Why can't stores take over the "verification" process (like they do already)? Why do app developers have to be verified themselves, why does the verification have to be done by google? There are so many options, why choose google of all companies? Just laziness?
At what point will you draw the line between "the user wants to do this because of his/her free will" and "the user wants to do this because someone else told them to"? Where will you stop?
All of this is just a bandaid, so why not stop at the state we are at _right now_, without some kind of 24h-long process to enable sideloading and let people be people? Yes, people make mistakes. But that is not your responsibility, especially if it comes at the cost of freedom. The most secure android device would probably be a brick, but you won't sell these, right?
Please instead take these resources and invest them into the app verification process in the play store. Way too many scams are right under your nose, no need to search in places where people are happy with the status quo.
I only trust this once they have finally detailed how they will allow "easy sideloading" (See one of the last fdroid news on this, currently google is on track to basically ban sideloading as it exists) and what exactly means "registered app store program".
This made me laugh. I agree that's a plus! Auto updates are mostly bad. Look at the state of extensions on vscode. The permissions combined with silent updates is scary
Re your last paragraphs: I think RMS really meant just the Linux kernel when he wrote that(the topic is drivers, after all), not GNU/Linux, the OS or GNU/Linux, "the system". So it can be argued that he isn't really contradicting himself
Ok, then I don't pay you for advertising. On an entirely unrelated note, could I buy a spot on your website(e.g. at the top) to put a piece of my own website on it? You have a news website, right? And I also have some news to share.
I don't think that would be much different from "renting a billboard to place whatever you want on it".
If what you put up on that billboard is an ad, then it's advertising and would be covered. If not, it wouldn't. So you could rent a spot on the website, but you couldn't put promotions on it.
This would be distinct from ordinary web hosting because you're not just renting a space on a site, you're also renting exposure (a spot on some other website).
Sure, you could probably find edge cases - "what if I put a table of contents on my page with every page URL on every site on my web host on it" - but the distinction would be clear most of the time.
But what if I rent a space on your website that I can fill however I want? And then, coincidentally, I praise my products on that rented space. How is that different from... other hosting offers?
Judges and juries are people with common sense, not robots you can easily trick. What did you advertise to clients? It would still be legal to host someone else's content; it would have to be clearly marked as theirs. None of this nonsense where newspapers rent out sections of their website and brand name to advertising companies (IIRC Forbes Business is this — a completely different company renting a sub–URL and sub–brand)
I "solved" this by adding a fail2ban rule for everyone accessing specific commits (no one does that 3 times in a row) and then blocking the following ASs completely (just too many IPs coming from those, feel free to look them up yourself):
136907 23724 9808 4808 37963 45102. And after that: sweet silence.
How to block ASs? Just write a small script that queries all of their subnets once (even if it changes, its not so much to have an impact) and add them to a nft set (nft will take care of aggregating these into continouus blocks). Then just make nft reject requests from this set.
I just counted the list of supported formats and landed at 35. This is still impressive, but if even this simple fact is wrong in the project description("40+ formats!!!"), I have no faith at all that any of this actually works.
