the pressure from social media worked. In systemd, age verification has finally been reverted and removed for good. Linux is always for privacy conscious users, it isn't just another Microslop SlopOS https://github.com/systemd/systemd/pull/41179 thanks @reddy_1975 for the heads up!

EDIT: they rejected the PR. So keep fight on! systemd folks are cowards and enabling this mess.

RE: https://nileane.fr/@nileane/116161830981397350

hey so

what DOB do you put on service accounts

📖 Read: https://keepandroidopen.org/

💘 Follow: @keepandroidopen

#Google #Android #enshittification #dystopia #software #monopoly #technology #idverification #privacy

The https://freepg.org/ project maintains patches against #GnuPG with the goal of closer adherence to the IETF #OpenPGP spec.

One currently open question is if/how draft-ietf-openpgp-pqc support could be realistically added to #FreePG

I've started https://codeberg.org/freepg/freepg-draft-ietf-openpgp-pqc first of all as a notes-to-self repo for a (presumably very slow and long-term) side quest to explore this problem.

Specifically, the goal would be adding support for v4 ML-KEM-768+X25519 subkeys.

https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-17.html#ecc-mlkem

To distribute an Android app outside Google Play, starting September 2026, developers will need to register with Google, submit government ID, and pay a $25 fee. Even if they're using F-Droid or the Amazon Appstore, stores Google doesn't own or operate. Privacy groups are pushing back.

https://reclaimthenet.org/open-letter-google-android-developer-verification-policy-criticism-2026

#Google #Android #enshittification #dystopia #software #monopoly #technology #idverification #privacy

Bad news 😔💔

I am sad to announce today that unfortunately I will not be working with Privacy Guides anymore after the end of this month.

Good news! 🚨  

I will be available for a new position or contract, starting in April!

I am looking for a position or contact for:

✊ Digital rights activist (with a specialty in privacy rights)

🔒 Privacy expert or consultant

 Fediverse and Mastodon advocate

🙌 Managerial position

📰 Tech journalist

💻 Technical writer

💚 Or any other fitting positions

I am especially interested in working with nonprofit organisations, cooperatives, open-source projects, privacy-oriented software companies, or any other organisations working for the public good.

🇨🇦 Remote from Canada

 All the work I produce is guaranteed to be AI-free

Let me know if you hear of any good opportunities!

#FediHire #GetFediHired #Tech #Jobs

Happy to share that our work analyzing the performance of ARM Memory tagging extensions on real hardware has been accepted at USENIX Security 2026. We look at the performance of MTE on Pixel 8, Pixel 9, AmpereOne CPUs, and even have some preliminary analysis of MTE performance on the Mac M5. This covers MTE on phones, laptops, and server chips.

Context: Memory safety bugs represent the majority (50% to 70%) of bugs in systems like Chrome, Windows etc. ARM's memory tagging is a hardware feature that can be used to probabilistically detect memory safety bugs. Unfortunately, most discussions of MTE's performance overhead so far have been vague. Since MTE is now available in a handful of devices we decided to take a look!

Highlights
----------------
- Performance overheads of MTE can vary widely according to micro-architecture and benchmark.
- SYNC MTE can indeed be implemented efficiently as shown by the implementation on the AmpereOne, Mac M5, and Pixel's Little core. But micro-architectural details can lead to large overheads on specific benchmarks. E.g.: Causes a factor of 2x to 6x on Pixel's performance core, 1.8x on Pixel's big core, 1.43x on AmpereOne cores, and 1.29x on Mac M5 cores. Interestingly, on receiving our report, Ampere noted they had also discovered this internally and have fixed this in future chips.
- ASYNC MTE is faster than SYNC MTE and imposes very low overheads on Pixel's Performance and Little core. However, counter to conventional wisdom, subtle micro-architectural issues can compromise in ASYNC MTE's performance on specific workloads and micro-architectures - E.g., 1.8x on Pixel's big core.
- MTE's runtime support matters! The Linux kernel's support for MTE sometimes resulted in 25% throughput drop on Memcached on AmpereOne chips due to an assumption made based on an ambiguous part of the ARM MTE specification. We submitted a patch for this to the Linux kernel mailing list which eliminates almost all of the overhead on this benchmark.
- Prior academic work tested MTE using performance analogs. This was reasonable since MTE hardware has only been available recently. Unfortunately, we see that the analogs don't reflect real world performance. Further, assumptions of MTE performance from prior work on real devices are at best, incomplete (and at worst: wrong) due to testing on a single MTE micro-architecture or in some cases: benchmarking bugs.
- Finally, for use cases beyond enforcing memory safety, the first generation of MTE implementations has mixed results. Data tracing and copy elision can use MTE for speedups today, while CFI and SFI (in-process sandboxing) don't yet show clear performance with today's MTE implementations.

I suspect USENIX will have the papers up soon, but in case you want to look through the specific details, a copy of the paper is available here.
https://shravanrn.com/pubs/mte-extended

Kudos to the whole team and especially to Taehyun for driving this work!

Team: Taehyun Noh (@taehyun), Yingchen Wang, Tal Garfinkel (https://www.linkedin.com/in/tal-garfinkel-937528/), Mahesh Madhav(https://www.linkedin.com/in/mahesh-madhav/), Daniel Moghimi (@flowyroll), Mattan Erez(https://lph.ece.utexas.edu/merez/), Shravan Narayan (@shravanrn)

Also shout out to Mahesh Madhav and Carl Worth from Ampere for their help with Ampere infrastructure and identifying/testing kernel patches for MTE performance.