I kept an open mind despite the knife. What he did at camp, though: that was his death sentence.

One thing I haven’t figured out yet: Is someone teleporting Astarion’s body to each new camp we set up, or is he just playing dead and stealthily following us whenever we relocate?

Use Tor.

Do you mean Tor Browser? Because using Tor alone won’t stop fingerprinting.

Related: A very similar question posted by the same person yesterday.

How to turn them square?

I don’t think yt-dlp has built-in image cropping, so it’s just going to download thumbnails in the resolutions provided by the server. (See the --list-thumbnails option.) To crop what you download, consider a tool like (ImageMagick)(https://imagemagick.org/).

Obviously you need someone joining the room for the room metadata to be shared between homeservers.

Well then, your assertion that Matrix gives it freely is false.

Not so with Matrix, where a joining homeserver get full retroactive access to all the room metadata since the room’s creation.

This is false, too. Historical event visibility is controlled by a room setting. (And if you don’t trust admins of a sensitive room to configure for privacy, then you’re going to have bigger problems, no matter what platform it’s on.)

Edit: I suppose you might argue that you can bypass this by running your own homeserver and attempting to join the room from it, thereby granting visibility not through joining (as you wrote), but instead through federation with the server you control. The thing is, you can’t do it without permission. Room admins can simply deny your join request when they see what server you’re on. This might make sense in a particularly sensitive room, for example, just as it would to restrict history visibility.

you really need to stop privacy LARPing

LARPing? I’m not the one stirring up drama with falsehoods and patronizing snark, am I? Farewell.

Matrix stores all this info and gives it freely to other servers retroactively(!)

Can you show me the part of the spec that allows a server with no room members to get private room info from another server? I’m skeptical, but if true, I believe that would be worth reporting as a bug.

network layer sniffing (which is anyway much harder to do)

You’re funny.

The network layer of all internet servers reveals almost everything you listed. Signal has the same problem, and there’s nothing they can do about that. The only way to avoid it is to use a completely peer-to-peer model (Matrix has started work on this, btw) and avoid communicating across network routes that can be monitored.

There might be one exception, depending on what you mean by “Accounts”: The user IDs participating in a room can be seen by server operators and room members. But then again, server operators can already see their users’ IP addresses (which is arguably more sensitive than a user ID), and I believe room members have to be allowed into the room in order to see them. For most of us, that’s fine. Far from a disaster.

Human behavior is funny, isn’t it? No matter what the topic, there are always people around who like to repeat criticism they heard from someone else, even if it’s so vague as to be useless (“metadata disaster”) or they don’t understand the details at all.

It’s not a disaster. A few minor bits of metadata (avatars and reactions, IIRC) haven’t been moved into the encrypted part of the protocol yet. If that’s a problem for your use case, then you might want to choose a platform with different flaws, or simply avoid those features. It’s already good enough for the needs of many privacy-minded folks, though, and it continues to get better.

I couldn’t bring myself to watch more than half of this.

tl;dr: This video is a misleading, sensationalist, bad-fath, hit piece. It’s constructed upon faulty logic, fear of things used or supported by governments, and a single anonymous person’s poorly-reasoned conclusions.

Not a Google fan, huh?

Maybe a pool of big corp captive portal / connectivity test servers? For example:

https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#captive-portal

https://android.googlesource.com/platform/frameworks/base/+/refs/tags/android-9.0.0_r49/services/core/java/com/android/server/connectivity/NetworkMonitor.java#101

but unpopular opinion?

I don’t think Tencent’s involvement is common knowledge among BG3 players. It’s hard to have an opinion about something you’re unaware of.

I wish they had done it without Tencent.

I’m on Debian Stable (with a few backported packages) for both work and gaming. It’s not the most beginner-friendly distro, but I’m no beginner, and I love how low-maintenance it is. It just keeps on working.

I would like to try Qubes OS eventually. I don’t think it will be ready for gaming any time soon, but for privacy and security-minded isolation of components, I expect it’s tough to beat.

I don’t like closed systems, vendor lock-in, overpriced tools, or buying equipment that I’ll never truly own.

I absolutely love the candor in that statement. Thanks for posting it.

“due to to an issue with the digital code supply chain that was outside our control.”

Looks like they owned someone else’s mistake. Props.

I remember Owlbear Rodeo being mentioned from time to time a few years ago, but I didn’t keep track of it. Wasn’t it originally free? Did it go commercial?

It’s not free though, so I’m not sure it falls under the FOSS label.

Parts of it are MIT-licensed, and therefore qualify as FOSS. (The “free” in FOSS is not about price.) Example: https://github.com/foundryvtt/dnd5e

it’s not FOSS at all.

Foundry’s core is not, but other parts of it are FOSS.

For example: https://github.com/foundryvtt/dnd5e