UX, not UI. perfect example is you copy something on your laptop and paste it on your phone. trivial on iDevice.
Trivial as in it works well sometimes and badly in other times with no explanation for why. That’s my experience anyway.
Readit Newsbdd8f1df777b commented on iOS allows alternative browser engines in Japan developer.apple.com/suppo... · Posted by u/eklavya
That's not true - you can enable developer mode and install apps via ADB without affecting Play Integrity for other apps on your device. You can test this today.
Play Integrity is focused on checking the OS is original and the runtime environment of the app (your banking app in this case) isn't being messed with. Installing other apps as a developer isn't related to that. If you're not flashing a custom OS or modifying your bank's APK you'll be fine.
(You _should_ be able to use custom OSs and Play Integrity is awful, to be clear - but not because of anything directly relate to normal app development & sideloading)
You are describing the status quo rather than what the Google has said they will do in the future.
bdd8f1df777b commented on Ask HN: The government of my country blocked VPN access. What should I use? · Posted by u/rickybule
Apologies for the rampant paranoia but that all sounds great - but how do I know that advice like this can be trusted, after all you could be an agent of a state security service directing people towards services they want people to use.
NB Just to be clear, I'm not doubting you, but if I was in a situation where my life or liberty was at threat I would be very worried about whose advice to take.
If you have the technical knowledge, you can just read the protocols, find out if they make sense, and then implement them yourself. Most of them are quite straight forward so it's not possible to hide a backdoor like Dual_EC_DRBG in the protocol.
If you are not so technical then you have to decide who to trust. For example, you may trust that open source software has been vetted enough and build one from source. Or trust that the built artefacts downloaded from github is good enough. Or trust that the software downloaded from a website not marked as fraud by Google Chrome is good enough. Etc.
In any case, the more technical knowledge you have, the more confidence you can have by doing due diligence yourself.
bdd8f1df777b commented on Ask HN: The government of my country blocked VPN access. What should I use? · Posted by u/rickybule
Is WebRTC being blocked by China? I'm wondering whether it'd be worthwile to implement an VPN that uses WebRTC as a transport. With cover traffic, it could likely be made to look just like a video call.
WebRTC is not blocked. I do see some protocols trying to masquerade as WebRTC, but for some reason it is not popular.
A primitive way to bypass the censor is just to connect to your VPS with RDP or Chrome Remote Desktop (which is WebRTC underlying) and then browse the Internet there. But it needs a very powerful server and is quite slow.
bdd8f1df777b commented on Ask HN: The government of my country blocked VPN access. What should I use? · Posted by u/rickybule
>Steal other websites' certificates. Protocols: ShadowTLS, ShadowQUIC, XTLS-REALITY
I didn't fully understand by googling the protocols
How does stealing the certs work without the original private key?
Let's say the upstream server is apple.com. The TLS handshake is always performed by the real apple.com servers, and the ShadowTLS server is only a middle man forwarding raw TCP contents.
If both sides are ShadowTLS (client & server) holding the same key, they will stealthily switch to a different encryption protocol after the handshake, disregarding the TLS key exchange. The TLS handshake is a facade to fool the deep packet inspection of the censor.
In all other cases, such as the censor actively probing the ShadowTLS server, the server will keep forwarding the encrypted traffic to apple.com without anyway to decrypt it (it's not a MitM proxy). To the active prober, it is just apple.com all the way.
bdd8f1df777b commented on Ask HN: The government of my country blocked VPN access. What should I use? · Posted by u/rickybule
Does starlink work in China?
No, it’s illegal to bring starlink devices here, and I heard that Elon Musk chooses to block China from accessing starlink too, to appease the Chinese authorities.
bdd8f1df777b commented on Ask HN: The government of my country blocked VPN access. What should I use? · Posted by u/rickybule
If you need to bypass censorship, you'll need a tool specifically designed for anti-censorship, rather than any one repurposed for that.
Since China has the most advanced network censorship, the Chinese have also invented the most advanced anti-censorship tools.
The first generation is shadowsocks. It basically encrypts the traffic from the beginning without any handshakes, so DPI cannot find out its nature. This is very simple and fast and should suffice in most places.
The second generation is the Trojan protocol. The lack of a handshake in shadowsocks is also a distinguishing feature that may alert the censor and the censor can decide to block shadowsocks traffic based on suspicions alone. Trojan instead tries to blend in the vast amount of HTTPS traffic over the Internet by pretending to be a normal Web server protected by HTTPS.
After Trojan, a plethora of protocol based on TLS camouflaging have been invented.
1. Add padding to avoid the TLS-in-TLS traffic characteristics in the original Trojan protocol. Protocols: XTLS-VLESS-VISION.
2. Use QUIC instead of TCP+TLS for better performance (very visible if your latency to your tunnel server is high). Protocols: Hysteria2 and TUIC.
3. Multiplex multiple proxy sessions in one TCP connection. Protocols: h2mux, smux, yamux.
4. Steal other websites' certificates. Protocols: ShadowTLS, ShadowQUIC, XTLS-REALITY.
Oh, and there is masking UDP traffic as ICMP traffic or TCP traffic to bypass ISP's QoS if you are proxying traffic through QUIC. Example: phantun.
Free speech should not be absolute. No right is absolute, a healthy society is a huge compromise.
Stop criticizing CCP for censoring speech then. They have their own definitions of "No right is absolute, a healthy society is a huge compromise.".
bdd8f1df777b commented on What would happen if we didn't use TCP or UDP? github.com/Hawzen/hdp... · Posted by u/Hawzen
SCTP is really cool, I first found out about it because it’s the basis for WebRTC data channels. It’s basically reliable UDP, but you can turn off the reliability if you want. Makes me wonder why QUIC exists when SCTP does…
Others have mentioned protocol ossification which is indeed the primary reason. A secondary reason is that QUIC fuses TLS so its latency is further reduced by one RTT. For high latency networks, the difference is palpable.
bdd8f1df777b commented on Show HN: I scrape Steam data every month and it's yours to download for free gginsights.io... · Posted by u/csmets
It seems to be missing reviews? I have always thought about building my own recommendation engine from steam data, given how steam's own recommendation never works for me.