Uh oh

I dont know what that means. Do the oauth creds get shared with a third party or no?

The point is that most of these solutions require me letting an app post on my behalf. I don’t want that.

How does auth work?

Do I have to grant a third party permission to post to my account? Or do I have it auth with my credentials locally?

It helps to download content (like YouTube videos for PeerTube instances) when you’re rate limited

It helps with spam campaigns.

When a critical security bug is open for years on a project with plenty of funding to fix it…

They don’t seem to give a shit about security. I think the well is poisoned. Best to just use apt

Flatpak doesn’t verify signatures like normal package managers do

So the issue isn’t that you downloaded a flatpak that included malicious code. The issue is that you downloaded a legit flatpak and ended up downloading malicious code because flatpak doesn’t verify what it downloads

The sand boxing is a distraction and doesn’t matter if you downloaded malicious code

Pretty fundementale broken IMHO. Its a security nightmare

Sounds like they don’t know how to do security, then

Are the rest of their engineers so incompetent, or only their security department?

Thanks. Unfortunately that site doesn’t load.

Maybe you can email the CEO asking them to check their site on tor browser in strict mode?

Still doesn’t load. Try in tor browser

Site doesn’t load :(

Got a link to Ms VoIP?

Googling it just gives info on Skype shutting down

Does that let you have a voicemail?

I’ve long wanted a cheap way to setup a phone, when rung, picks up and plays a message telling the caller to email me. But everything I found for this is wayy more expensive than $12/yr

The transition will happen faster if carbon emissions are banned

Just call your politician and demand a fossil fuel emission ban

God damn, I’ve needed this for years

Yes; it’s not an OS

Malware. You downloaded something without checking if it was altered in transit maliciously