Good point. The first repo, anon-vpn, has single commit made 3 weeks ago.
Security sensitive software require time, review or audit. Let’s give this time. It may take from a few months to 2 years until there’s enough scrutiny to either confirm it’s safe, or reveal problems.
Until them, keep using well-known open-source software.
Debian trixie has a fix https://security-tracker.debian.org/tracker/CVE-2026-31431
Are you aware of the Piefed API? It’s provided specifically to allow building front-ends and bots while avoiding scrapping.
The article focuses on techniques that help bots spoof browsers, to make them impersonate a typical human visitor.
It’s not obvious how this helps people protect themselves against surveillance while being online. Using python scripting is not a practical way to browse. But it’s handy to write scrappers.
It’s certainly useful to misbehaving bots that try to evade anti-bots protection.
That’s true. The reason is there’s lots of bot traffic spoofing real users, sometimes even going through residential proxies.
When bots spoof users well, the last option for projects is use these PoW captcha that annoy everyone. Enshitification continues.
By spoofing the fingerprint, developers can make their automated tools impersonate real users more convincingly, thereby bypassing bot detections.
Many OSS projects and personal web servers have bot detection because they would otherwise drown under (AI) scrappers and other bots traffic. Hosting or bandwidth cost is often unsustainable without bot protection.
If you don’t want to kill these projects, honor robots.txt by default, use throttling, don’t try to circumvent bot blocks. Look if there’s a purpose built API available to bots. If they don’t want to offert such API, go find something else to do.
Vendor support. Some hardware and software vendors still only care about Windows.
XMPP, Conversations is a Nice Android client.
If they sell 2 variants of the Steam Machine, they could remove HDMI from one , and just put it in the more expensive variant, to reflect the extra headaches and cost that comes from HDMI.
That’d encourage people to get screens with DisplayPort. Many computer screens have DP.
Or even better, drop HDMI support in favor of displayport
I mostly agree. But would be more nuanced regarding Github Advanced Security.
Most features grouped under “Advanced Security” looks quite useful https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security Sadly Microsoft has to sneak copilot in there, but the rest of it looks good.
It’s probably possible to get most of these features while avoiding copilot by staying away from Github. There are other code hosting platforms, and most support CI pipelines. Scans can be added to pipelines even if those platforms don’t support scans out of the box.
Caling your MEP is more efficient.
If you understand the security implications, you probably won’t enable it.
The sad thing is you paid to get a car with a TCU, then paid a mechnic to remove it. Assuming you’re not a mechnic/hobbist yourself.
It’s good that Mozilla is shaming car companies and shining a spotlight on the issue. Journalists need to ask about tracking and privacy when a new car model comes out. Buyer should ask sellers the same.
That’d be ideal, and would affect adtech’s ability to track without consent. So that’s a good goal.
Requiring adtech to honor an automated signal would still be progress, hopefully reducing enshittification and making it easier to refuse tracking.
It would be an extra bit or 2 that could be included in fingerprint. IMHO it’s worth it if there’s regulation that makes it easier to go after companies that ignore those signals