Oh, wait until you get a job in most offices. Microsoft, Microsoft everywhere.
BYOD with Linux? “We can’t install the company’s spyware on it, get that security risk out of here.”
I mean they’re not wrong, BYOD is an absolutely ginormous attack vector.
If an organisations’ security relies on the end device configuration there is no security.
Who needs defense in depth, right?
You can bring your own devices, but you don’t get permission to access anything?
Or what are you even trying to say about what the end users device being able to do anything
I don’t think I said anything about what a device can and cannot do
For the user or the company? Assuming the user isn’t a moron with computers?
Edit: guess im out of the loop as a contractor who generally only does BYOD with my linux machine
Both. The company puts shit on the user’s computer and the user may not meet the company’s security standards. It’s just a bad idea.
Assuming the user isn’t a moron with computers?
Lol
For the company, and no one should ever assume for a moment that everyone has their guard up at all times and is infallible.
As far as I’ve heard you actually assume quite the opposite.
If a user doesn’t understand that having complete control over every device in your network is essential, he’s being a complete moron with computers.
You should do your work, not worrying about patching all the 128 tools you think you need, that’s other peoples job.
deleted by creator
When you’re supporting ten thousand machines on four continents and confirming to twenty different data protection doctrines the last thing you need is some neckbeard rocking up demanding to store data in their unauditable homebrew fork of Haiku or some shit.
What is achieved with GPOs and agents is compliance, not security.
In other words, company issued devices don’t protect the data, but they ensure conformity with relevant regulations and standards. Which is what most organisations actually care about.
Many good IT people really do care about actual information security, but not those in charge.
The result are devices that hinder some people’s work but provide questionable actual security.
Look! A Linux user! SCATTER, BEFORE HE CATCHES YOU!!
I always make sure to ask whether I can choose my own OS during job interviews. If they say no, then that’s an immediate dealbreaker.
What if their OS choices aren’t insane?
Listen I work in IT and everyone is getting templeOS and they can like it. If gods own operating system isn’t good enough for you then you can clear off.
People who make a living by configuring Microsoft products for company use won’t want to change.
Im all for privacy and obviously working where you want to but like really? Your unwilling to take a position if the desktop/laptop you use only for work doesn’t have an OS that’s acceptable? Regardless of pay/perks/etc you wouldn’t take a position where everything is perfect except you have to use their specified OS? This is genuine curiosity hopefully this doesn’t come accross as me trying to say I doubt you or your not entitled to your opinions but I just don’t get it, curious to understand why. What industry do you work in? It makes sense if a certain OS could make your job harder but I would be more worried about being able to use software that I want rather than OS at least at my current position.
Not parent commenter, but yes, an inappropriate OS makes the job a lot harder for software developers. Also, there is rarely a need to store data on the end user device, this is mostly done out of convenience and lack of knowledge on how to do things properly
It doesn’t have anything to do with privacy, it’s more about being able to use tools that I’m deeply familiar with.
I am so looking forward to my daughters to become students. Definitely going to discuss this topic through with every person I have to. I am so not going to use WhatsApp or whatever similar software again. If there’s no other solution, they can call me or write a letter :D
Yeah but if you don’t have brightwheel or seesaw or whatever the fuck, you won’t be getting important notifications. They only only call when you’re late for pickup or your kid shit so bad you have to take them home. Some of these are tied to billing as well. Don’t want to use My School Bucks? No aftercare or cafeteria breakfast/lunch. Sack lunch only.
It’s a huge pain but in many cases there’s no way around it.
I’m aware the original subject matter of this post is different, but the walled garden apps that you have to use no matter what start as soon as they enter preschool
I don’t know any of these apps and I don’t know if they are used in Europe too, but if I really have to use some of these apps (and I understand that can absolutely happen), there will be an old/cheap phone laying around with these apps installed, they won’t be on my primary phone.
I concede that that may not be the case outside of the US. In my experience here, though, there’s a whole world of apps and ecosystems that schools for children use now that I’d previously never heard of.
In Europe Whatsapp is the default messaging system. Everything else is cumbersome. Sure Signal is better but only like 3 people have it.
Do what I did and send a message to everyone you care about saying “deleting whatsapp and switching to signal” or something like this.
It’s also a good way to weed out people who aren’t important in your life, I.e people who care about you will most likely install signal to keep in touch.
This is the way. I had a story in WhatsApp for 3 months every day with a picture that I am going to fully switch to Signal and Threema and won’t be available over WhatsApp anymore. As you said, people who want something from me will have to jump over their shadow and write me over one of those. And it absolutely worked, took some time, but it worked. Some people even have signal installed only to text me. The rest just calls or sends SMS. I am from Europe btw. and it worked even though WhatsApp is so strongly used over here.
I have an “Auto-reply” configured for whoever PMs me in whatsapp. Still no one cares surprises me
Telegram is the best. Whatsapp copies everything from it.
Telegram has the best features but it’s not E2E Encrypted by Default. WhatsApp claims it’s E2E Encrypted by default. Signal has proved it’s E2E Encrypted by default.
The only downside to Telegram is it is centralized and you just have to trust them with no e2e encryption. E2E encryption is device locked AFAIK. I want Matrix to be as good as Telegram, then I could just completely switch to Matrix only.
Telegram becomes more and more popular too. They now have 800 m active users.
They’re going to rewrite Element Android/iOS from scratch and it’s looking cool. Desktop apps are going in great direction, with NeoChat, Fractal and Nheko, I see improvements month by month. Calls are still only good working on Element Web, hope that would change.
You should try beeper, it has a waitlist tho
It has Telegram, Matrix, Discord and Android SMS. But I only use Telegram most of the time. And although I found open sourced bridges (backend) I didn’t found frontend. I’m not a target user anyway. But the project does have a potential.
This exactly. If I can’t audit whatsapp to be e2ee, it’s not.
/subscribe
Just wait until you enter the workforce and your company gives you a locked down work computer.
The joys of getting special permission from the IT department so that you can install a browser other than the ancient version of Internet Explorer (no, not Edge) that came preloaded.
I am going to physics feild and hopefully I will use linux there(NASA does)
Much better than having to use my own devices.
Absolutely. I’m convinced that any company that asks employees to use their own devices simply doesn’t understand cybersecurity.
Best case would be giving employees a choice of hardware and software from a list of compatible products, but of course that’s expensive and more work for the business so it seldom happens.
At least in the EU, the GDPR should make some employers reconsider when asking to use personal devices.
The rules can be quite a bit stricter when using a software for professional purposes, and you shouldn’t risk an employee doing whatever they want on their device.
WhatsApp for example would only be legal to use if you have explicit, written consent of all the people you’re going to save to your contacts.
In this day and age they should expect you to bring your own device. But they should also not expect you to install any of their software on your device. You simply remote to their machine. They keep it locked down, you get to use your own equipment for all the things you like (music, your personal email, internet, etc).
Or your tasks should be set up so you can do your work using a web browser (in a container - thanks Firefox) and call it a day.
I use Linux for everything and just remote into the works computers to do theirs. I am happy with that. When I went to another country recently I only brought a Steam Deck and was able to do all the work I needed to do.
I’m going through this after my work was bought out. They forced us onto their locked down computers, and they’re so locked down we literally can’t do our work on it. Execs are trying to come up with a solution, thankfully at least for now they’ve gotten corporate to agree to let us use our old laptops until they do. I think mostly because we’re extremely high value low cost, so if we’re not working, they’re losing a lot of money.
As long as it isn’t my computer, I don’t care.
I remote to all our windows machines from my Linux box which is fine with me. They can lock down their computer, I am just supposed to use what they give me. They pay me, they put the malware on their own machines, so… whatever.
Such a waste of public resources, to not develop (or fund) free and open tools for everyone, instead of paying for temporary licenses for closed software.
Public money public code
Well, we have tor
Yeah some of my University classes mandated the use of this “Lockdown Browser” last year. Pretty sure it’s just spyware that, conveniently, can render HTML
It’s actually a rootkit on Windows which is the worst part.
If they want you to use WhatsApp they can provide you with a device to use it on, then at least it’s completely isolated from your own data and can’t do too much harm.
Ok, but this is reality, and in reality schools don’t give a fuck about these subjects, third world country schools at least.
Btw oficially, in my state, schools use their own forked version of ubuntu (KITE Ubuntu), spevifically designed for school use and has foss programs installed and syllabus teaches only that. But still, since the online class started in 2020, google meet, whatsapp and all of them are “required” by students. The problem is that none of the schools or teachers actually knows why “free software only” in schools were introduced
They don’t give a fuck in first world schools as well
So what do they do when you say “I don’t have a smartphone”?
I hate using WhatsApp for university shit. Wish they just use Telegram or Teams
How are either of those better?
They’re Separate apps I don’t use for everyday communication. I can isolate them
Use signal for everyday communication, two problems solved.
Ah fair point. You could run WhatsApp in a work profile or on a second device, but you’d probably have to jump through some hoops with a second phone number.
For me it’s family and friends wich refuse to switch from whatsapp to signal for example
Fuck WhatsApp. All my homies use Signal.
Sadly all my homies still use WhatsApp. So it’s though for me to switch.
Maybe it’s because I don’t talk to that many people for it to seem significant, but is there an issue with just sending someone a standard text message?
Those are not private at all, whatsapp, as a protocol (so basically xmpp) is pretty good using E2E. Facebook/Meta collects your metadata, but not the messages.
_meta_data
“Text message”? What are we - barbarians?
Seriously though, using text messages these days means that inevitably you will encounter the green vs blue issue. Android and Apple phones don’t play nice with their text messages. Gods help you if you ever get into a group text message thread with multiple Android and Apple phones. Anytime an Apple user reacts to a message it’s sent as a separate text message, “John 🤣 to ‘Check out this meme’”
At least with WhatsApp it puts everyone in the same texting playground.
laughs in beeper (iMessage on Android, RCS on iPhone, and other chat apps like WhatsApp and signal over Matrix bridges)
Saving this for later investigation. The idea of having a “middle man” for supposedly E2E encrypted messages seems skeevy to me though. Is it all open source?
This is such a bummer. Recently one of my friends started considering iPhone just because of this blue/green issue. I hate how big corps are trying their best to f*ck their users
Text messages cost money and only support text
And before someone says MMS, NO. Just, no. I never want to use that shit again.
RCS go brrr
Too little too late imo
Nobody here uses text messages anymore. It’s just old tech I guess
The problem with texts is you cannot leave a group chat. So you’re at the mercy of the group to create a new one or forget about the chat.
I didn’t even think of that downside but yeah, that sucks
exactly. We are 6 guys, me and one other friend tried a lot, but just couldn’t :/
They don’t even have to switch just install it, I have multiple clients for different people and it doesn’t really effect me negatively other than remembering what to message people on
Sadly my friends won’t even do that. Don’t know about family but knowing them they also probably won’t. I expect rhem to not even understand why i want to switch
Then there’s governments banning encrypted messaging apps cuz all the heckkin terrorists are pro privacy and Foss I guess.
Its almost like banning knifes
What’s easier from the teacher/teachers representative, use 1 widely distributed app, or download 100 different messaging programs/interfaces and make sure every student knows the proper channels to contact every other student?
There will always be someone unhappy, let’s try to keep that from being the person who has to do this dance day in and out for the rest of their underfunded lives?
Fine, use one app but make it the Free Software one, then.
Regardless, it is completely unreasonable to dictate that people consent to onerous third-party corporate terms of service in order to access government services, especially ones enforced by truancy laws!
And from their perspective, these requirements change every day!
They want something convenient
I want to agree Meta’s terms of service to get education?
Schools should use a free software messenger instead so that no one is forced to run untrusted apps on their device.
There will always be someone unhappy, but let’s make them unhappy with mild annoyances and not serious privacy violations. I’d rather prefer the Whatsapp users to be unhappy than the Signal users. In a long run it’s doing them a favor.
Ours just use email
100 different messaging programs/interfaces
It’s like four or five. We did this back in the late 90s. Some people used AIM. Some used Yahoo Messenger. Some used ICQ. And some used MSN. We survived.
It was such a common thing that multi-protocol clients like Trillian were popular.
You really want your teachers to read your cryptic emo away messages on written with papyrus?
We survived
Reach for the stars!
At the place I work at, we all are given Azure Virtual Desktops, which we use for everything. I’m working remotely from another country, so there is damned input lag too. Copy/paste, any data transfer is disabled too.
The worst part is we need to use “Remote Desktop” app to connect to our VMs, and it is available for EVERY platform except linux. Like they got browser client, windows, mac os, android, iOS. BUT NOT FOR LINUX. So I use VirtualBox to open windows machine, and use that to connect to VM.
This is sad :(
You could try out the Remmina Linux client’s RDP plugin.
This is their choice not to configure it correctly. You can set up Azure RDP and use Remmina as a front end to FreeRDP or just FreeRDP by itself.
Also why are they using a browser “client”? That is also an odd configuration. You don’t need a special client. I use Firefox on Linux (with a container - love those) to connect to the Azure Desktops.
I do all my windows work from a Linux machine. Recently I traveled to another country and did all my clients Windows (Azure remote desktops) work from a Steam Deck (Arch linux), lol.
wow. I’ll look into this, but last time I tried, that VM discovery thing made it unavailable to setup on linux. The remote desktop app shows available VMs after you authenticate with MS account. This most likely is done deliberately to prevent us from using linux.
I had the same problem here. I solved it by using an app (Element) that gave you the ability to use all messaging apps (WhatsApp, Telegram, Signal) in one. Then I stopped using it because you can’t make video calls or listen to some audio messages.
But you have to setup a custom synapse bridge for element right ? Or did you find public servers ?
Yes! You have to set custom bridge Especially for Whatsapp, you have to set the bridge that expires every 15 days, so on the 15th day, you have to re-download Whatsapp in order to reconnect the bridge. For what you are referring to, the public server stuff there is matrix that is the Element messaging system
ah too bad, I had looked up about the WhatsApp bridge thing but was too lazy to setup the bridge, I was hoping there would be Publix bridges (although bad for privacy)
Guess I’ll have to
threatenconvince my friends to use matrixGuess I’ll have to
threatenconvince my friends to use matrixYeah I think so :'-D
To work or study at my Univ, you have to give your phone number to Microsoft for the 2fa. They pay shitload of money for Office 365 and they are almist forcing us to use that stupid suite. This year I will give an special course on FOSS alternative to my students. Fuck that bullshit hail corporate.
I almost cried when they told me AutoCAD was only available on windows.
In my school we use LibreCAD :)
@starman @Blastasaurus, when i went to school we used paper, ruler and pencil (FOSS)
Back when the architecture font was just how they taught all the architect students to write.
It was a bit creepy to have several friends with the exact same handwriting.
Librecad is great.
LibreChAD
it’s ok just make the account, everyone is using it
🥲
My son’s school created an MS account for him, for christ’s sake! In 1st grade…
What the fuck
Exactly. I was shocked as well. They even wanted us to teach him to memorize the password. In. The. 1st. Grade.
To be frank they probably wanted to have a backup in case we get another corona lockdown so he could use Teams for school. But still!
Decentralised solutions will never be broadly accepted. People care about comfort and ease to use and centralized companies wiill always have the edge in this.
I don’t necessarily need decentralised solutions. I just need free software solutions. There is much comfort and ease in apps like signal
What about when being centralized allows the quality of the product to suffer?
Best option, use graphene and keep the propriety stuff on a separate user profile.
There is also a WhatsApp to go on F-droid . So you need an account then you can use the webapp on the phone.
But yea stuff like that sucks.
You’re assuming they have a google pixel, also the grapheneos founder isn’t trustworthy
If you use discord on a seperate user profile, you’re still using discord, they still get your data. Sandboxing isn’t a perfect solution
The correct thing is to refuse, it is your (or your parents) legally owned hardwarw and they can not control it. They can’t force you to sign privacy policies
The fact that people are saying to comply with what your school says saddens me
Louis Rossmann still recommends GrapheneOS to this day. The drama of a programmer shouldn’t extend to the quality of the (FOSS) code itself.
With FOSS, trust simply isn’t necessary. Anyone can verify the functionality of the code.
It’s still necessary to some degree, but I get what you mean. I don’t quite trust and agree with the Lemmy dev’s because of their response to human right violation denial, it made me switch away from Lemmy.ml to Lemmy.world, but I still trust their software for the same reason you mentioned.
I don’t trust lemmy.world because of their banning of piracy
I don’t trust Lemmy world since they are fascist cuddling neo libs that block any that are not pro NATO
Lol yeah Ukraine should just surrender to the colonialist invaders!
/s
deleted by creator
He have stepped down since march this year I believe. No need to trust , verify. He was a bit of a removed but that doesn’t mean GOS is not trustworthy. Sandboxing on a separate profile ( truee separate which you only get on grapheneOS) combine with VPN , blocklist (VPN or DNS) and no gapps . Not that much. Especially if you run enterprise versions of apps. In EU it wouldn’t be legal.
Depends on your leverage here. But best to change school policy here. In many countries it would not be possible to force people to install WhatsApp or other programs on personal devices. Otherwise they have their own software or use email. Another thing if they provide the hardware.
I actually wanted to see how Graphene works so I was going to install it on my old pixel 3a, but it’s no longer maintained. You know where I can get the last release images for the 3a?
Not sure unfortunately , I should have a copy somewhere actually but hey don’t trust me. I would expect them to have them archived somewhere as well. You could check out the matrix chat and ask there. https://matrix.to/#/!UVEsOAdphEMYhxzTah:grapheneos.org?via=matrix.org&via=tchncs.de&via=nitro.chat