Thread

Zero-JS Hypermedia Browser

Relays: 5
Replies: 10
Generated: 12:29:39
avatar
Final final@stacker.news npub1hxx7...g75y
We no longer have any active servers in France and are continuing the process of leaving OVH. We'll be rotating our TLS keys and Let's Encrypt account keys pinned via accounturi. DNSSEC keys may also be rotated. Our backups are encrypted and can remain on OVH for now. Our App Store verifies the app store metadata with a cryptographic signature and downgrade protection along with verification of the packages. Android's package manager also has another layer of signature verification and downgrade protection. Our System Updater verifies updates with a cryptographic signature and downgrade protection along with another layer of both in update_engine and a third layer of both via verified boot. Signing channel release channel names is planned too. Our update mirrors are currently hosted on sponsored servers from ReliableSite (Los Angeles, Miami) and Tempest (London). London is a temporary location due to an emergency move from a provider which left the dedicated server business and will move. More sponsored update mirrors are coming. Our ns1 anycast network is on Vultr and our ns2 anycast network is on BuyVM since both support BGP for announcing our own IP space. We're moving our main website/network servers used for default OS connections to a mix of Vultr+BuyVM locations. We have 5 servers in Canada with OVH with more than static content and basic network services: email, Matrix, discussion forum, Mastodon and attestation. Our plan is to move these to Netcup root servers or a similar provider short term and then colocated servers in Toronto long term. France isn't a safe country for open source privacy projects. They expect backdoors in encryption and for device access too. Secure devices and services are not going to be allowed. We don't feel safe using OVH for even a static website with servers in Canada/US via their Canada/US subsidiaries. We were likely going to be able to release #GrapheneOS for experimental Pixel 10 support very soon and it's getting disrupted because of this. The attacks on our team continue to escalate. It is rough right now and your support is appreciated. Let's release soon. nostr:nevent1qqsxn3a4cg7fw8cs34nxvfwupryr3pgww2wrt4dfjeh4dxdt4w9wsqqpzpmhxue69uhkummnw3ezumt0d5hsyg9e3hk5e6h2ypusm09ncv2qq6fqp8f5clueylpgdq66nxm5sxjuygpsgqqqqqqsfvas3s
2025-11-24 20:14:35 from 1 relay(s) 8 replies ↓
Login to reply

Replies (10)

npub1ah3a...l76e
What they say, but for your Ledger hardware wallet device. Backdoors aka "Recovery"! nostr:nevent1qqs88euxgsmvuz3nedwytfcspwzyd6hpnzk4tuj8976ghqczgnyesfcppamhxue69uhkummnw3ezumt0d5pzpwvda4xw463q0yxmev7rzsqxjgqf6dx8lxf8c2rgxk5ekayp5hpzqvzqqqqqqyfwdz5n
2025-11-24 20:23:27 from 1 relay(s) ↑ Parent 1 replies ↓ Reply
npub1lrxc...q947
If you are out there and you are French - go fuck yourself. nostr:nevent1qqs88euxgsmvuz3nedwytfcspwzyd6hpnzk4tuj8976ghqczgnyesfcqnudur
2025-11-24 20:34:04 from 1 relay(s) ↑ Parent Reply
avatar
Lyudmyla Kozlovska lyuda_ODF@BitcoinNostr.com npub13ajk...2yd9
This is an example of why we need to have safe space for developers, investors and users in the western countries. Without it we will not have privacy tools anywhere. You can deny importance of advocacy for privacy of payment and communication, but its fundamental role will bring you back to reality. So use your voice to defend privacy, or support those who are willing to do it. nostr:nevent1qqs88euxgsmvuz3nedwytfcspwzyd6hpnzk4tuj8976ghqczgnyesfcqnudur
2025-11-25 07:53:20 from 1 relay(s) ↑ Parent 2 replies ↓ Reply