

Nice. Here’s hoping you can show them off soon.
Nice. Here’s hoping you can show them off soon.
GrapheneOS is better in principle, but it requires that you (directly or indirectly) give money to Google and depend on Google-controlled hardware, both of which are dealbreakers for some people.
GrapheneOS also depends on hardware support files from Google, which are no longer readily available, making its future unclear.
LineageOS supports a greater variety of devices. The privacy/hardening features aren’t as strong as GrapheneOS, but many people find it good enough when:
Does it include scalable icons? Do they support Plasma’s automatic color schemes, which allow a single icon file’s colors to adapt to both dark and light desktop themes?
https://community.kde.org/Guidelines_and_HOWTOs/Icon_Workflow_Tips
Trying to discredit people because of the forum on which they discussed a topic, or because you view them as beneath your skill level, is a more than a little misguided, and frankly, disingenuous.
Epic themselves have admitted to copying Steam data and scanning running processes, as has been documented in various news articles. (example, example)
In any case, the point is not one particular incident or report, but rather that they have the capability, grant themselves permission to use it via their policy documents, and have earned distrust among a lot of gamers. Posting condescending emoji here doesn’t change that.
Edit: P.S. In future comments defending Epic, you might do readers the courtesy of stating up front that you are moderator of an Epic Games forum.
You might want to read my other comments elsewhere on this post.
Please keep in mind that no matter what technical measures you take, accepting Epic’s “free” games requires agreeing to their terms and conditions, which they can change after you get the games. I really don’t recommend it.
I do not recommend running Epic software at all.
You could download and play the games on a machine that is never used for any other purpose, but it would still be able to collect biometric data (mouse movement, keystroke patterns, voice if you have a microphone, etc.) and probe/fingerprint your network.
Short of a dedicated machine, the closest you’re likely to get is a hypervisor-based virtual machine. Of course, that won’t safeguard your biometrics or (in most cases) your network, either.
Such a machine would be safer if you never gave it network access, so it couldn’t exfiltrate any data that it had collected, but downloading games requires network access at some point, and it would only take milliseconds for a “helper” process (perhaps quietly installed or launched with the game) to leak the data.
In general, hostile code will always be unsafe. If it concerns you, it’s best to avoid it entirely.
Flatpak permissions are famously coarse, and its sandboxing mechanism is weak and full of holes. It can be useful for guarding against damage caused by programming mistakes, but I would not recommend it to anyone wanting protection from adversarial software.
Heroic Games Launcher doesn’t change the code in the game executable itself, so yes, it is still an issue when using Heroic.
One catch is that Epic’s mystery code is allowed to execute on your computer.
Note that I don’t mean just their launcher. Often, if not always, the games themselves are linked with Epic code, ostensibly for license checks and/or integration with Epic services. This gives them the ability to snoop on stored data, installed/executing processes, biometrics, etc.
Running those free games with an alternative launcher does not protect against this.
It’s not just a theoretical concern, either. Epic has already been caught copying Steam files, collecting friends play history, and scanning running processes.
https://old.reddit.com/r/fuckepic/comments/wakewr/epic_games_spyware_vs_steam_vs_as_comparision_ea/
https://www.pcgamesn.com/epic-launcher-spyware
I don’t trust them, their CEO, or Tencent (which owns a significant chunk of Epic), so I don’t run games that come from them.
Tencent owns a substantial portion of the company, and therefore has substantial access and influence. Nitpicking about the percentages is irrelevant.
Let’s be careful how we phrase things here. JavaScript form submission and navigation are choices, not needs.
Also, progressive enhancement / graceful degradation exists. When competent developers (or bosses) want script effects on our sites, we can include them and make the sites continue to function with scripts disabled. It might require more work, but it is absolutely possible.
Framing the script-based approaches to these things as if they were needs contributes to the problem, IMHO.
(I am referring to the vast majority of web sites, of course, not special-purpose web applications like games.)
Web developers are complicit in browser fingerprinting, by insisting that sites require JavaScript (or WASM).
All of us are complicit in browser fingerprinting, because we tolerate this script dependence.
IMHO, a web site being allowed to execute arbitrary code on visitors’ hardware should be an anomaly. The vast majority of them could be built to deliver the same information without requiring that inherently dangerous permission.
The use of “self-hosting” is a little confusing here. To be clear, he wasn’t self-hosting his video. It was published on YouTube, and the guidelines and procedures in question are Google’s.
Edit: I’m not defending Google’s actions. It’s just that the title gave the impression that a video he had self-hosted was somehow subject to “community guidelines”, which didn’t make sense.
Edit 2: Ten downvotes in less than an hour, on a clarification comment? Wow. I’m disappointed to see that level of targeted negativity here. What rotten behavior. :(
As Lemmy is federated but not fully decentralised, continuation of communities hosted on a dead instance is not currently possible. (Compare this to Matrix, where a room can carry on even if its original homeserver dies, so long as at least one other homeserver participates in it.)
So that is indeed still a problem here, although not as severe, because I think the posts in those communities will still be available on instances that participated in them. Such communities would be forever frozen, though; carrying on from where they left off would require migrating to (or creating) communities on still-running instances.
Lemmy does allow you to export your own data and import it into another instance. That includes settings, subscriptions, and links to saved posts/comments. So I guess maybe you could save your own posts, export your data, and import it elsewhere to keep links to what you wrote on the dying instance. I have not tested this to be sure.
If you put a SIM into a phone that has power and cell access, then an association between the SIM and the phone’s IMEI will be recorded somewhere.
If your identity is linked to that SIM, then it’s only one more step to link your identity to the phone, of course. You’ll have to decide for yourself whether that’s unsafe for you.
human brains are weirdos.
Truer words were never said. :)
That depends on the device, not the OS.