𝒍𝒆𝒎𝒂𝒏𝒏

Hey! Please contact me at my primary Fedi account: @lemann@lemmy.dbzer0.com

https://lemmy.one/u/lemann@lemmy.dbzer0.com

  • 4 Posts
  • 175 Comments
Joined 1 year ago
cake
Cake day: June 6th, 2023

help-circle

  • Flash drive hidden under the carpet and connected via a USB extension, holding the decryption keys - threat model is a robber making off with the hard drives and gear, where the data just needs to be useless or inaccessible to others.

    There’s a script in the initramfs which looks for the flash drive, and passes the decryption key on it to cryptsetup, which then kicks off the rest of the boot mounting the filesystems underneath the luks

    I could technically remove the flash drive after boot as the system is on a UPS, but I like the ability to reboot remotely without too much hassle.

    What I’d like to do in future would be to implement something more robust with a hardware device requiring 2FA. I’m not familiar with low level hardware security at all though, so the current setup will do fine for the time being!



  • If MIT AppInventor is still kicking around, you should be able to use it for this… although sadly you won’t have access to the source code since it’s a Scratch-like way to create apps.

    By default the Android voice assistant uses Google tech AFAIK, if you’re after a truly source-available solution then there’s ”Futo voice input" to handle STT, and “RHVoice” to handle TTS - though these would still need a HTTP API bridge to do what you want





  • Free google play credit, I usually get an email every year for it

    But I do pay for Plex, despite Jellyfin being a thing. If I like something and it’s worth it to me personally, why not 🤷‍♂️… but you will never find me defending their kinda crappy decisions like the new Discover feature, removal of “All Songs” from the plex apps in favor of moving people to Plexamp, removing the Gallery sync a few years ago etc.

    Some people want their software to be 100% FOSS all-eyes-on-the-codebase, others just do a balancing act based on their personal values.

    I value my software to be “transparent enough” in how it operates, “just work”, and hackable to some extent - if I really wanted to I can swap out the ffmpeg binary that Plex uses for transcoding to something else (doesn’t remove the Plex Pass limitation for those curious), I can hook into the server API to change ambient lighting colour based on the cover/background of whatever media is playing, I can create speakers running a Linux board to cast Plex media to, etc. But once that hackable ship sails, then I will look to FOSS alternatives.

    For Niagara, everything “just worked”. No noticeable bugs, fast search, consistent feel and design, useful contextual info (e.g. next calendar event shows under the clock), and gestures that made sense for its overall UX. Using it felt less like you were using a “launcher”. The yearly sub was cheap enough that I wouldn’t mind covering for it if I didn’t get credits, and having a single person working on software usually comes with a high level of attention to detail (particularly in performance and UX) but it does have the downside that the experience may be more opinionated and closed compared to if it was a community-driven FOSS project instead IMO.

    Alas, google didn’t send credits this year, Niagara made less sense for value/worth-it compared to Kvaesitso, so I abandoned it.

    For me, Kvaesitso does everything in a slightly different, much more customizable way, and being FOSS was one of the things that made it particularly attractive as a replacement




  • Both were minor annoyances for me at first lol, thankfully the widget button can be removed (Settings, Home Screen, Edit button - toggle off)

    The favorites box is an interesting one, I was originally puzzled with it being empty until I started opening and pinning apps. Now settled on using it as an overflow for my home screen, where 5 of the most used are shown under the clock (with music permanently pinned), and the rest sit in the favorites box.

    I did notice some stutter on the apps menu which only occurs while the keyboard is open, but goes away completely when the keyboard disappears. For others it seems like the entire app drawer is stuttery (noticed a long discussion on GitHub with some potential solutions: https://github.com/MM2-0/Kvaesitso/issues/257 )






  • My response might be a hot take 🥲

    Personally:

    • OSS: source available
    • FOSS: Free (freedom) open source, copyleft

    I just learned today about “Grayjay,” a video streaming service client app created by Louis Rossmann. Various aticles out there are billing it as “Open Source” or “FOSS”. It’s not. Grayjay’s license doesn’t allowe commercial redistribution or derivative works. Its source code is available to the general public, but that’s far from sufficient to qualify as “Open Source.” (That article even claims “GrayJay is an open-source app, which means that users are free to alter it to meet their specific needs,” but Grayjay’s license grants no license to create modified versions at all.)

    I had a look through the license at launch, and also watched the entirety of Louis’ video, in both of which I didn’t come across any restrictions imposed on an end user to modify the app for their own needs or redistribution - just no commercial redistribution or redistribution with ill intent. I keep seeing the restrictions mentioned though and genuinely cannot find anything to back them up…

    In the original launch video Louis does explicitly state that the app is not free, but he does erroneously refer to it as open source. Mainstream tech outlets conflating foss/source-available is likely down to journalists just not aware of the distinction, or just taking his word for it

    IMO since the app is Louis’ project that is primarily being financed by donating his personal money to FUTO (AFAICT) it would be immediately obvious to a follower of his that the app is not going to be open source as per the OSI definition. Looking at what happened with NewPipe clones when he mentioned it on his channel, and bad actors in local governments sabotaging his attempts to get a bulletproof R2R passed in many states, his overall trust level is probably pretty low - the last thing someone like that would want on a personal project is loads of strangers contributing, bad actors ripping it off trying to make a quick buck, or even worse redistributing it with malware.

    Leaving the OSS conflation aspect for a second, Grayjay is a very big and complex app, with integrated dev tools and a comprehensive plugin system (each are individually GPL licensed if i’m not mistaken). IMO chances are if someone wants to modify the app, they should be looking at a GPL plugin to introduce their functionality in, rather than modifying the source - as would be required with something like NewPipe. They have a whole youtube video going through how to develop a plugin, and how it’s architected.

    If/when Grayjay is transitioned to FOSS, I imagine it’ll be difficult for the community to maintain it due to the complexity… It’ll probably need to be broken down into several smaller manageable parts, such as projects like Home Assistant, LibreOffice, and Node-Red. Something like NewPipe, which is literally just the Android app and extractor library, would be much easier for unpaid volunteer contributors to maintain IMO.

    I personally disagree slightly with the current definition of “open source”, because it hides so much nuance that isn’t readily evident to someone unfamiliar with the community. A lot of people do not make the connection of “open source” = OSI, they think “open source” = source is out in the open. FOSS and FLOSS are way more explicit in meaning from my perspective