With the whole XZ compromise, i am now rethinking the pros and cons of using f-droid

Google play: trust the developer, trust google's vetting process and distribution

F-droid: trust the developer, trust f-droid build tools and distribution

So in both cases, the developer could be either knowingly or unknowingly including malicious code in their code or apk... We cant really do anything about that. Have to trust the developer, or build from source yourself.

Once the apk is produced and sent to google, it is unlikely to be altered before being downloaded on to your phone. (Assuming your threat model does NOT include google being coerced by state level actors to send you a bad .apk)

F-droid's entire build chain and distribution seems like a relatively easy target for building and distributing bad .apks. We're talking about the difference between attacking google, vs. attacking a small community supported website.

Dont get me wrong, i'm a long time f-droid user and donor. I'm just thinking out loud and seeing if anyone else has similar concerns.

My niece has an old iphone with no SIM/phone number. Only wifi internet access.

Looking for an app for both of us to be able to chat

She cant chat with me over signal because no phonee number. She chats with the rest of the family over imessage, but i have an android phone

Is there an app available for both android and iphone to let me chat with her?

Thanks

Edit: willing to self-host for extra privacy. My nieces and nephews are all young children so i definitely want to encourage/educate them to get off corporate controlled communications channels

I'm looking to qualify for boston (M41, 3:10 for my age group)

Current PR is 3:20

Is having a coach worth my money and their time? I have no delusions of being an elite runner. Is coaching a good tool for my current level?

i guess i just experienced one of the biggest downsides to the fediverse that people have been talking about. instance suddenly disappeared with no warning. i guess i've lost my follow list

gensler is one of us! confirmed btc maxi

EDIT: if you're going to downvote the post, please comment and say why.... i'm happy to learn what kind of content is not welcome here. this is a very new community that's a bit dead and lacking content. so it's not really helpful to just downvote things without saying why at this early stage

full text from the bird site thread:

Remco Evenepoel is seeking to leave Soudal-QuickStep, various close sources have informed RadioCycling, with the world champion unhappy about the team’s future direction and doubting if they can support his ambitions, such as winning the Tour de France in 2024.

We understand that Evenepoel’s camp have contacted a number of teams after concerns over QuickStep’s finances. Evenepoel also doesn’t believe his wage compares with that of his peers. It's thought he earns no more than €4m after bonuses, compared to Pogačar’s reported €7m.

One close source to Evenepoel said: “It will all come down to money… and his current contract underpays him. Patrick Lefevere needs to adapt his contract or risk conflict.”

Evenepoel has a contract until the end of 2026 and we understand there are no breakout clauses.

Ineos Grenadiers are the clear favourites to sign Evenepoel and met with his representatives last autumn. But RadioCycling understands that Israel-PremierTech are also a genuine possibility, with Evenepoel’s camp having very close relationships with Israel staff members

Despite rumours linking both Lidl-Trek and Bora-hansgrohe to Evenepoel, senior sources at both teams said they haven’t opened up discussions with the 23-year-old. Multiple sources have confirmed that any transfer would be a “package deal” involving Specialized.

Signing Evenepoel, however, is not easy. Despite reports to the contrary, sources have confirmed that all outstanding bonuses have been paid, therefore there is no contract breach. Patrick Lefevere told RadioCycling: “I don’t owe €1 to anybody. Everything is paid.”

That means the only possibility for Evenepoel departing is if someone buys out his remaining contract, something that is likely to cost in excess of €10m. Lefevere insists that he won't sell.

He also rubbished claims Ineos owner Jim Ratcliffe could buy QuickStep’s licence.

just some rumour fodder to fill some time on TdF rest day

seems bonkers insane that IPT is in the conversation, given that sylvan adams is already regretting setting a pile of cash on fire with froomey

Everyone is getting jerked around by IBM and now Oracle adding to the drama

Meanwhile my servers are stable and debian development keeps quietly chugging along with minimal noise

Just wanted to say how much i love the debian project and all the contributors

People should recommend debian more

6 July, 2023 Live Tracker | Results

i installed debian with KDE for a friend years ago... is there a way to upgrade to bookworm using the "discover" GUI? or are they going to have to edit /etc/apt/sources.list?

not they they are incapable of doing something simple like this, but just wondering if there is a GUI method to do a full version upgrade

thanks

We took away two important descending tools from the riders

1. Supertuck
2. Fake aero bars/puppy paws (i hate that term, carlton)

Do you think that riders would take less risk on turns if they could still do supertuck? Or would riders supertuck AND take big risks on hairpins?

Not blaming Mader or saying he took risks. But the incident made me think about risk management