FOSS doesn’t mean that you are entitled to a place at the table or that your contributions have to be accepted. Nothing prevents these Russian devs from continuing to to work on the kernel.

You can’t offload these kind of decision to the user. Just think about how effective the various fishing and social engineering attacks are. No, a fediverse dating app would have to be secure by default. The only possibility I see for this is something that involves homomorphic encryption, an encryption method that allows you to operate on data without having to decrypt it first, but I know nothing about that topic so I could be completely wrong. This vague idea of a solution might be technically impossible after all.

I don’t think control features help much when one of the most basic question that you can ask is “What is your gender and who would you like to date?”. As I have already outlined in another comment in this thread, this information has to be shared with the federated network and is already enough to get people into serious trouble should it get into the wrong hands.

Alternatively think about it this way. Would you hand over this kind of information to a total stranger? Would you take on the responsibility of handling data that could literally kill someone if you make a mistake?

You already lost the data at that point and you really don’t want to play roulette with data that has the potential of killing your users. Just imagine what could happen if a gay man from Saudi Arabia joined your instance and that data leaks.

No, data must be shared between instances for federation to make any sense and the operators of other instances don’t necessarily share your views about privacy and security. Lets take for example a matching algorithm like the one OkCupid used to use. You answer some questions and based upon those people are recommended to you. If you want to see people from other instances as well, the answers to the questions must be shared between all federated instances; but at the same time these answers contain private details about you. I don’t think a workable solution to this problem exists, even if you come up with an algorithm that allows you to make decisions on anonymized data. The danger of deanonymization due to a bug is too high.

I would have serious concerns regarding data privacy. You share intimate and very private details about yourself on these apps that could be used for blackmail. I wouldn’t feel comfortable sharing that on a federated network. For example, how would you ensure data isn’t logged by a hostile server operator. A company is at least forced to play lip service to privacy laws. The theoretical operator of fedi-date.ru can do what they want.

devenv.sh contains invasive telemetry that literally exfiltrates your entire repo to their servers.

It has only three letters and its on the .com top-level domain. That’s it.

So this is a man-in-the-middle attack waiting to happen isn’t it? Buy the domain, setup a reverse proxy that points to the original hexbear server IP and start logging all requests.

True which is why WhatsApp, Facebook Messenger and Telegram still reign supreme. Don’t forget that its a minute for each person I want to contact, why bother if I already have the phone number of everybody I know. SimpleX targets a different market than the previously mentioned Messengers, and that’s OK, but it also means its a no-go for anyone outside that market. Signal on the other hand is targeting the same market and thus is a viable alternative and for that reason I could convince my friends and family including my grandmother to use it instead.

With Signal you just have to install the App and make an account to start chatting with your friends and family. SimpleX requires me to send a link or QR code to everybody I want to interact with. You will have a hard time convincing anyone to do that. Compare that to the first Twitter exodus, people chose Bluesky over Mastodon because picking a server was ‘difficult’. The average person doesn’t care about technology at all and will always pick the path of least resistance.

SimpleX is cool, but fails the “my grandmother can use it” requirement. Signal has the huge benefit that is just as easy as WhatsApp. With Simplex you have to invite each of your friends individually.

That is exactly what it says. They knew about security issues in their library and didn’t fix them for years. This isn’t being ignorant, this is negligence.

I do, use Signal if you care about privacy. They are the only game in town when it comes to reasonably secure chat software. Sure, I would prefer a federated alternative but I haven’t found one yet that is always end-to-end encrypted, open source, implements forward secrecy, and is user friendly enough to be used by my grandmother.

Don’t use Matrix the devs knew about sidechannel vulnerabilities and ignored them for years. This is peak negligence and should immediately disqualify you from touching anything security related.

The choice of init system is up to the distro maintainers because init scripts are usually created and maintained by the packager of a given application. Debian for example chose its init system via a democratic vote. Distros that focus on different init systems exist, like the Debian fork Devuan.

Its hard to give you something concrete. The topics you gave as examples are vast. For my own purposes I add feeds to my rss reader based on what I come across by reading other articles in my reader.

Maybe checkout some communities about the topics you are interested. Lemmy has for example a large and enthusiastic Linux community. Brodie Robertson also covers a lot of different Linux topics. You can also take a look at recordings of developer conferences. The people that give talks often write a blog as well.

HN is hosted by ycombinator, a VC, and represents only a tiny fraction of the IT industry. Its mainly the silicon valley startup side of things. So you can expect a motley crew of ai and crypto bros, musk fanboys and JavaScript prophets.

The articles and especially the comments there might lead you to belief that in software development there isn’t anything outside of Cloud-native Web Applications. For example, two of the most popular programming languages that are currently used are Java and C#. Yet you wont find much discussion about them on HN because it is presumably unfashionable to use these languages in a startup.

This extends to most topics from operating systems to open source programs. Largely hype based discussion around new and shiny things.

There is also a very strong libertarian bias on HN. Look at the comments of any article that relates to a EU regulation like the DMA, CRA or GDPR and you will see what I mean. Its mostly libertarian pearl clutching and not much actual discussion.

I just use Nextcloud News since I am already using Nextcloud. It works well and installs in just a few clicks.

For feeds I can only recommend to get rid of HN, its gives you a skewed perspective and is a huge waste of time. The only thing its good for is begging for support when Google deactivates your account.

I really tried to like silverbullet but the VI mode is too bare bones for me. The worst thing about it is that Ctrl+W closes the browser tab instead of deleting one word left of the cursor and there is no way around that. I think I closed the silverbullet tab 20 times while typing a single note.