Exactly, because as cool as this donation is, 3.6M$ is basically nothing when it comes to public infrastructure like that.

You missed the joke. You lack meme education.

https://knowyourmeme.com/memes/the-alot

Flightradar type tracking sites i assume. Until they actually engage militarily, they will have their tracking signal broadcasting as usual i would hope.

The previous record was actually Hades 2 which surprised me too.

Yes of course you CAN make it safe in theory, but unless you run the web interface locally or on your own server, you cant be certain that the javascript delivered to you from the hoster hasnt been modified. Its like having autoupdates on but you have zero control over when or how the updates take place, because every time you open the page it could be different code from the last time.

So as long as you trust the encryption algorithm (which in elements case you definetly can, because it is OSS)

How do you know that the code on elements github repo is actually the same code that you get delivered from your homeserver that is hosting the web client? Your homeserver can just modify the web clients code however it wants and deliver a backdoored or faulty version to you. Which means you dont just have to trust the open source code, but also the admin who is managing the homeserver and also the hosting provider.

Is this really so hard to understand? Literally the entire client is delivered on demand from a remote server, obviously that is insecure if you dont control that server.

Just set it up so that the resulting .kdbx database file is always instantly synced between your devices whenever you make changes. Everything is in that file and all keepass versions can open it. I use syncthing for this because it doesnt require a server, but you can use nextcloud or whatever you have available. With syncthing it always just keeps the most recently modified version.

Alots are underappreciated a lot.

This is the kind of thing that machine learning is very very good at. Its never going to be perfect but its definitely gonna outperform humans.

KeepassXC is the goat :)

The database file is encrypted so its fine to sync it however you like. I use syncthing for it which is p2p. Obviously set a very good password on it if you sync it through unsecure channels.

I believe those slop candidates are actually overall worse if you think into the future for more than the next 4 years (which people really should). They prevent the US from going into a charged enough state to enact actual change. They are the pacifier that keeps people inactive.

Bro i have my bank details, all my private 2FA, work 2FA, health insurance access, my families master passwords, steam access, and more in there. Its literally the most important piece of software that can exist in this day and age. No im not taking chances with that. The only thing you can do with my physical wallet if you rob me is buy something up to 20€ beyond which you need the cards pin. Everything else i can just deactivate by calling the relevant parties.

But on another note, websites have never really been resistant to MITM attacks. So you dont just have to trust the hoster but also everything in between you and them.

Lets be real, if the US population votes in a democrat that isnt at least as left as Bernie or Mamdani, the US will just incrementally move further and further right. Yes its better to get any democrat over a republican, but it wont save the US long term. Its rotten to the core and needs a healthy cleaning from the inside out.

Easy solution. Stop using apple devices…

There is no way to patch the inherent flaw that comes with delivering client software through a web browser. If the entire client is delivered as a web page from a server you dont control, then that server can modify the software however it pleases. Same applies to e2ee encrypted chat clients that run as a web page like element-web (browser based matrix client).

Yes, if you arent self hosting the web interface or using the desktop client.

OMFG can people please fucking go away with this stupid “password managers are worthless” bullshit today. They are exactly as secure as promised, unless you went to the obviously shady ones that use web interfaces. People have been saying this for years, if you want security, keep your password manager offline.

I mean the fact that they dont have any access controls on their servers should tell you how technically competent those cops are.

In germany its also catastrophic. I remember three stories off the top of my head where security researchers were raided or sued after properly reporting massive security issues in company software.

I got super lucky and got a 6950XT for free so now im set for another 5-10 years if nothing breaks. Well i say lucky, but i inherited it because someone close to me died…

Yeah i saw that back then, it happened multiple time with different organizations iirc.