@benoit Not really a rumor, Tensor reuses many parts from Exynos indeed: anandtech.com/show/17032/tenso

But it remains kinda unique in several ways still

@benoit Ideally the app would implement SAF to do just that, so you give it fine-grained permissions over the files you want to share (will be even better with the upcoming photo picker from A13). Or you can share it from your gallery directly, which is what I do for Discord so I don't give it media permission. Or (lots of possibilities heh) Storage Scopes + additional permissions through SAF.

@benoit Premières builds expérimentales déjà dispo avec instructions. 👀

@benoit Je pense que le support va pas tarder, mais avec Android 13 qui sort le mois prochain, la priorité va être compliquée à déterminer... En tout cas je peux dire que flawedworld (un membre du projet) l'a reçu et avait promis de le supporter en un temps record (vu que le gros est déjà fait avec le 6).

I've been working on improving a theme for Hugo and I don't understand why JS is widely used for things pure CSS can do. Sometimes it can feel a bit hacky but I'd rather have that over JS.

Malgré que je sois retombé malade alors que j'ai eu la crève il y a à peine un mois (bien mes anticorps en mousse), j'ai pu faire cet article : wonderfall.space/storage-scope

En espérant que ce soit assez clair, sinon je peux toujours le modifier. Peace

Here's an example: Tachiyomi is a popular manga reader app with offline features that need the invasive WRITE_EXTERNAL_STORAGE permission. It doesn't need that obviously, and should use scoped storage features + SAF. This isn't a problem with Storage Scopes. :)

Show thread

Enter Storage Scopes! When you enable the feature for a given app, it will think it has the necessary access to files/media, but it only has access to its own, well, storage scope. Furthermore, you can manually add directories/files access with the system picker, much like SAF.

Show thread

User profiles were already a powerful to compartmentalize apps further. The same app sandbox rules apply, but you didn't have to fear granting such invasive permissions on a profile w/o your data on it and w/ different encryption keys.

Powerful, but sometimes cumbersome.

Show thread

A new killer feature for GrapheneOS: Storage Scopes. Ever wondered why an app asked for invasive files/media access without really needing it?

While modern apps rely on scoped storage + SAF, most legacy apps have an invasive approach, and even modern apps can misuse permissions.

Here's a vulgarized French article I wrote about just-in-time compilation and its shortcomings: wonderfall.space/just-in-time/

Show thread


That's huge for iOS security! And Safari might suck less:

> Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.

What do you use for a simple SMTP server? Don't feel like maintaining a Postfix server just for notifications, etc.

(Could be a free or very cheap service)

@Seirdy This was a nice read. Two years ago I wrote a similar blog post and I was opposing these two concepts too, albeit with less technical names: "block the crap" versus "blend in with the crowd". I also used the same DNT example since I've found this was a particularly telling example.

I mostly agree with everything, especially in the context of web browsers. Definitely going to recommend that piece.

J'ai publié un nouvel édito, pour parler un peu de tout ou rien : wonderfall.space/petit-edito/

Show older

Just another single-user instance.