Russia cannot even beat Ukraine … no way they are going to start something with NATO or at least no way it is to their benefit to do so.

There are a lot of quotes and memes that are just wrong or at least very situational.

I have not followed the discussion so I may be just wrong. What I wonder is regarding the maga crowd is that they may tend to be more conformist. Also things like loyalty may tend to be more important than honesty with this group. I wonder if seeming weird in that group and being yourself is a lot less acceptable.

Fastmail is probably the front runner. The cost which is maybe $132 a year seems a bit much but doable. They also do not support PGP and WKD. The namecheap premium plan would we would be $72 a year and even less with the current promo. They also have a cpanel mail solution too which is even less. Similarly mxroute is about $49 year for more too and seems like it may be run by people with similar attention to detail.

I agree though that Fastmail is a good choice and a more define long term reputation for email.

I was wondering about these guys. Seems too small to early stage. It says Beta. Feels like a one person operation though maybe I am wrong. Also web traffic is really low though maybe it is because they do not use trackers.

Happy to here any insights.

I believe in being as local as one can. One cannot always assume that those global data links will be up the way the world is going. Also if you think email security is bad in the US then how is it better to ship data half way around the world. Makes no sense to me. The US is not suppose to spy on US citizens in the US but every thing that passes a border is up for grabs as far as I know.

The DGI Mini 3 Pro. Looks pretty cool. For that. Frankly you could just buy a separate cheap phone or tablet to use with just that or use an old one you already have. When you buy something to replace it later you could also consider openness and compatibility too.

Also decide what apps that you must have. If you can use the browser version or the progessive webapp version which is just the browser version installed that is probably better. Or if you do not need it on your phone use the browser version on you laptop.

In the end though you will have some of these platforms for network reasons. Mostly things like Instagram, Facebook, LinkedIn. Google is not one of them though except for android itself. You also do not have to spend a lot of time contributing to these platforms. Use them when you need to nothing more.

deleted by creator

Well that is the point isn’t it. Companies are not very reliable. The only thing they can be relied on to do is whatever butters their bread and that can change at any time. There is also a PR component and a fact component and they do not always agree.

Proton is really no different. I seem to remember they changed what they said on their website after outing that activist. Presumably to be a little less misleading. Again, I am impressed with Proton but not infinitely impressed.

He is not an American citizen and he is not in the US. How does US law apply.

I am still not clear what supposed crime he has committed other then pissing powerful people off. He should get a reward for that.

I wonder to what sort of standard. I know I was shocked how poor things were when I started grading college students work as a TA. Same later in the work world reviewing nominations for an award.

Security audits do not guarantee security. They are just the best we have. Just as code reviews do not guarantee good and trustworthy code. In the end, we do not know what we do not know. In the end, every system has its weaknesses.

Sure I believe Proton is a reasonable supplier. Even with that Proton for example is on the record of giving out user info to governments. I am sure they did not meet the expectations of that activist.

All security is porous. So there is every reason to believe that Proton or any other org will have a major breach at some point.

Edit: Just think of the LastPass debacle.

Pretty much any IMAP mail provider combined with Nextcloud for sync will work.

Keep in mind too that Proton Mail has a commercial offering that should work with thunderbird. I have no experience with it.

We use our ISPs mail with our Nextcloud instance but long run will probably move to domain mail with maybe Fastmail for the mail component. Not sure yet. I will be interested in what you find.

Supply chain attacks also show one reason that using older software like Debian stable may be a better plan for things that matter. All new software versions need some time to be tested and vetted.

It also shows the importance of security in depth. That less is more in terms of code dependencies and complexity. That knowing dependencies is as important as knowing your code.

I would consider the xz incident to be a success. The supply chain attack was found pretty rapidly. We have already seen many of these and we will see more. Ones I remember off the top of my head include Linux Kernel, NodeJS, Python PyPI.

I would not over blow this. Security is an ongoing activity and all security is porous.

My wife and I have used GnuCash for 20 years. We used Quicken before that. Like GnuCash way better since it is actually double entry accounting. The major limitation of GnuCash is that it is not concurrent. So to people cannot be modifying the ledger at the same time. Not sure about viewing. It can be SQL database backed though I have never used that functionality. The other place where FOSS stuff probably lags is integrations.

Edit: Another area in which GnuCash is weak is basis tracking. Fine on accounting for gains and losses but for tracking the basis is limited. At least my version is. I am on 3.x which is the version in the repos of my near end of life Debian 10 distro and latest is 5.5. At least my version there is no way to show true returns either.

Why ssh? Does ssh use xz?

I think it depends on how good your Numpy build is. Lot of Numpys are not that well built so Numba seems to help there too in that case.

For a python library to be fast it needs to be compiled for your specific hardware, vectorized, with fast math, and auto parallel. Most are probably not unless you build them youself.