Whoever made this has never used Google Cloud Platform.
Whoever made this has never used Google Cloud Platform.
I’m not sure if it’s part of a TLS standard yet but I was talking about encrypted SNI (ECH, formerly called ESNI).
Today, early on in a TLS connection, the client actually tells the server, in plain text, the domain name it’s intending to communicate with. The server then presents a response that only the owner of that domain can produce, then keys are exchanged and the connection progresses, encrypted. This was required to allow a single server to serve traffic on multiple domains. Before this, a server on an IP:Port combo could only serve traffic on a single domain.
But because of this, a man in the middle can just read the ClientHello and learn the domain you’re intending to connect to. They can’t intercept any encapsulated data (e.g. at the HTTP level, in the case of web traffic) but they can learn the domains you’re accessing.
ECH promises to make the real ClientHello encrypted by proceeding it with a fake ClientHello. The response will contain enough information to fetch a key that can be used to encrypt the real ClientHello. Only the server will be able to decrypt this.
And your ISP can still see which domains you’re going to if you use them as your DNS.
Just so you know, because TLS SNI is not encrypted and not yet universally obfuscated (adoption of this is pretty slow and one of the largest CDN providers had to pause their rollout last I checked), not-even-barely-deep packet inspection can be used to track the sites you visit regardless of your DNS provider or wherever resolution is encrypted. Just do a packet dump and see.
Also, if a website isn’t fronted by one of the most popular CDN providers in existence, it can be possible to infer the sites you’re visiting based on their server IP addresses.
Although this just shifts where tracking can occur, a VPN is the only reliable way to maybe prevent your ISP from tracking the sites you visit, if this is your desire.
When the 3.5-less trend started setting in, I still had a phone with a headphone jack but started looking into wireless Bluetooth digital audio convertors just to prepare myself for the reality that it’ll eventually be hard to find a phone that’s both…good…and that I could plug my IEMs into.
One I settled on was the Radsone ES100. Besides allowing me to continue to use my headphones, one feature I really liked was its ability to store equalizer settings that could be used with any source, whether it be a Bluetooth device or one I plug the DAC into via USB. I found that there were equalizer apps for Android, but they kept getting killed because of memory limitations I guess. This device externalized the EQ.
Anyways some of the folks who made that branched off and made an even better version, the Qudelix 5K. It has the same features but does a better job of simultaneously connecting to multiple devices (but sadly it doesn’t mix the sources…it just has a priority 😔😔😔😔). So I grabbed that upgrade and now the headphone side of my audio is locked in.
I found that getting a Bluetooth DAC helped me feel better about the trend of removing a standard audio connector from devices (which I gotta say, still makes no sense). It still frustrates me that I need to walk around with another device and the limitations of Bluetooth are annoying, but the cool thing is that when my last 3.5mm jack equip device (OnePlus 5) just stopped turning on, I just grabbed a random replacement phone (Pixel 5) and kept the same audio chain.
tl;dr - Consider just accepting that this is the trend for phones these days and try a portable Bluetooth (or even USB) DAC. When you find one you like, moving to any source will be less stressful. It won’t matter if it has a headphone jack: you’ll be able to focus on other features or even just get a less costly device that’ll sound identical to what u know.
I’ve always found this take on in-product purchases and subscriptions weird.
You are right that they’re allowed to do whatever they want, but…this is just my personal take…the value proposition for Nitro is pretty low as it is. Trying to get more than a subscription from me is a bit of a turn off and makes me want to reach for the cancel subscription button (actually, my subscription is currently in this state through to the renewal date because of the nags about paid borders and stuff).
I do this with this and also other services that want to upsell beyond a premium or support the platform experience. If I’m already supporting the platform, the first time I’m asked to support it more is when I cancel the subscription. Then they have the uphill battle of convincing me to resubscribe in the future.
Stated differently, if they don’t remind me I’m subscribed, I’d just keep paying. If they remind me by asking me to pay for things over and above a subscription, I’m suddenly trying to find the true value of the new thing, and also in the next subscription payment. If I can’t decide within a few minutes, I always just hit cancel.
You’re not alone. Especially over the past few months, fonts on mobile seemed slightly off. The new design looks way better in comparison as the typography is consistent across the entire app.
I dunno. Just speculation (here’s a grain of salt but) people may be sick of Nitro because of all the features that Nitro users are asked to pay more for. It’s weird to remind people who are paying a subscription for an app that there’s a store where they can pay more for stuff.
It’s more down to trust and attestation than a technical implementation. Whoever makes an NFC payment system needs to prove to payment processors that the chain of software and hardware from the payment terminal to whatever proves you’re the account holder (a card or a phone) can be identified. And, separately, the implementation needs to be audited.
This may sound like they’re trying to make this horrible walled garden on the surface, but bank users expect their money to not get stolen. And if it is, they expect the bank to make that problem disappear. The bank can only provide these assurances if they control everything.
This is why they use hardware attestation and a chain of trust all the way through to the OS to identify the specific implementation of an NFC payment system. They want to know they can go after whoever created the buggy NFC payment implementation to recover the money or to least stop partnering with them.
Not a lot of FOSS developers would go through the trouble.
It’s weird how I didn’t really care about the pinhole camera or my Pixel 5 weird dimensions until Ambient Mode started highlighting it. When ambient mode shipped (silently), I seriously thought I forgot that the aspect ratio wasn’t 16:9 and the pinhole was so visible all these years. Turns out the bars hid these distractions.
The feature looks great on Desktop, but on mobile, I kinda prefer the bars actually hiding the edges of the screen, esp in fullscreen mode in a darker room.
It’s cool that you can just turn it off, and hopefully, in the future, they let you toggle the feature in fullscreen and portrait mode separately.
tl;dr - Second option usually.
I think a huge part of shell programming (besides recognizing when anything more maintainable will do 😂😂😂) is trying to allow others who aren’t as familiar to maintain what you’ve written. Shell is full of pitfalls, not the least of which is quoting and guaranteeing how many arguments you pass to commands and functions.
To me, the whole point of quoting here is to be crystal clear about where command arguments begin and end in spite of variable substitution. For this reason I usually go for the second option. It very clearly describes how I’m trying to avoid a pitfall by wrapping each argument to find
in a pair of quotes: in this case, double quotes to allow variable substitution.
Sometimes it’s clearer to use the first approach. For example, if the constant parts of one of those arguments contains a lot of special characters, it may make it clearer to use the first approach with the constant parts wrapped in single quotes.
But even then there are more clear ways to create a string out of other strings. For example, the slightly slower, and more verbose use of printf
and a variable, and then using that variable as an argument…wrapped in double quotes since it could contain special characters.
They’re completely different implementations of systems that steam video/audio/inputs.
Valve’s is pretty buggy but has deep integration with Steam and allow NAT traversal, while Sunshine/Moonlight are way more reliable, have features that reduce latency but are pretty barebones as far as features: they just do streaming with no tight integration with what’s being streamed.
And Sunshine is a reverse engineered version of Nvidia’s game stream server, since Nvidia sunset Gamestream a few months ago.