I have been using rclone for over two years now. Typically, I run cron to copy any new files in the directories that are most important to me.
The combination of rclone and B2 storage is quite effective, especially considering its ease of use and cost efficiency.
They didn't even mention the alternative to this statement.
I've only ran applications with environment variables. And since they're allowed everywhere (lambdas, docker images, heroku and whatnot), It's hard to imagine how passing credentials into code, could've been done otherwise.
I know many services that do this. And even if you fight with customer care for RCA they go silent and pass you around to other team members to whom you need to tell the problem again and again.
Correct. Poorly named, but Android Automotive is the equivalent of the iDrive software that runs in the BMW center panel (in the absence of any other user device)...CarPlay or Android Auto could still overlay that assuming the carmaker supports it.
End to end encryption is not beneficial to any big tech other than some marketing. Then why are they implementing it? Has anyone figured out any reason behind it?
So they don't have to deal with law enforcement. Law enforcement requests tie up a bunch of resources, while also being bad publicity; E2EE lets them wipe their hands of the problem.
At least until governments start implementing laws like Australia's Assistance and Access law, which compels companies to add back-doors on request.
As with everything that involves user data, it’s much easier to implement something that doesn’t have access to it. Otherwise you run the risk of data breach, FCC fines, government abuses (around the world), and so on.
Sometimes it matters. Also, it doesn't always have to be some malicious thing. Could just be that there's a visionary executive with altruistic intents who convinced a higher-up that it's the right move.
But in the case of Signal, remember that it's a nonprofit. And in the case of whatsapp, it's looking more and more like the case above.
Doesn't even have to be a visionary executive. This is one of the decisions where a senior engineer writing the design doc one way or the other can easily make the difference in how the final product looks like.
Also, besides marketing, reduced compliance costs. Once police etc. realize that you can't provide useful data, they stop asking.
When the Snowden leaks came out it was a surprise to Google that the government had tapped the data center to data center connections, as these were private and not thought to be tapped. Eventually all traffic between data centers was encrypted to prevent eavesdropping.
Internally there was a lot of animosity towards the three letter agencies for tapping our lines, so part of the rational was sticking it to them.
Also, once you hire a security engineer for one thing they tend to be pretty vocal about other security issues. They can often stir up enough trouble that it's easier just to add the extra encryption.
Adding this encryption to Google's messenger was probably a couple person-years of effort. So, like, 0.00001% of the budget?
Google started encrypting communications across its data centers (even though they were on private lines) because of this revelation. Here’s a news report from 2013 [1] about this.
It can't be proved that Whatsapp's implementation wasn't tampered with, however. Both server and client are proprietary. It's easy to claim OpenWhisper was implemented while there was someone looking over their shoulders there.
And when dealing with proprietary software, we can't assume benevolence by default, ever. The most defenseless link in the chain, the end-user, needs do be defended.
