@pjacock @gedankenstuecke

Quite so. I just think it will be fine to stick to GitHub for a while. Yet, I or we (depending on the project) need a plan B. And Activity Pub for GitLab with accounts for potentially all collaborators worldwide is not on the horizon. And intricate CI-setups are not simply ported with a few key stroked ...

"You should just use #Ubuntu because it's the easiest one" - this is propaganda for #Shuttleworth and tells me you haven't tried any other distro - or that you use #Arch.

#LinuxMint is fantastic still, #Fedora is my go to recommendation, but with #uBlue and #Bazzite we see a new era of usability focused #distributions.

Add to that the fact that #snaps are a centralizes repository with no third party vendors, and you've got a #vendorlockin.

Ubuntu is the #anticonsumer distribution as a result.

Die #Agenda für den #VendorLockIn <> #Drogen Vortrag beim #Winterkongress der @digigessteht und alle folien sind seid heute Nacht schon mindestens "rudimentär vorhanden" •schulterklopf• :)

Noch zwei Nächte & es wird ein richtig leckereres rundes Ding

SET $vorfreude = TRUE;

@sarahdalgulls Because the ECW driver is not Free Software, full of patents, and its owners have never been open to collaboration with opensource communities over the years.

A lot of users switched to other free formats, even if they can be less efficient in terms of storage.

Note that CoG ( Cloud-Optimized GeoTIFFs ) are now everywhere, since they offer very good streaming capabilities despite lower compression.

@zwartboekaanbesteden #vendorlockin is denk ik toch het meest algemeen en makkelijk om op te zoeken.

@jshaffstall

Anvil looks interesting. Unfortunately, it appears to be 100% proprietary. Even if you're okay with software you can't examine and modify, you appear to be stuck with using the vendor's website/app for designing your app's UI. They also push you hard to use their cloud-based, SaaS-type deployments.

There's an open source runtime you can apparently run your app with once it's built. But who says that's gonna stick around?

Investing a lot of time in building an app that is one proprietary license change away from being impossible to continue to use seems unwise.

@heiseonline

Was für ein absoluter Müll.

Das ist nicht nur ein Abo, sondern auch #Vendorlockin und #righttorepair Einschränkung.

Man wird sich also sicher nicht einfach irgendwelche Akkus kaufen können.

Meinetwegen könnte man Akkus ja irgendwie einmal "freischalten" und sie können dann nur an einem Gerät genutzt werden, oder mit dem Passwort des Käufers in einem Laden wieder entsperrt werden.

Aber so... warum nicht analog festschließen?

@alper : forget the marketing blah about public key encryption; it's advantages are extremely exaggerated.

Just think of each passkey as an extremely strong and unique password tied to the domain name of a website.

The strength of passkeys (the WebAuthn protocol actually) lies in the fact that software (not the user):

1) Insists that the connection uses https;

2) Uses the passkey only if the domain name of the website (as shown in the browser's address bar) is the same (*) as the one used when the passkey was created.

(*) It's a bit more complicated than that: subdomains may be permitted under certain conditions.

Unintentionally logging into a fake website with a look-a-like domain name (phishing) is impossible (an "Adversary in the Middle" attack is possible only if a fake website possesses a certificate deemed valid by your browser, like I wrote about in https://infosec.exchange/@ErikvanStraten/112914050216821746).

However, passkeys suck in practice (Dan Goodin is right), see https://infosec.exchange/@ErikvanStraten/113730072998238596.

@schwa
@dangoodin