simply reading the browser agent isnt really security

It's not for their security, but for that of genuinely clueless people that are just running an actually outdated browser that might have known and exploitable security flaws.

Oof, that quote is the exact brand of nerd bullshit that makes my blood boil. "Sure, it may be horribly designed, complicated, hard to understand, unnecessarily dangerous and / or extremely misleading, but you have nOT rEAd ThE dOCUmeNtATiON, therefore it's your fault and I'm immune to your criticism". Except this instance is even worse than that, because the documentation for that command sounds just as innocent as the command itself. But I guess obviously something called "tmpfiles" is responsible for your home folder, how couldn't you know that?

That's some dense whataboutism

If you have a dynamic pricing contract of course you get a discount... If you don't, you chose not to in return for price stability 🤷

Though yeah, last time prices went negative in Germany I was still paying 10ct/kWh in just taxes and fees. Would be pretty cool if they'd have paid me for using electricity during that time, but of course that's not how that works.

Apparently 50%+ of the company belongs to Gabe himself, presumably he would pass it on to some very trusted. That makes a hostile takeover pretty unlikely.

Totally agree, this honestly sounds a bit like putting principles before reason. Personally, I don't at all see why paying people for their work would make projects adhere any less to the "open source ethos", even though I hear this idea a lot. I think that in an ideal world, it should be possible to contribute to OSS projects full-time and make a living, financed by donations from dependants (including corporations) that profit off of the free software and have a vested interest in continued and rapid development of the project.

If you really don't want the money to reward contributors, why not pass it on to open-source dependencies of your project that are looking for funding? FOSS projects not scrambling for funding is pretty rare today unfortunately.

If you read the original report, it says that it basically just displays a fake banking login page. It also says that it requested accessibility service permissions, which makes me think maybe it brought up the fake login pages "in the right moment" (as in as users opened their banking apps) to make it more convincing, even though the article doesn't specify that.

Either way, IMO the problem here is clearly with the Play Store allowing this app in, and not with Android's security itself. These apps are misusing the accessibility service system, which is obviously necessary for a ton of important use cases (and of course also requires the user to grant very explicit permission). The fact that the accessibility services are a thing doesn't delegitimize Android's security improvements over the years.

Some fake Telekom workers showed up at my grandma's place in person recently, wearing uniforms and all, saying they need to "perform maintenance on the TV connection". Luckily, grandma's still super sharp, recognized that something was off, and just shouted "Peter, the TV people are here" into her flat, even though she was alone and Peter had died decades ago. They made some excuses and left immediately when they thought they were no longer just prying on a single brittle old lady.

Super proud of her, but also so scary to think that a bunch of asshole scammers were so close to just walking around in her flat.

Und dabei hat die CDU doch extra nett gefragt, dass jeder bitte nur einmal abstimmt. Hätte echt niemand mit rechnen können, dass sich da keiner dran hält.

Right, because non-technical people would be expected to understand what an "out of memory" error means

They have absolutely no idea what they're even talking about is the craziest thing. If you ask them to define "woke", they stumble.

Many real scams are not this obvious, plus a lot of old people are senile to some degree, which these scammers are exploiting. My grandma was contacted by "her bank" about verifying her identity, and after a few minutes of establishing a backstory they asked her for her debit card info including CVV. It all sounded very legit, and they even "transferred her to another department" with hold music and everything. Luckily, she didn't fall for it.