.onion might be exempt but while the TLD "." is anycast worldwide for the actual DNS service, Verisign still signs the cert. Isn't that a show-stopper for dependencies on dns-over-https or https altogether or do .cn, .ru, .ir etc all add/replace with their own independent signatures ?

This is more of an attempt at a political stunt. The CCP's website gets a perfect score, admin.ch also gets a perfect score while Switzerland is most-definitely not in the EU.. non-US is more accurate than EU but you only see that when stars start flying.

IMHO: Just scrap the politics and show what regional deps a site has - that'd actually increase value quite a bit.

As a leader, it's important to provide not just the meat but also the veggies. What people end up eating is up to them, but serve the full course! If as a ME, I start deciding who needs to know what, information will be perceived as incomplete because people always talk and engineer are often smart enough to read between the lines. So the transparent umbrella is a great analogy. Communicate bad news as fast and coherently as possible - group meeting with open questions works well for me but be ready to address the potential fears: "In my current assessment, that's not going to be a problem, I'll let you know if that changes." and of course "Thanks for asking, I didn't consider that and I don't know yet. I'll clarify" is a valid answer, if you do indeed clarify.

If you're genuinely stressed with that, talk to your lead about it and they'll find a way to filter a little more while not giving you the feeling of being left out.

Thanks, that's good to know. I suspect WhatsApp's "we're fully E2E encrypted" would be similar too.

It's most software. Cryptography is user-unfriendly. The mechanisms used to make it user friendly sacrifice security.

There's a saying that goes "not your keys not your crypto" but this really extends to everything. If you don't control the keys something else does behind the scenes. A six digit PIN you use to unlock your phone or messaging app doesn't have enough entropy to be secure, even to derive a key-encryption-key.

If you pass a KDF with a hardness of ~5 seconds a four digit PIN to derive a key, then you can brute force the whole 10,000 possible PINs in ~13 hours. After ~6.5 hours you would have a 50% chance of guessing correctly. Six digit PIN would take significantly longer, but most software uses a hardness nowhere near 5 seconds.

Take it a step further, even - "End-to-End-Encryption" is complete security theater if the user doesn't control either end.

We joke and say that maybe Microsoft could engineer a safer architecture, but they can also ship an OTA update changing the code ad-hoc. If the FBI demands cooperation from Microsoft, can they really afford to say "no" to the feds? The architecture was busted from the ground-up for the sort of cryptographic expectations most people have.

> A six digit PIN you use to unlock your phone or messaging app doesn't have enough entropy to be secure

The PIN is not usually used for cryptography, it's used to authorize the TEE (secure enclave) to do it for you. It's usually difficult or impractical to get the keys from the TEE.

A Proton model makes this very simple: full cooperation and handover and virtually nothing to be extracted from the data. Size is somewhat of a metadata, ip connection points and maybe date of first use and when data changes occurred... I'm all for law enforcement, but that job has to be old-school Proof of Work bound and not using blanket data collection and automated speeding ticket mailer.

But I guess it's not done more because the free data can't be analyzed and sold.

This is quite elegant solution.

Kudos to Proton for how they handled it. Granted the email was wrong, and I'm sure they'll fix that process. But most companies don't even bother to write back when you bring something like this to their attention, much less issue an apology.

What's different? From the README I only get that it's trying to match comma's safety as closely as possible - whatever that means

Ability to decouple gas/brake control from steering, so you can control gas/brake yourself and let comma steer at all times. With OpenPilot, when you touch the gas/brake, the steering also stops.

Ability for the comma to read your car's blind spot monitors and automatically change lanes without you having to nudge the wheel.

Ability to use dynamic mode which dynamically switches between chill mode and experimental mode, so you get the best of both worlds.

Ability to fine tune many settings related to gas/brake and steering sensitivity and control that you can't play with in OpenPilot.

That's the main differences i'm aware of, but there are more.

Yes! Absolutely, but only if you want to drive it.

Nice. And it's somewhat relieving to read this over a Starlink connection.

Nice variant to the otherwise sharper or edgier mono fonts (pardon my ignorance for terminology). Personally it feels too "girly" for my taste. Nothing wrong with that - just a personal preference. I'm sure others will like it. Reminds me of wwii-era typewriter fonts and it also has a touch of "comic sans" to it. Thanks for sharing.

thank you so much!