Organic Maps is available on Linux! It's on flatpak and several package repos (but not apt). I don't know how long it's been there — I just discovered it.

The splash screen cautions that this Linux beta doesn't have parity with the mobile apps yet, but it's still a huge leap over Gnome Maps. Vector rendering, so you can zoom in as far as you want, and free / open source / not shitty (notwithstanding the big scary EULA, which just contains all the OSS licenses for all the pieces).

with the simple tools suite being sold to a purveyor of non-foss things, remind me of your favorite lists of recommended apps? i was using simple contacts and am not immediately sure of a good replacement. i would want one without internet permissions, which was why i disabled the google builtin.

I had reimaged my old Samsung on LineageOS as it seemed to be the only alternative that supported my model. It was fine until I installed OSMAnd, which couldn't get a location. Shame on me for not noticing that I would need microG for that. Not feeling comfortable with all the rooting and flashing needed to shoehorn microG into an existing image, I figured I'd try LineageOS for microG.

Having loaded a lot onto this phone already, I wanted to try a dirty flash first, knowing full well it might not work. The first prerequisite is to use an image of LOS/µG that is dated higher than the image in the phone. I had just updated, so I needed to wait for the next one.

The docs say that LineageOS for microG will be updated "a couple of times a month". But the latest LOS/µG image has remained at 11/2/23. This means I haven't had an opportunity to try the dirty flash, but it's also a security warning sign for me—LOS updates weekly like clockwork. Irregular and slower-than-promised updates make me a bit nervous for this aspect of device safety. It's not just my model either; most of the images are backdated more than two weeks.

https://download.lineage.microg.org/

(Yes, I know my boot loader is unlocked, and no, Calyx and Graphene don't support me, so I made my choice between physical insecurity and Google insecurity.)

The Molly fork of Signal now has a variant that supports UnifiedPush, but it requires a helper called Mollysocket to be installed on a server somewhere. I can't get my head around the (we'll call them 'lean') docs, and I've never encountered such a helper for other UP apps. They just ask what to attach to, and they attach.

Has anyone fought through this?

Chromium derivatives like Vivaldi and Brave decried the Google Web Environment Integrity… um, 'feature', at varying volumes, back in the summer when it became widely known.

But can any Chromium-based browser actually avoid implementing this? Have there been more recent statements?

Since the integrity environment gunk, I've switched all boxes over to use Firefox as primary. This took a lot of configuring, as Firefox out of the box brings… a lot of stuff I don't want.

One of those things is telemetry — whatever that means to Mozilla — that was tamed only with a combination of an enterprise profile (hi sudo!) and user.js hacks.

However, the policy and user.js changes don't work on the Ubuntu box, where I've installed Firefox from the PPA to get it out from under Snap (and thereby usable with a password manager). The policy locks down and disables the right configs and the configs all have the right settings, but it keeps pinging incoming.telemetry.mozilla.org. Two Macs and a Pop!_OS box don't ping Mozilla at all with these settings.

No harm no foul, I just blocked them in NextDNS and laugh in their general direction. I just wonder what else is different in the PPA.

Every few Firefox releases there's one where they helpfully throw new junk in your face or mess with your settings. Firefox 118 is both.

Mozilla has added a translation engine that they say is client-side, based on an engine called Bergamot that they created. They removed all languages other than the one I'm writing in from my settings, even though I read (poorly, and for sport) in other languages. And then they put a pop-up over every page that's not in English - including some I've deliberately switched to other languages - offering to translate it.

Getting rid of this requires an about:config hack that I saw only on The Site We've Chosen Not to Use. So here's the incantation:

browser.translations.automaticallyPopup false

and if you're really angry

browser.translations.enable false

And put back any languages it removed from your site preferences.

Honestly, if I didn't know these people weren't Google, I'd be really suspicious. But with Chrome's stellar Ad Privacy, I have to put up with Mozilla's crap, as the clock has to be ticking even for the 'good guy' Chromium derivatives.

i've tried grocy a few times over and it's burned a lot of time and brain cells. is there anything that does this (or even much less than this) and just works?

i understand why it was made this complex - i code and i work with people who want everything to be so theoretically 'flexible' that nothing simple works, so i'm used to the abstraction layers. but

• first try: looked at number and size of packages, no tree-shaking, code doesn't pass sniff test. dozens of megabyes for this? nope
• second try: well i don't want to build this myself. i'll put it in its own instance to minimize security exposure. but hey, this release is months old and these terrible bugs have been fixed, i'll just grab newer code. missed the thing where database migrations are tested only from official releases. database breaks.
• i learn sqlite syntax and reconstruct the database.
• months later i download new grocy android client, which expects a v4 grocy back end. all recipes break.
• i download official grocy v4 release (the third one in rapid succession, due to major bugs - luckily i hadn't tried too early).
• database breaks.

i'm done. i don't care that i lose the work i already put into it. i just want to open the cupboard twice and have the same thing be there both times. help

Starting in version 1.54, [the browser] Brave will automatically block website port scanning, a practice that a surprisingly large number of sites were found engaging in a few years ago. According to this list compiled in 2021 by a researcher who goes by the handle G666g1e, 744 websites scanned visitors’ ports, most or all without providing notice or seeking permission in advance. eBay, Chick-fil-A, Best Buy, Kroger, and Macy's were among the offending websites.

this raises my antennae way up but i have to admit, although being probed makes my skin crawl, i don't actually understand what bad actors can do. it seems bad but that could be fud.

more distressing is the wall of shame; if even slightly true, this is hideous. typing just obvious things i know from just one screenful of a 700+-line document: state farm, lending tree, citibank, glassdoor, iberia. for some reason financial firms are heavily represented here.

anyone have any knowledge in this domain? and if it's an actual problem, what's the best way to put a ring around it? the actor is inside your browser, so the usual firewall tricks don't apply.