cttttt
Whoever made this has never used Google Cloud Platform.
I’m not sure if it’s part of a TLS standard yet but I was talking about encrypted SNI (ECH, formerly called ESNI).
Today, early on in a TLS connection, the client actually tells the server, in plain text, the domain name it’s intending to communicate with. The server then presents a response that only the owner of that domain can produce, then keys are exchanged and the connection progresses, encrypted. This was required to allow a single server to serve traffic on multiple domains. Before this, a server on an IP:Port combo could only serve traffic on a single domain.
But because of this, a man in the middle can just read the ClientHello and learn the domain you’re intending to connect to. They can’t intercept any encapsulated data (e.g. at the HTTP level, in the case of web traffic) but they can learn the domains you’re accessing.
ECH promises to make the real ClientHello encrypted by proceeding it with a fake ClientHello. The response will contain enough information to fetch a key that can be used to encrypt the real ClientHello. Only the server will be able to decrypt this.
And your ISP can still see which domains you’re going to if you use them as your DNS.
Just so you know, because TLS SNI is not encrypted and not yet universally obfuscated (adoption of this is pretty slow and one of the largest CDN providers had to pause their rollout last I checked), not-even-barely-deep packet inspection can be used to track the sites you visit regardless of your DNS provider or wherever resolution is encrypted. Just do a packet dump and see.
Also, if a website isn’t fronted by one of the most popular CDN providers in existence, it can be possible to infer the sites you’re visiting based on their server IP addresses.
Although this just shifts where tracking can occur, a VPN is the only reliable way to maybe prevent your ISP from tracking the sites you visit, if this is your desire.
When the 3.5-less trend started setting in, I still had a phone with a headphone jack but started looking into wireless Bluetooth digital audio convertors just to prepare myself for the reality that it’ll eventually be hard to find a phone that’s both…good…and that I could plug my IEMs into.
One I settled on was the Radsone ES100. Besides allowing me to continue to use my headphones, one feature I really liked was its ability to store equalizer settings that could be used with any source, whether it be a Bluetooth device or one I plug the DAC into via USB. I found that there were equalizer apps for Android, but they kept getting killed because of memory limitations I guess. This device externalized the EQ.
Anyways some of the folks who made that branched off and made an even better version, the Qudelix 5K. It has the same features but does a better job of simultaneously connecting to multiple devices (but sadly it doesn’t mix the sources…it just has a priority 😔😔😔😔). So I grabbed that upgrade and now the headphone side of my audio is locked in.
I found that getting a Bluetooth DAC helped me feel better about the trend of removing a standard audio connector from devices (which I gotta say, still makes no sense). It still frustrates me that I need to walk around with another device and the limitations of Bluetooth are annoying, but the cool thing is that when my last 3.5mm jack equip device (OnePlus 5) just stopped turning on, I just grabbed a random replacement phone (Pixel 5) and kept the same audio chain.
tl;dr - Consider just accepting that this is the trend for phones these days and try a portable Bluetooth (or even USB) DAC. When you find one you like, moving to any source will be less stressful. It won’t matter if it has a headphone jack: you’ll be able to focus on other features or even just get a less costly device that’ll sound identical to what u know.
If all computer hardware was a single solid colour and just worked, there would be fewer reasons to replace it or pay more for different models. It’s like skins in an online game: if you give people a choice, some will pay more just because something looks different…some will buy yet another one because it, too looks different.
I’ve always found this take on in-product purchases and subscriptions weird.
You are right that they’re allowed to do whatever they want, but…this is just my personal take…the value proposition for Nitro is pretty low as it is. Trying to get more than a subscription from me is a bit of a turn off and makes me want to reach for the cancel subscription button (actually, my subscription is currently in this state through to the renewal date because of the nags about paid borders and stuff).
I do this with this and also other services that want to upsell beyond a premium or support the platform experience. If I’m already supporting the platform, the first time I’m asked to support it more is when I cancel the subscription. Then they have the uphill battle of convincing me to resubscribe in the future.
Stated differently, if they don’t remind me I’m subscribed, I’d just keep paying. If they remind me by asking me to pay for things over and above a subscription, I’m suddenly trying to find the true value of the new thing, and also in the next subscription payment. If I can’t decide within a few minutes, I always just hit cancel.
You’re not alone. Especially over the past few months, fonts on mobile seemed slightly off. The new design looks way better in comparison as the typography is consistent across the entire app.
I dunno. Just speculation (here’s a grain of salt but) people may be sick of Nitro because of all the features that Nitro users are asked to pay more for. It’s weird to remind people who are paying a subscription for an app that there’s a store where they can pay more for stuff.
I’m kinda scared that the trailer was knee deep in “from the ____ who did _____ .”
Granted, it’s a teaser trailer, but it would have been cool to see a little more of what this show has to offer. e.g. The Boyz is great, because the story adapted from it’s source material was already interesting. I’d love to learn more about the story of this adaptation, esp since there’s a lot they’d have to do to turn the non linear, choose your own adventure source material into a non-interactive story.
Feels like the showrunners and story writers would have the opposite challenge of, say, The Last of Us. There, it was all about retelling an existing story and resisting the urge to reinvent too much.
Here they’d need to pick one of many stories and fill in a bunch of gaps.
Hope it works out 🤞🙏
It’s more down to trust and attestation than a technical implementation. Whoever makes an NFC payment system needs to prove to payment processors that the chain of software and hardware from the payment terminal to whatever proves you’re the account holder (a card or a phone) can be identified. And, separately, the implementation needs to be audited.
This may sound like they’re trying to make this horrible walled garden on the surface, but bank users expect their money to not get stolen. And if it is, they expect the bank to make that problem disappear. The bank can only provide these assurances if they control everything.
This is why they use hardware attestation and a chain of trust all the way through to the OS to identify the specific implementation of an NFC payment system. They want to know they can go after whoever created the buggy NFC payment implementation to recover the money or to least stop partnering with them.
Not a lot of FOSS developers would go through the trouble.