Huh. I’ve played around with D a few years ago… don’t exactly remember his opinions coming to light, but I can’t say I’m surprised either.
Google’s extension of RCS does do e2ee, which raises the question of “what happens to security when you talk to a non-Google user”…
It does not. The fingerprint always only unlocks the device’s HSM (“secure enclave” in Apple speak).
Between your devices enrolled in the ecosystem, private keys are synced securely (AFAIK, they make it so that an existing device’s HSM encrypts keys using the pubkey of the new one’s HSM); for signing up using your device on someone else’s computer there’s a process that combines QR codes with Bluetooth communication.
Note that you pretty much can’t store them with Google or Apple; smartphone biometric sensors operate the on-device HSM, not something remote.
IIUC Apple syncs them using the most secure way they can, i.e. when you enroll a new device to your account the existing device, the existing device’s HSM encrypts keys using the pubkey of the new one’s HSM; and for recovery from being left with 0 Apple devices there might be (?) an escrow option that’s optional (?)
My next web stack: chota.css, verga.js, poronga.html & pija.php :D
Look for used ThinkPads with Ryzen, I bought an L14g2 (5850U+16GB) for about 600 USD and it’s just amazing value
Oh cool… mm, do we have a GNOME forum on this here threadiverse?
That refcount++ and refcount-- needs to be synchronized between threads
Only for things that you specifically want shared between threads – namely this (synchronized refcount) is an std::sync::Arc
. What you want to share really depends on the app; in database-backed web services it’s quite common to have pretty much zero state shared across threads. Multithreaded environment doesn’t imply sharing!
Moved most of my stuff there a while ago, has been pretty great.