lol

It is likely they have the ability to sign the public key of your console with a "Suicide Key" which would signal your console to commit suicide by burning some internal e-fuse.

It is also equally likely this is an over-broad version of "Legal Rear Armor" that means nothing explicitly about what they can do. This is because modifying your system has long carried risk of bricking and their security systems to prevent modifications have only increased in strength.

It's likely the new security system in the Switch 2 is so naively hair-trigger sensitive that it absolutely will brick you or disable some functionality permanently if it thinks you even so much as modified a backup copy of a save file or encrypted binary stored on your SD card itself. It's very likely that any kind of attempt to write invalid foreign files onto an SD may result in issues. I'd expect Switch 2 systems to spontaneously self destruct if exposed to bad quality or fake SD cards with insufficient capacity; or an SD card that is failing if what I am guessing is true.

Is this confirmed? No; it's just idle wild speculation. But it is what I expect from Nintendo; given that their creatives have all been driven away from the executive positions of power and only money driven executives are left at the helm.

Given that the Switch has already been thoroughly cracked; it's likely now more than a want or need, Nintendo now has a mania or obsession with making their consoles un-exploitable. Likely, this is because they're too naive to avoid promising their consoles are 'unbreakable' to their third parties and publishers.

Unfortunately Nintendo is full of foolish pride and stubbornness. Tinkerers and video game preservers the world over will need to once again break the Switch 2 security to pieces to prove to Nintendo that this endeavor is futile.

In the meantime; don't tinker with a Switch or Switch 2 you can't afford to lose. Hell, don't even buy one if you're sensitive to it being un-tinkerable. Don't gift them to any children in your life either. Instead; gift them something more useful; like teaching them how to emulate one of the older Nintendo Systems and gift them a Library of ROMs so they don't have to torrent it themselves and 'give the family computer a virus' or 'cause a scary letter to be sent to their parents' with their inexperience. If you can't bear piracy; then go pick up one of the old legitimate retro systems. Buy it somewhere used and pick up whatever used games you can for them at any occasion.

There's something you need to know about the "anti-features" flags on F-Droid.

They're too "greedy" and widely defined. What you really need to do is examine the app and how the developer might use said "Anti-Feature". Not all internet access and telemetry is an anti-feature, and neither is reliance on a "third party service" where you can simply configure your app to use your own self-hosted server instance.

An app having no "Anti-Features" flag on F-Droid is absolutely not an informative indicator that it respects your privacy. Merely, it indicates common privacy foot-guns may not be present.

Frequently F-Droid also is far too opinionated in it's application of the anti-feature flags; giving developers no reason or chances to appeal or change the decisions. It does not matter if the anti-feature flag is mis-applied in any specific situation; nor does it matter if the developer shouldn't be getting an anti-feature label because they have everything open sourced and it's clear to see there is no anti-feature there.

False.

The ad attribution system was proposed but never implemented due to user outcry.

Some telemetry has been a part of Firefox for quite some time now; but it has always been privacy respecting and they self-host all of it. In general you can easily turn most, if not all of it off. The telemetry thing has been around since before they even started seriously fast-cadence releases. Some of my memories of this date back to the Firefox 34 days even. None of the telemetry collected is mandatory, and it can be shut off in preferences as well as through advanced config; which is what most forks do if they don't specifically rip the code out. You should read their source code sometime; it's quite interesting.

I will however agree that Brave is way more intrusive than any misstep made by Mozilla in developing Firefox.

No.

Brave is factually bad. It's a failed attempt at monetization of users seeking some form of privacy in browsing. From the entire crypto integration with BAT tokens to the weird VPN stuff and more; it's clear that the company who makes the browser is pivoting rapidly and iterating the software to make money from somewhere, somehow.

Brave does treat it's users like a product, and the company has made privacy-impacting decisions. They are very clearly a for-profit company with a well known CEO who operates on a for-profit basis only and never on a non-profit basis. You cannot say that Brave is operated on a non-profit basis. The entire concept of the Brave browser itself is to enable monetization methods that users and privacy advocates clearly want to see depreciated.

Mozilla on the other hand; has only recently begun to take some weird steps. Given that their exclusive contract with Google is likely to be dissolved in courts; they are simply stuck in a financially challenging situation. At no point has Mozilla or Firefox actually done anything actively hostile to privacy or users. While Mozilla does make mistakes; nothing notably wrong that they've done has actively been anything but a simple mistake. They have not yet crossed the threshold into malicious profit motive as of yet. Although many privacy enthusiasts are watching Mozilla very closely for any sign of them crossing that line right now.

Given the absurd number of sites that require a login for no discernible security reason at all whatsoever; I get it.

A "Common" password makes sense. This password should never be used to log into or protect anything secure however.

Similarly a "Common" password might be used to enable login more easily from certain devices; but ideally this "temporary" password should probably be something that is, yet again, different from the first "Common" password you use.

It boggles my mind that someone like this isn't at least using a specific passphrase for secure work accounts only.

While I can personally understand a need for some password reuse across multiple domains; at least there should be some separation of larger "superdomains" such as "work", "personal" and "throwaway" so that breaches don't have such a catastrophic impact.

A system of generating secure, unrelated but memorable phrases (for you) for those times you can't carry or use a password manager is frequently essential. That way you can recall the password on the fly when it is asked of you; all you need to do is think about the unrelated thing you attached that information to.

Good idea; bad execution.

If they think for a minute that Trump won't order his goons to arrest people doing this; they're being careless.

Instead of a bullhorn; a private message blast out to any interested parties would suffice; ideally via a secure Signal group chat or something similar. A phone tree being set into motion could work too; ringing phones; as could an SMS trigger an alert to all neighborhood residents.

All that said; it's good that they're basically warning folks of federal agents snooping around. There's no reason to let them get away with it casually during this Administration; if they want to illegally investigate immigrants, make it hard on them. Document everything.

This is mostly useless to me; I already enforce all tabs into unique containers to isolate browsing and website contexts from one another; while still allowing me to make exceptions to the rule and "unbreak" things if that's causing an issue, but still keeping things isolated from the rest of the browsing.

As for Tab Management; I use two windows and a plugin; Tab Stash Plus; which collapses tabs I stash into a bookmark.

Every so often when I reach a critical mass of tabs I personally go through them and play "Keep/Toss" with more odds on Toss. Only useful tabs get stashed and are then searchable from the plugin.

In general; since this feature now presents a possibility of an extremely UNWANTED AI integration I will be setting the config to off and leaving it off...using a relevant config policy tool or plugin to enforce this to off if needed. I hate AI features that I didn't ask for and this one definitely doesn't seem like it's going to be helpful nor compatible with my current workflow.

And this is why Fwyfwy refuse to move away from Windows 10. Fwy refuse to use any version of Windows that truly integrates their AI bullshit...and Fwy actively breaks and blocks installation of it too; during updates via NTFS security, policies and other tactics to otherwise deny or break their store app from installing anything automatically. If I need some shitty UWP packaged app; I will pull it down and manually install it myself using PowerShell kthx.

Fuck your AI shit Microsoft. If I want AI; I'll choose the models and run it locally on my own hardware and train it to my needs. If I need a screenshot; I have several app options to do so on command with a single keypress. I don't need my PC taking timelapse photos of what I'm doing.

Unfortunately this law is unconstitutional as ever. This is nothing more than a scare tactic; as it should not survive a true challenge in the SCOTUS. If it does survive such a challenge; burn them all, congress and all.

I don't personally cut my usage of YouTube content at all; I just simply use necessary tools to prevent the apps and services from over-sharing too much data at a network level. DNS and IP level filtering is done typically to prevent well-known domains and telemetry targets from being utilized and any account preferences are set to minimize consent given. NewPipe and FreeTube are used interchangeably with yp-dlp if needed. No account is necessary...my viewing patterns aren't being recorded except in a generalized aggregate manner which enforces a reasonable amount of privacy.

I'm of the opinion that a completely de-googled device lacks critical features I use often; and restoring equal function is oftentimes made difficult. Unfortunately this also covers video content; there's no real viable FLOSS alternative with enough content. The creators typically do not have a motivation to use PeerTube or other viable FLOSS software that does exist currently and do not publish videos there; which introduces a heavy timelag; even if the creator or even someone else IS willing to export the YT content out to PT.

Network is standard double NAT grade B. [ISP <-> Router <-> Firewall <-> Client] with all necessary port forwards in place (TCP/UDP 1025-65535 to Firewall). Firewall is standard pfSense CE; and will forward invisibly and does automatically perform necessary UPnP and port forwarding as detected. STUN may be necessary but does function and establish the route(s) and the ports your application selected would ordinarily be invisibly NAT'ed quickly by the firewall as long as the packets are solicited. ICE Candidates udp <Public IPv4>:65359 srflx udp <Public IPv6>:65363 srflx udp [<Public IPv6 /64 issued by ISP>]:54597 srflx udp [<Public IPv6 /64 issued by ISP>]:58798 srflx Error: No active TCP candidates were found

To my knowledge your application does not appear to opinion or declare if it uses STUN. (Perhaps it should, there are valid reasons to offer STUN or not offer STUN). The application provides no meaningful errors so I can't tell what might need adjusted or allowed network-wise.