waffle

I've tried both and ~/.local/bin tends to be used by a bunch of tools to install their own binaries/scripts so depending on what you use it can become very messy (which did happen in my case). I used to have a ~/Documents/Scripts directory in my $PATH and that was much cleaner than my current setup so that's what I'd recommend, especially if you want to use Git with it! :)

Sometimes it's plug-n-play and everything works great. Sometimes you press the update Nvidia drivers button on your Ubuntu work computer and then need to tell IT you bricked your OS. YMMV

No worries Mickey Mice! Hopefully you won't face any more big hardware issues after that ^^'

Good luck in your Linux journey! :)

21:00.0 Network controller: Broadcom Inc. and subsidiaries BCM4352 802.11ac Dual Band Wireless Network Adapter (rev 03)

It's probably related to this recent issue

In my experience Broadcom on Linux is a bad omen, second only to Nvidia. If you can, I'd recommend switching your Wi-Fi card for one that has better Linux support (e.g. "TP-Link Archer TX3000E" or anything that uses an Intel chip inside really since support for them is handled directly by Intel and integrated into Linux's source code). Good luck! :)

Make sure that your device is not 'rooted'. If the operating system is an Android variant (also called a 'custom ROM'), such as LineageOS or Pixel Experience, then the wero app can’t be installed for security reasons.

(cf. https://support.wero-wallet.eu/hc/en-us/articles/25599098295313-I-m-seeing-this-error-message-Your-device-does-not-meet-our-security-requirements)

I can't use it but it looks neat! I hope these companies will one day realise that requiring the user's device to be an opaque jail controlled by a usually foreign third-party isn't good security practice :/

Shit like this is why people go back and play much older titles and have a great time with them

"People" as in maybe 5% of players

That's the part of the comment I was referring to. It's factually wrong: only ~15% of playtime is spent on 2024 games

LoL didn't release in 2024, neither did Warframe. I'm not arguing that old service games don't make the most revenue, they obviously do, I'm arguing that a lot of the live service games that are actively comming out are almost all underperforming and failing to get any kind of audience. All that means there's very little incentive to develop a new live service game unless you already have a big community for it or a brilliant idea

If you have a lot of money, you're better off investing in a "Black Myth Wukong" or "Elden Ring" -- both of which are outperforming the newest Call of Duty on Steam in revenue -- compared to a new random live service game

47% of the total playing time on Steam was spent on games released in the last one to seven years, while a sizeable 37% of time was spent in games that have been out for eight years or more.

Source: https://www.pcgamer.com/games/only-15-percent-of-all-steam-users-time-was-spent-playing-games-released-in-2024/

Also with all the recent Concord-style live service fails maybe investors will want to fund other stuff from now on? idk

Damn already working on an app? That's so cool! Starting E2EE there is definitely a good idea then!

MeroChat is such a nice project, thank you for working on it <3

The server might always send a modified script that just uploads the plaintext private key.

Yeah, you'd need a way to validate the client code before it's executed to solve that issue

Section "2. Client application security" of MEGA's Security Whitepaper discusses this exact problem. Their best solution to that issue is to just cram the whole frontend in a signed web extension and not serve any code to the user when the extension is active, which is not very user friendly but works for those who want an extra layer of protection

I just can't find a good user-friendly implementation, sorry for not being of more help. The web just isn't E2EE-friendly ig :/

Yeah, I'm not used to E2EE in the browser either and StackExchange seems to agree that there's no nice solution :/

The sanest option in terms of user practicality to me appears to be storing the private key on the server, maybe encrypted with the user's password, and sending it to the user on successful login where it would be decrypted client side. It seems like it's more or less what MEGA is doing since they have a similar issue

If the server having temporary access to the user's password is an issue maybe the password could be partially pre-hashed before being sent?

It's be interesting to talk about it with someone with more experience, especially since implementing all of that will be a pain so it can't be redone every Thursday

I know Matrix has E2EE with some public documentation on its implementation. Maybe it could help you? Idk how familiar you're with E2EE or what kind of implementation you'd want, anything will have drawbacks :/

Nothing forbids sharing US news in this community. Anything interesting on the globe goes afaik :)

Also while many countries don't have inequality issues in the "highly privatised health care" industry, I genuinely can't name a single country without inequality issues and Luigi's story may be inspirational to some of these ppl facing inequalities so imo it's good to see it shared here!