Yes, they don’t work without Google Play Services. Google didn’t implement passkeys in Android, only their own services.

I’ve been using it for several months mostly due to it’s UnifiedPush notifications support and been really happy with it.

Yeah, in self hosting MollySocket and my own Ntfy server. I’m in the process of moving it all to my NAS so I don’t have to leave my computer on all the time.

I really wish Signal would support it natively.

I’m using Molly with UnifiedPush for notifications and it works quite well.

Another recommendation for Proton Mail. As others have said I’d recommend getting your own domain for email so you can always migrate providers without having to change your email address.

The reason that Google got ruled against originally was that they were paying and offering incentives to developers to keep them from releasing their apps on other app stores.

Google also doesn’t support a user installing the Play Store themselves (and the required Google Play Services dependency). So phone manufactures have to choose to include it on everybody’s phone from the get go, or their users won’t be able to use it at all.

They do have e2e for emails. Any emails between Proton Mail users are always e2e encrypted, as are any emails others send you which they’ve encrypted with their own maio client. If someone sends you an email unecrypted (most email is), then Proton will encrypt it for you and put it in your inbox. They can’t read it after that, but there is some trust required that they don’t store/look at the unecrypted email before then.

The UnifiedPush server is intended to be a single source your phone can keep a persistent connection open to, rather than needing a connection per service/app (this is how Google’s Firebase notifications work too).

As Signal doesn’t support UnifiedPush, MollySocket keeps a permanent connection open to Signal’s servers to listen for new activity and forward them to your UnifiedPush server. This saves your phone keeping a permanent connection open to Signal’s servers and draining your mobile battery more.

I’m self hosting both too. MollySocket’s docs are pretty clear that it never gets an encryption key for your account, so it can’t read your messages. It only gets/forwards alerts that something happened on your account AFAIK. So I’m not sure what data it has that’s worth encrypting.

For Signal/Molly, it’s less that the notification is encrypted as I understand it. It’s more the notification content is just “Hey! Stuff happened” for Signal. The app then reaches out directly to the Signal servers to see what’s new. So the message content is never sent via the push notification service (UnifiedPush or Google’s service).

I’ve got a few old PCI cards around somewhere. I should pull one of them out and give them a try at this.

That would require a lot of data privacy concerns to be addressed. Even if it’s an explicit opt-in. The current method uses sample text which can’t include PII. Using user supplied text would almost guarantee they’d get names and other PII in their data set.

I also imagine it’s harder to train the model when you don’t know exactly what the user was trying to type. I.e. Was the swipe detection wrong, or did the user delete the word because they changed their mind on what to write?

The issue isn’t a big deal for the average user. The vulnerability required them to first get your username and password, physically steal your Yubikey, spend half a day using $10-15k worth of electronics equipment to repeatedly authenticate over and over, they then could potentially make a clone of the key.

She’ll independently recycle your matter into more coffee.

When I migrated emails last time, I setup my old email to automatically forward to the new email. Then on my new email, I setup an automatic label for any email that was addressed to the old address. Every week or two I’d review what was sent to it and either update the email address used or unsubscribe. Eventually it got to a level where I wasn’t getting much at the old email anymore and finally deleted it.

Even if it doesn’t look as good, it’ll hopefully include some better APIs that extensions can utilise to improve their experience. E.g. hide the native tabs.

As I understand it (from my non-legal casual read of the new coverage). Having a monopoly isn’t illegal, abusing it is. For Google they found that google was secretly paying companies to not put their apps on other stores. That was what they got the judgement against them. They didn’t find anything like that for Apple.

I believe Steve has said that he hates the title/thumbnails too. But Google’s algorithms heavily incentives them, so he reluctantly uses them while maintaining the good quality content.

You technically could make cheese without murdering a cow but you won’t find any made that way. Cows only produce milk for their young. To make milk they need to be repeatedly impregnated over and over again. Lifespan of a cow can be 20 years, though they are usually killed after about 5 as their milk output drops. Half of the cows they give birth to will be male and almost all killed as they don’t produce milk. Some of the females may be killed too as you’ll end up with more cows than you have room for it you keep them all.

As for a human child, drinking human breast milk is considered vegan as long as it was given consensually. If you kidnap someone and tie them up in your basement then it wouldn’t be.

FYI for anyone interested. Immich is a open source, self hosted system for photos/videos like Google Photos. It uses machine learning locally for facial and general image recognition.