characters in less than a minute. Their Advanced mode allows adventurous creators to perfect their Character by using more powerful tools. Note that character creators do not see any of your conversation with their characters.
The apps for iOS and Android (and website) is essentially free and fully featured. It does not look like the paid service is actually exempting you from the ad-driven service, though.
What drew me to reading more about this service was it was featured in Google's Play Store Editors' Choice for 2023, and has an average rating of 4.6 stars from 425,000 reviews. So, clearly there are many who enjoy using it. You can actually test it a bit on their website without registering.
See https://beta.character.ai/
#technology #chatbot #entertainment
French government recommends against using foreign chat apps and use open source Olvid instead
Well, this is interesting! The move by France in this direction is not new at all as in 2018 they announced they were moving towards using Matrix and Riot to replace WhatsApp and Telegram, and then in 2020 they announced they would roll out their in-house developed messaging service called Tchap (based on Matrix protocol). In February 2020, the Tchap service had 80,000 users in the French public administration.
What is new, though, is a seemingly complete move away from self-hosting of Matrix servers with Tchap, to Olvid.
Olvid is also open source and E2EE, uses a decentralized infrastructure, and doesn't require a phone number or any other personal data for registration. Hence, it is seen as a more trustworthy option that includes all the key features of its more renowned and widely used competitors.
Security comparisons between Olvid and other messaging apps may be rendered moot due to Olvid's unique distinction of having ANSII (France's national cybersecurity agency) "first-level security certification."
This certification involves a thorough examination of the app's source code by the state's experts, and none of the other mainstream apps mentioned in this post have undergone the stringent evaluation process.
So, although Signal is secure, it still requires phone numbers, and France is not controlling the hosting.
Too many countries are still dependent on US technology or hosting, and as we've seen before in the UK and Germany, you can't unfortunately trust even your allies not to spy on you. France is therefore to be admired for taking accountability over their own security and privacy.
But like with anything that is not WhatsApp, Telegram or Signal, there is always going to be a major struggle to get broad adoption. WhatsApp, Signal and Telegram are popular because they require phone numbers to register, and that helps everyone find their friends and contacts easily. But any government can of course call the shots as to what software is installed on their official phones. It just depends on whether a phone is deemed official or private.
The Olvid website also has a link to a technical paper about how the protocol actually works.
#technology #opensource #France #privacy
The Raspberry Pi 5 Can Use External Graphics Cards Now Such As The AMD RX 460
The Raspberry Pi line is full of capable compact computers, but they’ve never been the strongest in the bunch when it comes to graphical output. Nor have they been particularly expandable in that regard. However, that’s all beginning to change, with Jeff Geerling reporting success getting external GPUs to work on the Raspberry Pi 5.
This is really early days to demonstrate what is possible (seems Nvidia may still be a problem). So, it's not ready yet for a copy-and-paste for everyone to use, but all the efforts have been open sourced for others to follow and contribute to.
See https://hackaday.com/2023/11/30/the-raspberry-pi-5-can-use-external-graphics-cards-now/
#technology #raspberrypi #opensource