Most effective method for me has been to use 1 e-mail address alias per service. If that address starts receiving spam then you know who is to blame for the leak, can move that service to a new e-mail address and then blackhole all e-mails sent to the old address. That obviously means having to setup a new address for every service though so I usually setup 20 at a time and hand them out as needed.

The delay makes intuitive sense especially since it will give the target a chance to complain about it to their friends and family who will hopefully stop it from there.

However, I’m not sure if it’s worth it. I imagine this would stop exfiltration apps which scan the users device to useful data and maybe passive screenshots but this pales in comparison to apps with subscription dark patterns, gambling and apps that harvest and sell your data legally already. If this was a case of apps prompting the user to enter sensitive information into a form then they could just use a browser.

I don’t know. I think this is a good measure to prevent scams. I’m just uncomfortable about Google’s motivation.

Not that it impacts the validity of what he’s saying but the art the robot destroying Debian is using the logo for Rust the game, not the language.

I recall spreadsheets being particularly painful on mobile when I’d try to select multiple rows and it would select way more at a time but would need to fouble-check that or find a screen recording if I made one at the time.

The main issues is there was a bug where if there is an open session for a document in Collabora (including dead sessions say from mobile) and that Collabora server is shut down in the wrong order, then all changes including if you click “Save” will be lost. A bug was opened for this and closed by making sure the servers shut down in the correct order, but I don’t know if that fixes cases where the servers a hard shutdown.

Fingers crossed this can be a viable replacement for Collabora Online with Nextcloud, which has been a nightmare.

You would need a way of verifying that the SHA256 is a true copy of the site at the time though and not a faked page. You could do something like have a distributed network of archives that coordinate archival at the same time and then using the SHA256 then be able to see which archives fetched exactly the same page at the same time through some search functionality. I mean if addons are already being used for doing the crawling then we may be mostly there already since said addons would just need to certify their archive and after that they can discard the actual copy of the page. You need need a way to validate those workers though since a bad actor could just run a whole bunch at the same time to legitimise a fake archival.

Until the other penny drops and makes federation impossible: making it so users on other instances are treated as your users if they interact with your instance. If such a law was introduced I’d imagine they’d carve out an exemption for e-mail since that would cause utter chaos.

Loving the transparency on this post! It would be lovely if you could specifically fund the work which would allow Matrix to have those more gamer-foused features.