<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: nobody42</title><link>https://news.ycombinator.com/user?id=nobody42</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Thu, 09 Jul 2026 00:20:31 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=nobody42" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by nobody42 in "LineageOS Statistics"]]></title><description><![CDATA[
<p>Is this some kind of FUD?<p>Shady sponsors (if there is any) doesn't matter when transparency is in place. Want to reveal malicious intent? Provide a PoC.<p>Only hardware that supports bootloader relocking are Pixel devices. There are no others to consider development effort - plain simple. No, you can't use an unlocked device as a daily driver. Up to a minute out of your hands (or triggered reboot from public power outlet, due to outdated Lineage firmware) - and your bootloader is rewritten with one that collect your FDE secret and sends it to a remote server.<p>Opaque hardware? Which hardware are better and more transparent than Titan and upcoming OpenTitan? Bruteforce protection which considers <i>current ambient temperature</i> - what more do you need?<p>I can't say anything about VPN affiliation, but everything else is complete bollocks.</p>
]]></description><pubDate>Wed, 08 Jul 2026 13:21:21 +0000</pubDate><link>https://news.ycombinator.com/item?id=48831604</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48831604</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48831604</guid></item><item><title><![CDATA[New comment by nobody42 in "Organic Maps"]]></title><description><![CDATA[
<p>"There's no life where data broker isn't needed"</p>
]]></description><pubDate>Tue, 07 Jul 2026 12:02:35 +0000</pubDate><link>https://news.ycombinator.com/item?id=48816558</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48816558</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48816558</guid></item><item><title><![CDATA[New comment by nobody42 in "CoMaps – FOSS Offline Maps"]]></title><description><![CDATA[
<p>Every time GrapheneOS "just works" should be mentioned, because some ecosystems are straight hostile to user-controlled systems.</p>
]]></description><pubDate>Tue, 07 Jul 2026 11:50:30 +0000</pubDate><link>https://news.ycombinator.com/item?id=48816437</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48816437</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48816437</guid></item><item><title><![CDATA[New comment by nobody42 in "CoMaps – FOSS Offline Maps"]]></title><description><![CDATA[
<p>Its a renderer. It bakes live OSM data once very few weeks.</p>
]]></description><pubDate>Mon, 06 Jul 2026 21:20:27 +0000</pubDate><link>https://news.ycombinator.com/item?id=48810664</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48810664</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48810664</guid></item><item><title><![CDATA[New comment by nobody42 in "Loupe – A iOS app that raises awareness about what native apps can see"]]></title><description><![CDATA[
<p>Because exposed, non-private, abused by-default is a business model. The company is incentivised to not provide restricted access - otherwise you can't have a cut from apps revenue. It's defective by design.</p>
]]></description><pubDate>Sun, 21 Jun 2026 13:24:49 +0000</pubDate><link>https://news.ycombinator.com/item?id=48618778</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48618778</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48618778</guid></item><item><title><![CDATA[New comment by nobody42 in "Loupe – A iOS app that raises awareness about what native apps can see"]]></title><description><![CDATA[
<p>Outdated, but gives the general idea:
<a href="https://github.com/nandan-desai-extras/PrivacyBreacher" rel="nofollow">https://github.com/nandan-desai-extras/PrivacyBreacher</a></p>
]]></description><pubDate>Sun, 21 Jun 2026 12:53:43 +0000</pubDate><link>https://news.ycombinator.com/item?id=48618518</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48618518</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48618518</guid></item><item><title><![CDATA[New comment by nobody42 in "New Nginx Exploit"]]></title><description><![CDATA[
<p>Memory safety is good, but does not protect from every threat. In this day and age infrastructure operators should familiarize themselves with proactive defenses, MAC: SElinux and AppArmor. It required much friction earlier, but there are more tools to ease the usage today.<p><a href="https://presentations.nordisch.org/apparmor/" rel="nofollow">https://presentations.nordisch.org/apparmor/</a><p><a href="https://github.com/nobody43/apparmor-profiles/blob/master/nginx" rel="nofollow">https://github.com/nobody43/apparmor-profiles/blob/master/ng...</a><p><a href="https://github.com/nobody43/apparmor-suggest" rel="nofollow">https://github.com/nobody43/apparmor-suggest</a><p>Disclaimer: I'm the author of both repos.</p>
]]></description><pubDate>Thu, 14 May 2026 22:28:36 +0000</pubDate><link>https://news.ycombinator.com/item?id=48142102</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=48142102</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48142102</guid></item><item><title><![CDATA[New comment by nobody42 in "Copyparty, the FOSS file server [video]"]]></title><description><![CDATA[
<p>Attack surface of this thing gives me existential dread.</p>
]]></description><pubDate>Thu, 27 Nov 2025 15:07:08 +0000</pubDate><link>https://news.ycombinator.com/item?id=46069909</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=46069909</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46069909</guid></item><item><title><![CDATA[New comment by nobody42 in "Debian Extended Long Term Support"]]></title><description><![CDATA[
<p>> Freexian aims to keep the updates available for individual users and non-profit organizations.</p>
]]></description><pubDate>Sun, 23 Nov 2025 16:46:47 +0000</pubDate><link>https://news.ycombinator.com/item?id=46024913</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=46024913</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46024913</guid></item><item><title><![CDATA[New comment by nobody42 in "The privacy nightmare of browser fingerprinting"]]></title><description><![CDATA[
<p>Best among existing. Anti-fingerprinting field is still in it's early stages.<p>I wouldn't say Tor Browser is the best because it requires custom configuration to be usable conveniently, which will make the connection non-uniform (and the user will stand out).<p>>Tor is pretty good for protection. Then there's always i2P as well…<p>Tor and i2P does nothing for (anti)fingerprinting - the program which render the web pages does.<p>>Saying one browser can protect the best is pretty hard to prove.<p>Not a proof but things to consider: <a href="https://privacytests.org/" rel="nofollow">https://privacytests.org/</a></p>
]]></description><pubDate>Sat, 22 Nov 2025 21:34:34 +0000</pubDate><link>https://news.ycombinator.com/item?id=46018468</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=46018468</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46018468</guid></item><item><title><![CDATA[New comment by nobody42 in "The privacy nightmare of browser fingerprinting"]]></title><description><![CDATA[
<p>You could test with this: <a href="https://github.com/abrahamjuliot/creepjs" rel="nofollow">https://github.com/abrahamjuliot/creepjs</a>
Does it store the data? Unknown.<p>The best browser for protection is <a href="https://mullvad.net/en/browser" rel="nofollow">https://mullvad.net/en/browser</a> because it makes the connection uniform, to better blend in.</p>
]]></description><pubDate>Sat, 22 Nov 2025 21:01:09 +0000</pubDate><link>https://news.ycombinator.com/item?id=46018219</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=46018219</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46018219</guid></item><item><title><![CDATA[New comment by nobody42 in "Android/Linux Dual Boot"]]></title><description><![CDATA[
<p>pmOS device compatibility matrix:
<a href="https://wiki.postmarketos.org/wiki/Devices" rel="nofollow">https://wiki.postmarketos.org/wiki/Devices</a></p>
]]></description><pubDate>Thu, 20 Nov 2025 14:42:14 +0000</pubDate><link>https://news.ycombinator.com/item?id=45993038</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=45993038</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=45993038</guid></item><item><title><![CDATA[New comment by nobody42 in "LLMs should not replace therapists"]]></title><description><![CDATA[
<p>Therapy booth from 1971:
<a href="https://www.youtube.com/watch?v=U0YkPnwoYyE" rel="nofollow">https://www.youtube.com/watch?v=U0YkPnwoYyE</a></p>
]]></description><pubDate>Mon, 07 Jul 2025 10:56:11 +0000</pubDate><link>https://news.ycombinator.com/item?id=44488883</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=44488883</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=44488883</guid></item><item><title><![CDATA[New comment by nobody42 in "Mullvad Leta"]]></title><description><![CDATA[
<p>Isn't owned by advertising company.
<a href="https://en.wikipedia.org/wiki/Startpage#Merger_and_recent_history" rel="nofollow">https://en.wikipedia.org/wiki/Startpage#Merger_and_recent_hi...</a></p>
]]></description><pubDate>Wed, 28 May 2025 18:59:42 +0000</pubDate><link>https://news.ycombinator.com/item?id=44119452</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=44119452</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=44119452</guid></item><item><title><![CDATA[New comment by nobody42 in "Plain Vanilla Web"]]></title><description><![CDATA[
<p><a href="http://youmightnotneedjs.com" rel="nofollow">http://youmightnotneedjs.com</a></p>
]]></description><pubDate>Mon, 12 May 2025 00:21:58 +0000</pubDate><link>https://news.ycombinator.com/item?id=43958452</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=43958452</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43958452</guid></item><item><title><![CDATA[New comment by nobody42 in "I'm Done with Ubuntu"]]></title><description><![CDATA[
<p>Same. I sighed when they continued to run telemetry <i>after</i> disabling it - I blocked it (don't care if it's a dry run or not). Bit the bullet when they discontinued FF/TB in favor of snaps - installed them from tar. But when they installed ubuntu-pro without notice, on existing system, which is <i>impossible to remove</i> without also removing DE - that was the last straw for me. I'm moving all my desktops to Debian.
Unfortunately Debian can't be recommended for beginners due to sheer volume of documentation for Ubuntu on the web.</p>
]]></description><pubDate>Wed, 05 Feb 2025 15:46:45 +0000</pubDate><link>https://news.ycombinator.com/item?id=42950174</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=42950174</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=42950174</guid></item><item><title><![CDATA[New comment by nobody42 in "I'm Done with Ubuntu"]]></title><description><![CDATA[
<p>Updates are a necessity, and they don't have to be feature-breaking. More distributions need to adopt security-only channels.</p>
]]></description><pubDate>Wed, 05 Feb 2025 15:15:27 +0000</pubDate><link>https://news.ycombinator.com/item?id=42949602</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=42949602</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=42949602</guid></item><item><title><![CDATA[New comment by nobody42 in "The Insecurity of Debian"]]></title><description><![CDATA[
<p>I'm trying to solve the lack of tools for AppArmor profile composition:
<a href="https://github.com/nobody43/apparmor-suggest">https://github.com/nobody43/apparmor-suggest</a></p>
]]></description><pubDate>Wed, 04 Sep 2024 20:35:22 +0000</pubDate><link>https://news.ycombinator.com/item?id=41450480</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=41450480</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=41450480</guid></item><item><title><![CDATA[New comment by nobody42 in "The Insecurity of Debian"]]></title><description><![CDATA[
<p>It's a symptom.
Seems that label-based MAC is too tightly coupled with other parts of the system. With path-based, there's no need to disable it (entirely) because each part have their own separated strict scope.</p>
]]></description><pubDate>Wed, 04 Sep 2024 20:27:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=41450389</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=41450389</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=41450389</guid></item><item><title><![CDATA[New comment by nobody42 in "The Insecurity of Debian"]]></title><description><![CDATA[
<p>AppArmor is not less restrictive, it's less fine-grained, at the current stage of development at least.</p>
]]></description><pubDate>Wed, 04 Sep 2024 19:53:52 +0000</pubDate><link>https://news.ycombinator.com/item?id=41449977</link><dc:creator>nobody42</dc:creator><comments>https://news.ycombinator.com/item?id=41449977</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=41449977</guid></item></channel></rss>