If you want you can install Pixel Camera (official Google camera) from Aurora Store, and deny it Network permissions and any other permissions you want. It still works pretty well for point and shoot but I can’t speak for every single feature. Also you can install simulated services that the Gcam requires to function, without having to run Play Services.
To be fair, this federal program was a cluster eff since they started it in about 2010. It passed a bunch of grant money through to the states, which all did different “things” with it. Most held semi-public meetings and planning sessions for 5-10 years or wrote detailed planning documents but never delivered any physical infrastructure (actual results to the residents).
Maybe if they allow API access for alternative frontends that eliminate ads and block telemetry. Otherwise, not interested.
Its possible a sleeper cell of terrorists could effectuate some small area drone strikes with commercial off the shelf drones and improvised explosives.
The large scale military drones you are envisioning that can do the same damage as military aerial bombardment, that is a much harder thing to “sneak” into the US at any kind of scale or to build in secret.
As for future state actor capabilities. It seems possible that China is working on drone tech deployed from submarines or other force-projection platforms. Yet another reason to avoid a hot war with near peer militaries in current year.
I am running GOS on a Pixel 7, which means I’ve had this device for ~2.5 years at this point, and back when I transitioned to this setup I was aware they were talking about being beholden to Pixels due to the hardware security module not being available on other devices.
It has been a known issue. I understand it is a very difficult and costly undertaking to develop new hardware and new entrants would be competing against the big guys for fab space, manufacturing and assembly etc.
We need some kind of nonprofit or independently financed group to advance this cause. Could it be FUTO, Framework, or some other company/organization like this?
There would be market incentive to solve these problems - There has got to be a lot of demand for a neutral hardware platform that meets the hardware security module and other requirements for bootloader security, custom ROMs, etc.
They won’t ever say it out loud but they have always removed videos for mentioning alternative frontends or other technology they view as direct threats to their revenue stream.
Dildo-as-a-Service
Side note -
I literally have the reader pictured in the thumbnail. It is a Kindle keyboard from 10+ years ago at this point. It still works fine. At one point the original battery went to shit, and it cost very little to get an aftermarket replacement and install it myself.
I keep it offline and read 100% sideloaded .epub books from various sources. The lockscreen ads don’t even try to display anymore.
Sure it isn’t backlit or waterproof but it still functions flawlessly as a generic reader. Old tech like this is awesome. Why not get a decade of use (or more) out of something that still works?
Yeah I will be cautiously optimistic and definitely run GrapheneOS if I get one of these.
I’m having an OK time with alternatives, namely GrayJay on Android and Windows desktop. Basically I had to make sure my subscriptions included the 50-75 creators I am actually interested in, then the list becomes 100% relevant because it is just videos from creators you are subbed to. On the Desktop app it still uses algorithm of some sort for sidebar content based on the current video you are watching only. So if you still want to “organically discover” things you can, but don’t have to.
The only bad part with the Windows desktop version is it will crash the entire app mid-playback sometimes. Hopefully the bugs get fixed eventually. Also the “home” tab of Grayjay is some weird pseudo political stuff but at least you can ignore that entire tab and just look at your own subscriptions.
They already do it in Podcasts and it is usually extremely ham-fisted. The presenter will be mid sentence talking about something and suddenly IMPROVE YOUR DIET WITH FACTOR
This is ironic because all the 40 year old chicks who are career users of FB since college, all cite the same justification for continuing to use it: “But all my photos and the current happenings of my friends”.
If you showed them epirical data that only 17% of what they consume on the platform is actually even tangentially related to their friends and family, maybe they’d finally decouple themselves from FB.
Sweet, looking forward to the FOSS app utilizing Perplexity API.
The most-aggressively short timelines don’t apply until 2029. Regardless, now is the time to get serious about automation. That is going to require vendors of a lot of off-the-shelf products to come up with better (or any) automation integrations for existing cert management systems or whatever the new standard becomes.
The current workflow many big orgs use is something like:
Poor bastard application engineer/support guy is forced to keep a spreadsheet for all the machines and URLs he “owns” and set 30-day reminders when they will expire,
manually generate CSRs,
reach out to some internal or 3rd party group who may ignore his request or fuck it up twice before giving him correct signed certs,
schedule and get approval for one or more “possible brief outage” maintenance windows because the software requires manually rebinding the new certs in some archaic way involving handjamming each cert into a web interface on a separate Windows box.
As the validity period shrinks and the number of environments the average production application uses grows, the concept of doing these processes manually becomes a total clusterfuck.
AI can look at a bajillion examples of code and spit out its own derivative impersonation of that code.
AI isn’t good at doing a lot of other things software engineers actually do. It isn’t very good at attending meetings, gathering requirements, managing projects, writing documentation for highly-industry-specific products and features that have never existed before, working user tickets, etc.
… and to avoid a boots-on-ground invasion of the main landmass of Japan, which would have cost probably a million soldiers lives, and who knows how many Japanese civilians.
"Put all your changes on 3 separate sharepoint calendars a minimum of 2 weeks in advance. Also do the normal approval garbage in ServiceNow and attend a 2 hour CAB for final approval. If you didn’t select the right dropdown menu option in the ticket details, you’ll have to start this whole process over.
Also, why does it take you guys so long to get stuff done?"
“Its not in the budget to apply security patches this quarter”
People don’t seem to understand the risks presented by normalizing client-side scanning on closed source devices. Think about how image recognition works. It scans image content locally and matches to keywords or tags, describing the person, objects, emotions, and other characteristics. Even the rudimentary open-source model on an immich deployment on a Raspberry Pi can process thousands of images and make all the contents searchable with alarming speed and accuracy.
So once similar image analysis is done on a phone locally, and pre-encryption, it is trivial for Apple or Google to use that for whatever purposes their use terms allow. Forget the iCloud encryption backdoor. The big tech players can already scan content on your device pre-encryption.
And just because someone does a traffic analysis of the process itself (safety core or mediaanalysisd or whatever) and shows it doesn’t directly phone home, doesn’t mean it is safe. The entire OS is closed source, and it needs only to backchannel small amounts of data in order to fuck you over.
Remember the original justification for clientside scanning from Apple was “detecting CSAM”. Well they backed away from that line of thinking but they kept all the client side scanning in iOS and Mac OS. It would be trivial for them to flag many other types of content and furnish that data to governments or third parties.
My understanding is that, in broad strokes…
Aurora acts like a proxy or mirror that doesn’t require you to sign in to get Google Play Store apps. It doesn’t provide any other software besides what you specifically download from it, and it doesn’t include any telemetry/tracking like normal Google Play Store would.
microG is a reimplementation of Google Play services (the suite of proprietary background services that Google runs on normal Android phones). MicroG doesn’t have the bloat and tracking and other closed source functionality, but rather acts as a stand-in that other apps can talk to (when they’d normally be talking to Google Play services). This has to be installed and configured and I would refer to the microG github or other documentation.
GrapheneOS has its own sandboxed Google Play Services which is basically unmodified Google Play Services, crammed into its own sandbox with no special permissions, and a compatibility layer that retains some functionality while keeping it from being able to access app data with high level permissions like it would normally do on a vanilla Android phone.