Hacker News: schnatterer

New comment by schnatterer in "Moving from GitHub to Codeberg, for lazy people"

schnatterer — Fri, 27 Mar 2026 06:27:50 +0000

This repo also holds a lot of info about setting up two way mirrors between GitHub and Codeberg: https://codeberg.org/Recommendations/Mirror_to_Codeberg

Last commit is two years ago, but still a good overview.

New comment by schnatterer in "‘ELITE’: The Palantir app ICE uses to find neighborhoods to raid"

schnatterer — Thu, 15 Jan 2026 20:00:32 +0000

Original 404media article:

https://www.404media.co/elite-the-palantir-app-ice-uses-to-f...

https://archive.ph/wa32f

New comment by schnatterer in "Floppy disks turn out to be the greatest TV remote for kids"

schnatterer — Tue, 13 Jan 2026 07:34:03 +0000

The toni boxes are also quite hackable https://tonies-wiki.revvox.de/

At least the older model. Don't know about their latest model with gaming and everything.

New comment by schnatterer in "Package managers keep using Git as a database, it never works out"

schnatterer — Sun, 28 Dec 2025 11:52:41 +0000

> Even GitOps tools that embrace git as a source of truth have to work around its limitations

I'd say this only applies to huge scale (or monorepos, as mentioned in the article). Another workaround might be gitless gitops via OCI.

Europe: WhatsApp opens for third-party apps

schnatterer — Sun, 07 Dec 2025 11:23:43 +0000

Article URL: https://faq.whatsapp.com/916543719558426

Comments URL: https://news.ycombinator.com/item?id=46180944

Points: 45

# Comments: 17

New comment by schnatterer in "ICC ditches Microsoft 365 for openDesk"

schnatterer — Fri, 07 Nov 2025 19:21:16 +0000

OpenDesk is basically a huge helm file that configures the individual apps. Given enough RAM it should be rather simple to deploy. You can start right away, there is a community edition: https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk

New comment by schnatterer in "Linux phones are more important now than ever"

schnatterer — Tue, 16 Sep 2025 19:21:23 +0000

I am surprised that no one criticized kernel architecture as base for a secure mobile OS, yet.

Let me heat up the discussion using this quote

> The Linux kernel has atrocious security. It has an anti-security architecture, implementation and culture. The Linux kernel is not a good base for building any new operating system with a focus on privacy and security

https://grapheneos.social/@GrapheneOS/114665594121762341

New comment by schnatterer in "Cognitive load is what matters"

schnatterer — Sun, 31 Aug 2025 06:15:29 +0000

> business logic and http status codes Why hold this custom mapping in our working memory? It's better to abstract away your business details from the HTTP transfer protocol, and return self-descriptive codes directly in the response body: { "code": "jwt_has_expired" }

While the logic behind it sounds reasonable, REST does the exact opposite with the same goal: simplicity, easy to learn, i.e. reduce mental load. I know there are other reasons for REST/SOAP/Graphql, etc. Still makes mental load a somewhat subjective matter to me.

I migrated a 10-year workout history from runtastic to fitotrack app

schnatterer — Mon, 31 Mar 2025 19:20:59 +0000

Article URL: https://github.com/schnatterer/Runtastic2FitoTrack

Comments URL: https://news.ycombinator.com/item?id=43538725

Points: 3

# Comments: 0

New comment by schnatterer in "Everyone knows all the apps on your phone"

schnatterer — Mon, 31 Mar 2025 19:18:07 +0000

I'd like to add one more finding about the perils of root access: https://github.com/chenxiaolong/my-avbroot-setup/blob/c52e44...

> The term [rooting] generally also includes the functionality for making runtime code patches (eg. with Zygisk) and making runtime filesystem modifications (eg. Magisk modules).

> Out of the many root-enabled apps I've studied or reverse engineered, the vast majority fail to handle arbitrary inputs properly (especially filenames). For example, some root-supporting file managers turn a seemingly benign action like listing a directory into local privilege escalation. This is trivially exploitable, especially with browsers auto-downloading files with server-provided filenames to /sdcard/Download/.

To avoid repeated root access UI prompts, some apps spawn a long-running shell session, write commands to stdin, and rely on parsing stdout and searching for the shell prompt to determine when commands complete. This approach is prone to desync, which can lead to commands being skipped or other inputs being interpreted as commands.

All in all, I simply do not trust most root-enabled apps to not leave a gaping security hole, so I avoid them entirely. There are apps that do handle root access in what I would consider a more proper way, by spawning a daemon as root and then talking to the daemon over a well defined binary protocol. Unfortunately, this approach is the extreme minority.

New comment by schnatterer in "Everyone knows all the apps on your phone"

schnatterer — Mon, 31 Mar 2025 19:14:58 +0000

As someone who cherishes the power of root privs, I'd still like to make a point for alternative solutions that came up like distros such as GrapheneOS or CalyxOS or non-root filtering options via VPN. If it weren't for backups I could manage my everyday life without root. For all other cases I would root and later unroot my phone via an OTA update :D https://github.com/schnatterer/rooted-graphene/

Hopefully GrapheneOS deliver on their promise to provide a better backup solutions than seedvault.

New comment by schnatterer in "Everyone knows all the apps on your phone"

schnatterer — Sun, 30 Mar 2025 13:11:12 +0000

I found this description about the security risks of rooting very eye-opening https://madaidans-insecurities.github.io/android.html It also explains the sandbox.

New comment by schnatterer in "Two new PebbleOS watches"

schnatterer — Tue, 18 Mar 2025 21:22:25 +0000

Interesting as companion for a phone. Anyone know of a hackable or privacy friendly standalone watch that can be used to make calls (e.g. for children pre smartphone age)?

New comment by schnatterer in "Get me out of data hell"

schnatterer — Mon, 04 Nov 2024 17:54:55 +0000

My search for a generic definition of the term enterprise finally comes to an end :D

New comment by schnatterer in "Moments in Chromecast's history"

schnatterer — Wed, 07 Aug 2024 19:28:43 +0000

A bought several chromcasts pver the years, mainly because they provide a simple and uniform way to retrofit multi-room sound into my collection of sound systems from different brands an eras. Surprised not to see more comments on this topic here.

Yes, video streaming can be done easily nowadays. But finding a multi-room audio solution that works across different brands and also on offline devices was my main reason for getting into chromcast.

New comment by schnatterer in "Apple users are being locked out of their Apple IDs with no explanation"

schnatterer — Sat, 27 Apr 2024 17:31:28 +0000

That's interesting! Before the disaster was also my second subscription. Now that you say it, some data was left. Not the playlists but some listening history. Might be that they only delete the iTunes-related stuff.

Maybe if I subscribed again, there still would be something. But I won't.

The support person on the phone also told me that everything gets deleted once the subscription ends, even when it's by mistake. Which seems to have been the case with me.

New comment by schnatterer in "Apple users are being locked out of their Apple IDs with no explanation"

schnatterer — Sat, 27 Apr 2024 17:26:31 +0000

True! If read before about similar cases with other SaaS, e.g. the famous one about google drive: https://www.theguardian.com/technology/2022/aug/22/google-cs...

Difficult to avoid though for some cases like streaming. Fortunately I had a backup of my playlists. Still annoying. I wonder if those kinds of things happen with spotify as well. Because once your subscription ends you're only relegated to a free account, not deleted.

New comment by schnatterer in "Apple users are being locked out of their Apple IDs with no explanation"

schnatterer — Sat, 27 Apr 2024 17:02:49 +0000

Happened to me too with apple music in November 23. They just deleted my account with my playlists and listening history. Even support couldn't tell me why after countless calls and emails. This implicitly canceled my yearly subscription and refunded only a small part after I requested it. I learned my lesson about Apple.

New comment by schnatterer in "Ente: Open-Source, E2E Encrypted, Google Photos Alternative"

schnatterer — Sun, 03 Mar 2024 08:16:46 +0000

TBH I totally agree with the peace of mind argument You'll have to have the time and skills to get it, though. For my less teach-savy family and friends I always have been at a lost what to recommend. Here, a privacy friendly alternative is huge, IMO. I often recommended to use Google as backup, because it's better than no backup and easy to setup on Android.

New comment by schnatterer in "Ente: Open-Source, E2E Encrypted, Google Photos Alternative"

schnatterer — Sat, 02 Mar 2024 21:56:52 +0000

One advantage Ente provides to a local NAS is geo redundancy. If your nas gets destroyed eg by fire or water or stolen eg by burglar or even the police your data is gone. Synology offers their convenient C2 service, but IIRC has or had some cryptographic weakness. So I hacked my own solution with rclone and some cheap cloud storage. Well, something like Ente would have been much more convenient.