twix

joined 1 year ago
110
submitted 8 months ago* (last edited 8 months ago) by twix@infosec.pub to c/games@lemmy.world
 

My girlfriend has never really gamed. But she’s now forced to move less than she would like to (health problem) and she’s getting bored. I was thinking of introducing her to a game or two that we could play together. She’s not the real action game type, and seeing as she has no experience with controller/mouse and keyboard I was thinking starting simple.

I can’t think of anything else than Factorio, as she likes organizing/keeping track of stuff.

Would you recommend against that or have anything better in mind? Let me know!

[–] twix@infosec.pub 4 points 9 months ago (8 children)

Well, on the other hand, do you just understand how simple cards work? I for sure don’t and I don’t see why I would need a chip from my provider to access it’s services, if I can get a digital key instead.

[–] twix@infosec.pub 1 points 11 months ago (1 children)

Yeah, sorry, I got confused. Beeper mini does need servers to keep the notification service alive. And thus not crazy to ask for 2$ a month. Beeper cloud could indeed do without servers I guess, but I don’t know anything about that. I was just keeping up with the development of pypush (the python poc) and reverse engineering progress.

I don’t understand your point of “you have to log in with a google account”. I understood that was a requirement to check subscription status (and as such limit fraudulent apk’s).

But that seems to be a different story than “opensourcing this would mean a competitor could do it for free”.

You can already do this for free with pypush. And if you want to use something else then python you could build something based on it with any language as pypush is completely open source.

[–] twix@infosec.pub 5 points 11 months ago (3 children)

They do have to run servers in order to keep the service alive. If you want to run this stuff yourself on your own server that’s possible using PyPush. The reason they have to run those servers for you is to keep the notification service alive.

[–] twix@infosec.pub 2 points 11 months ago (6 children)

Having someone else with the decryption keys is not how e2e works. E2E is a pretty solid and proven system, and I have yet to find a solid source about “big tech holding the keys”.

[–] twix@infosec.pub 2 points 11 months ago (8 children)

Sadly the same thing has been happening on the android side (a quick google search seems to confirm this). Possible exploits reported but not patched in a timely manner. In general I feel like the Apple bug bounty problem has been swift, although indeed failing from time to time to reward an original reporter. I have not been keeping a close eye on the android side but I imagine the same has been happening. Apple has started to offer e2e encryption on iCloud data blocking even CIA/FBI access. And next to that, seeing I’m based in Europe (and so my data should too) I don’t feel like the patriot act has any impact on me.

[–] twix@infosec.pub 1 points 11 months ago (10 children)

I haven’t heard about google testing hardware based attacks on their chips, which I suppose could be caused by android running on a wide variety of chips instead of a few home-developed ones. Next to that Apple has had a bug bounty program for ages, that pays well and covers a wide range of attacks. Not hosting open hackathons has perhaps something to do with public brand image, but Apple shouldn’t be discredited regarding rewarding the findings of bugs and exploits.