Mastodawn

epicenter.works @epicenter_works have published their statement regarding several issues with the #EU's digital #EUDI-Wallet. Three particularly serious issues mentioned:

Pseudonymous use of services only exists on paper

In theory and by law, you have a right to pseudonymous usage of most services, because they have absolutely no legitimate need to know your legal identity. But companies wouldn't be obliged to provide such pseudonymous access. They can just bluntly ask for your legal identity – and if you choose to not provide it, you can't get in.

Your passport photo given away, for free

»The draft Implementing Acts now propose to include a mandatory facial image in the Wallet’s minimum person identification data set«. Whoever you have to provide with your digital legal identity gets a copy of your photo: A premium biometric data item, needlessly surrendered, for free.

Any member state can enable companies to rummage through your digital wallet

#EU Member states can decide to not issue "registration certificates" for businesses, at all. Those certificates work a bit like official IDs, e.g. for ticket inspectors, or police officers. If you look at, and verify such an ID, you know whether those people are making acceptable requests, or not. You wouldn't hand over your driving license, or your bus ticket to arbitrary strangers requesting them, would you?

A country deciding to not issue registration certificates is effectively saying things like "our ticket inspectors and police officers don't need an ID, to back up their requests".

Companies can simply set up a local business there, and treat your digital wallet like a self-service store – because requests originating from that country don't come with any registration certificates that would enable your digital wallet to ring an alarm, in case of an overreach.

https://epicenter.works/content/open-letter-concerning-the-fourth-batch-of-eidas-implementing-acts

#privacy #DigitalWallet

Open letter concerning the fourth batch of eIDAS Implementing Acts

thomas Dec 6

daniel:// stenberg://Dec 6

These are two of my favorite memes about companies putting AI into everything.

if you have any additional favorite ones you want to share, I wouldn't mind a few more to spice up one of my coming talks with....

thomas Sep 10, 2025

elly Sep 10, 2025

We really need a legislation to force Android vendors that are selling their phones in EU to allow "bootloader unlocking".

Like, come on. It's literally a one-bit check by an "application" before loading the Linux kernel. Yet, vendor after vendor is removing the ability to skip this check for muh "security".

It's never about security, it's about control. If you can't install your own OS, they can collect your data to sell and push ads onto you.
It's basically like buying a laptop in 2008 with Windows Vista and pre-loaded malware that made it unusable. Everyone wiped it and installed a clean copy of XP or Linux, imagine being unable to do that...

If we don't stand up to vendors, in the future they'll take this option away. I hope they realize there'll be no reason to buy Android anymore (no way to "sideload" due to Play Protect, no way to replace the OS/remove GApps) and everyone will go "fuck it, I'm just gonna get an iPhone".

For many years Android/iOS duopoly was unbreakable, but thanks to Google's recent (stupid) decisions this could (and I hope will) change. Current "smartphones" are just the prefect tools of digital dystopia.

thomas Sep 6, 2025

F-Droid Sep 6, 2025

PSA: If you haven't updated #K9Mail to 12.0, please don't update it. It will crash on start if you use the unified inbox. The bug has been fixed in 12.1 and will be available in the next #FDroid update. #Thunderbird is not affected, kind reminder to consider switching as K-9 will go away in the future anyway.

Workaround for now: Make a widget for a single mailbox, then you can open K-9, you can change accounts and disable unified inbox.

thomas Aug 26, 2025

CryptGoat Aug 26, 2025

Ich bin nicht sicher, ob allen die Implikationen der Registrierungspflicht für Entwickler.innen von #Android klar sind: https://www.heise.de/news/Android-Google-verbietet-anonyme-Apps-10617479.html

Zwar mag es sein, dass es etwas weniger #Malware unter Android geben dürfte, doch das eigentlich Ziel scheint ein anderes zu sein:

Google schließt Schritt für Schritt sein System ab. Man will unliebsame Konkurrenz (u.a. #FDroid) und auch Apps loswerden. Devs von Apps wie #Revanced, #NewPipe, diverse Tracking- und Adblocker wird Google sicher nicht ohne weiteres mehr gewähren lassen. #Google gängelt schon jetzt insbesondere Projekte wie #Conversations oder #Öffi über den #PlayStore. Auch an anderen Stellen wird die Offenheit eingeschränkt, um freie Alternativen langfristig in Ketten zu legen.

Wir brauchen dringend eine breit aufgestellte Kampagne, die sich gegen diese gefährliche Entwicklung stemmt. ✊ @fsfe @edri @fsf @Framasoft @Datenpunks @digiges @Endof10 @fdroidorg

Android: Google verbietet anonyme Apps

Google verunmöglicht 2026 Sideloading, die direkte Installation von Software auf Android-Geräten, wenn sich der Herausgeber nicht bei Google registriert hat.

heise online

thomas Aug 26, 2025

Torsten Grote Aug 25, 2025

Google won't allow you to install Android apps whose developers' identity Google hasn't verified. Starting in 2026 in some countries and in 2027 everywhere: https://www.androidauthority.com/android-developer-verification-requirements-3590911/

Google wants to make sideloading Android apps safer by verifying developers’ identities

Google wants to make sideloading safer on Android by verifiying the identities of developers who distribute apps outside the Play Store.

Android Authority

thomas Aug 17, 2025

Karl Voit

Aug 17, 2025

Is there a reasonable choice for a fork of the #Syncthing #Android fork?
https://github.com/Catfriend1/syncthing-android

The way, the maintainer handles issue tickets, is more than problematic. Everything which is not enough relevant to the Maintainer including ideas she/he won't implement soon, gets deleted.

Not closed. Deleted.

Whole discussions erased from the repository history.

While this is his perfect right to do so as it's her/his project, I'd rather switch to a solution with a more sustainable handling of user contributions in form of ideas, tickets and comments.

#syncthingfork

GitHub - Catfriend1/syncthing-android: Syncthing-Fork - A Syncthing Wrapper for Android.

Syncthing-Fork - A Syncthing Wrapper for Android. Contribute to Catfriend1/syncthing-android development by creating an account on GitHub.

GitHub

thomas May 23, 2025

Christophe B.

May 23, 2025

Home Assistant: "Our software can control any kind of hardware you can think of!"

Also Home Assistant: "Our software can only run properly on a very specific machine so we just ship it as a Docker container"
https://www.home-assistant.io/blog/2025/05/22/deprecating-core-and-supervised-installation-methods-and-32-bit-systems/
#homeassistant

Deprecating Core and Supervised installation methods, and 32-bit systems

This deprecation will help focus support efforts and streamline development.

Home Assistant

thomas Apr 3, 2025

Sven Geggus Mar 27, 2025

Interessanter Vortrag zum Thema GNSS Korrekturdienste über DAB+ braucht es dringend eine FOSS Lösung auf SDR Basis für. #fossgis2025 3cm Genauigkeit!

thomas Apr 2, 2025

Christof Schöch Mar 2, 2025

Does anybody know more about #EuropeSays, the news aggregator (?) / news and opinion platform (?).

They have an account here https://pubeurope.com/@europesays and a website, but the sources, curation policy, ownership, location, people behind it etc. are not noted anywhere on the site, afaict.

#Whois doesn't help much, except to show they don't want to disclose who owns the domain!

The reason I'm interested is to find out whether it makes sense to boost their content or not. Looks fishy so far.

Europe Says (@[email protected])

256K Posts, 0 Following, 2.28K Followers ·

Mastodon