Thats part of the problem though. Supposedly catfriend1 gave researchxxl their signing keys, and researchxxl used these on their new github account. No one was aware that catfriend1 was not maintaining the repo anymore until users saw unexpected/unannounced updates and looked into the matter. This sparked a short lived discussion on F-Droid forums about what should be done when maintainer transfers are handled poorly like this. F-Droid admins decided that it wasn’t that big of an issue, which is problematic… this supposedly happened between two people meeting each other online and discussing it with each other. But its possible that catfriend1 is being blackmailed or otherwise coerced into handing off this data. This type of credential attack could happen with a compromised machine, without the victim ever realizing it in time. The fact that F-Droid treats this so casually is upsetting. Signed developer certificates protect you from MITM attacks, it does not protect you from the sources themselves being compromised.

Years ago, official development of an android app of syncthing was abandoned by the official developers. Most android users migrated to an already existing fork by a github maintainer catfriend1.

Catfriend1 unceremoniously disappeared, with their github repositories being taken over by a new user researchxxl. This was entirely unannounced and wasn’t really discovered until people with automatic updates enabled on Unobtanium noticed it.

researchxxl is not a known community member, and is being very reclusive when interacting with the syncthing community. Their github account was made specifically for the repository transfer, and their method of handling existing credentials is suspicious; looking no different than a hostile take over.

At this point in time, they are collaborating with Nexon, a user who worked with catfriend to publish syncthing fork builds to Google Play. They are more well known and trusted. If you can trust Nexon, and trust that end users in general are putting more scrutiny on the github source code after this whole situation, you can probably trust the recent releases for now.

Sorry for any details I may have gotten wrong. AFAIK, no one has taken the time to document all the things that have gone down. I would have linked to such a document otherwise. A lot of the discussion on this is happening in separate discussion threads, one of them being researchxxl’s github issue page, which they are censoring/deleting discussions from with(till recently) no oversight.

*Edit: this is also a poor summary. There is a lot of additional context that I don’t feel comfortable trying to encompass. Like why the official syncthing developers stopped their official android app, or catfriend1’s forum account coming back for a short time to try to explain their side of the story. Frankly, for how many people are using syncthing, I don’t think this story is getting enough attention.

They aren’t even reliably committed to no DRM. They frequently sell games that require GOG Galaxy accounts to access certain content(online/multiplayer functionality, DLC packs). GOG has explicitly gone on record saying that these forms of DRM are acceptable, despite running a store for years without them.

And preservation of old games(at least how they are doing it) is an inherently unprofitable service. Them preserving games that they don’t even have the licensed right to sell is one of the dumbest decisions they have made so far. Most of their older releases have just been grabbing a bunch of existing fan patches into a more polished installer; these sorts of tasks will always end up in the hands of hobbyists who would do this work without being paid.

I feel like at this point, you have to focus on individual developers/publishers if you want to properly support DRM free releases. Having brand loyalty to GOG will get you nothing.

deleted by creator

I don’t see anyone mentioning Fooyin, which seems to be an attempt at being an open source clone of Foobar2000, right down to its plug in system.

Its making me feel concerned. Is there a reason foobar fans aren’t using it? Do they just not know about it? Its missing a few features here and there, but the UI is so 1 to 1 that I can’t imagine trying to use anything else as a replacement.

I was using Windows 10 LTSC for a bit before Home/Pro editions reached EoL. My past experiences with Linux were all such a significant addition of frustration; I couldn’t justify switching to Linux.

After a string of back-to-back hardware failures, I’m back to using a 10+ year old desktop I built. Ended up trying trying Fedora 42 with KDE and suddenly had none of the issues I had with past Linux attempts. My three biggest complaints before about Linux had been random Bluetooth device incompatibility, Nvidia support being trash, and most Steam games requiring extra commands and constant troubleshooting to get running decently.

I feel like a lot of those issues were from me starting with Arch derivatives on niche laptop hardware that was already beginning to fail. My experience with Fedora has been fantastic. My biggest problems now have been: -KDE discover store is really inconsistent with its packages. I would not expect the average Windows “user”(bought a PC and that’s what it came with) to bother understanding the difference between a flatpak and a native package, and would get really annoyed when stuff is out of date or mis-configured out of the box. I had a better experience using a GUI in Arch with the AUR to install software, ironically enough. -There are a few things, ie Nvidia drivers, non-free codecs, non flatpak Steam, that have inconsistent community documentation on how to install them. These become immediately bad first impressions on people switching from Windows, and I think its important that they are clear to install properly as possible.

Other than that, Fedora is stable and runs great. I’m using a Nvidia GPU and have no issues with it(this time, at least…). A lot of my software was already open source, but I run a few Windows applications, besides Steam games, with Wine; rarely do I have to do any extra configuration. KDE Plasma as a desktop environment has given me the customization and control out of the box that I have been missing from Windows for over a decade, while Fedora has some sane defaults for it that make it accessible to Windows users expecting something a bit more familiar.

There’s always a weird quirk here and there, but I have had my fair share of troubleshooting on Windows before as well. I feel like Linux as a home PC OS is mature enough that people who don’t do much on the PC anyway could find their way around it, while it’s still going to be an annoying learning curve for people who see end user software as a hobby. Entirely usable though.

Obligatory I don’t play games with anti cheat and I don’t use streaming services with DRM. I have a few games with Denuvo, and haven’t had any problems arise that needed me to switch Proton versions that end up triggering install lock outs.

Pretty sure they meant that LLM companies can easily scrape Lemmy and train models off of the posts without any authorization. Its freely, publicly accessible(until, you know, they end up DDoSing these poorly funded instances out of existence by scraping them).

Your info is a bit out of date. Epic already sold off Bandcamp back in 2023 during layoffs. Its owned by Songtradr now, who I personally know nothing about.

Usually how these verification systems work is; if you cant verify, you don’t get to chat. Its supposed to lock out children from communicating with strangers online. There is no reason to verify children if the only people allowed to talk are verified adults.

I don’t know what clown shoes system Roblox has decided to go with. Again, the article doesn’t seem to specify why they are collecting children data. If the idea is to age gate chat between player demographics, so that kids can talk to other kids… that seems like a wasted effort. Children are quite capable of abusing each other without any adults around. Age verification is not an alternative to moderation.

And that’s without getting into “AI age verification is easily fooled”; kids and predators alike are going to get around the system if they bother looking into how to do so. Just as all the generations before them were constantly circumventing lazy tech solutions for blocking content when children are involved.

Age verification is already dystopian, but why do kids need to verify their age??? Wouldn’t the logical assumption be that if you can’t verify as an adult, that they would be underage and therefore be chat limited? What purpose is there to having photo verification that someone is a child? I figured it was a poorly written headline, but the article does seem to suggest they are pointlessly collecting data on children with no explanation.

Also don’t appreciate this article acting like corporate monopolies should be more trusted with the surveillance state. It’s crazy seeing all news sites manufacturing consent for this shit so openly.

Checked the authors website; watermark made searching for it easy. They have been using this consistent art style since 2021. They have been posting art to Twitter since 2011.

Don’t know what in this comic you could possibly see as a give away for AI use.

I don’t know why you are so insistent that everyone who mentions Windows is using a online account, but you actually do not need a google account to use an android device in most cases. I have been using android phones with no logged in account, with side loaded app stores and independent apps for years. Maybe the mainline flagship devices enforce it; I haven’t had that problem personally.

Google would really like to crack down on installing software without their permission, and they still track every bit of information they can with the Google Play API even without an account, but I digress. I haven’t had a google account in several years. Or a Microsoft account either, for that matter.

On top of using include mode, be sure to go into Qbittorrents settings and bind the network interface to the VPN. That will ensure that even if the VPN is disconnected or turned off for some reason, Qbit will not attempt to communicate on clear net. Some people would rely on Proton VPNs kill switch feature for that, but that is not available with split tunneling.