Not that it means a lot, but any inndvations it the “pack of card” games lately?

How else wold you feel a sense of pride and accomplishment, unless you constantly paid for it?

Certificate pinning?

Also all let’s encrypt certs are public. So if someone malicious gets a cert for your domain, you can notice.

(Thats also why it may be a bad idea to use that for secretButPublicStuff.Yourdomain.com certificate transparency logs are a great way to find attack surface.)

edit oh certificate pinning has been deprecated in favor of checking transparency logs.

Wasn’t that somewhat how Q-anon started?

Aren’t all (most?) those centralized services? What good is having the app if the service is unavailable? Tox, Jamie and Veilidchat are fully decentralized, not just federated, fully decentralized. They come with their own downsides though…

They have an exclusive deal with Epic. So no Steam/GOG for the forseeable future. They say the game would not have happened wnthout the money from Epic.

I guess the DRM-free version was the best deal they could get…

Imo the most important thing is the separation of what you do. If you’re logged in on facebook, you can do that from your public ip. Anything you’re not associated with your name you want to use a diffferent browser identity and maybe a different ip.

If you use Torrents or do anything illegal or whistleblowing or similar stuff, use a live linux iso with no persistence and a vpn bought with monero.

Ok, but how does the password file get compromised but the 2FA file not? Why not have a separate password file for every login with a different password then?

They probably can. jut every hack done has the possibility of spoiling the exploit. A good exploit can cost a million $. So if hacking you is worth more then say 100k to them, you’re in trouble. Otherwise they will only target you with everyday surveilance.