Replied in thread
Kompatibilität dank offener Schnittstellen statt "vendor lock-in"-Kompatibilität!
Recent searches
Search options
Administered by:
#vendorlockin
1 post1 participant0 posts today
If you're using #Microsoft #OneNote, you will face disadvantages when you don't switch to #Windows11 soon:
You are forced to "One Note on Windows" which requires a #Microsoft365 account. If you want to keep your previous computer/OS, your synchronization speed gets reduced just to punish your disobedience: https://www.windowslatest.com/2025/03/24/microsoft-will-intentionally-slow-onenote-for-windows-10-so-you-ditch-it-faster/
For anything that requires a certain amount of privacy/security, for anything long-term (avoiding #lockin effects), OneNote was a bad idea in the first place.
People who started with the original OneNote already faced data loss when MS forced them into the then mediocre cloud version in 2018: https://karl-voit.at/2018/04/21/end-of-OneNote/
My recommendation: re-evaluate your requirements and switch to a much better long-term alternative, such as #Emacs #Orgmode & not yet another hip lock-in monster like #Obsidian, #Evernote or other closed source #cloud solutions: https://karl-voit.at/2021/01/18/tool-choices/
https://en.wikipedia.org/wiki/Comparison_of_note-taking_software
Windows Latest · Microsoft will intentionally slow OneNote for Windows 10, so you ditch it fasterMicrosoft has confirmed that it's killing off "OneNote for Windows 10," but it also plans to force the legacy app's sync to run slower.
Geliebte Sucht – Die Vendor Lock-in durchsetzte IT Drogenszene"
Beim #Winterkongress der @digiges 
durfte ich über #Geopolitik & #Vendorlockin in 
und was das mit Sucht ähnlichen Abhänigkeiten und #Risikomangemant zu tun hat
#Linkedin Post: https://www.linkedin.com/posts/lars-hohl-89265a20_geopolitik-vendorlockin-riskomangement-activity-7307482470520688642-ADGl
Komplettes Video: https://media.ccc.de/v/dgwk2025-56337-geliebte-sucht-die-vendor
Replied in thread
@tsongloong Wellicht? De hoogste tijd!
Maar veel belangrijker: Zorg voor handhaving van de AVG! Het kan niet zo zijn dat een USA partij die in het gehele onderwijs wordt gebruikt nog jaren ongestraft door kan gaan met de grootste dataroof aller tijden.
Dus hebben jullie al een handhavingsverzoek bij de AP gedaan? 
En neem dan ook gelijk Google Zoeken en Google Maps mee, dat zijn ook zogenaamde "aanvullende diensten".
1/4
Replied in thread
"You should just use #Ubuntu because it's the easiest one" - this is propaganda for #Shuttleworth and tells me you haven't tried any other distro - or that you use #Arch.
#LinuxMint is fantastic still, #Fedora is my go to recommendation, but with #uBlue and #Bazzite we see a new era of usability focused #distributions.
Add to that the fact that #snaps are a centralizes repository with no third party vendors, and you've got a #vendorlockin.
Ubuntu is the #anticonsumer distribution as a result.
#Windows Safty Exit #Sticker & lecker süße #MagicMushrooms
Die Echtwelt #TakeAways vom IT #Drogen Talk zu #VendorLockIn beim #Winterkongress der @digigesging weg wie warme Semmel.
Continued thread
Die #Agenda für den #VendorLockIn <> #Drogen Vortrag beim #Winterkongress der @digigessteht und alle folien sind seid heute Nacht schon mindestens "rudimentär vorhanden" •schulterklopf• :)
Noch zwei Nächte & es wird ein richtig leckereres rundes Ding
SET $vorfreude = TRUE;
Was mein Essen von gestern mit #Sucht und #VendorLockIn zu tun hat, erfahrt ihr dann am Samstag beim #Winterkongress der @digiges in deroder später auf media.ccc.de.
P.S.: Könnte USA bitte mal aufhören so freizudrehen, damit ich dem Spin des Vortrags nicht nochmal ändern muss?
I created the fist issue for the #OpenLLM #Europe #manifesto on GitHub:
Move to Free and Open Source Software (FOSS) infrastructure
I suggest to move the software development to a real Free and Open Source Software (#FOSS) hosting platform, to ensure #strategic #autonomy and #digital #sovereignty. With starting the project on GitHub, the fist step towards vendor lock-in has been set.
Replied in thread
@sarahdalgulls Because the ECW driver is not Free Software, full of patents, and its owners have never been open to collaboration with opensource communities over the years.
A lot of users switched to other free formats, even if they can be less efficient in terms of storage.
Note that CoG ( Cloud-Optimized GeoTIFFs ) are now everywhere, since they offer very good streaming capabilities despite lower compression.
Sich freiwillig bei Hyperscalerwahl in ein IT #VendorLockIn Verhältnis zu begeben ist ja strategisch eine „spannende“ Entscheidung.
Dies aber bewußt in Zeiten eines aufkommenden Wirtschafts- und Handelskriegs zwischen 
& zu tun, hat für mich einen nochmals skuril interesanteren Spin.
Mein Vortrag für den #Winterkongress bei der @digiges in der wird dieses Spannungsfeld aus Sicht von Suchtabhängigen bzw „freiwillig-bewustSuchtmittel nutzenden“ mal sezieren.
#PubliekeWaarden in het #onderwijs zijn essentieel. Hoe komen die tot uiting in de #IT die wordt gebruikt op scholen? Wat zijn de risico's van oncontroleerbare, #proprietary software? Hoe zit het met #privacy van #leerlingen en #vendorlockin van #scholen?
Welke rol kan vrije- #opensource software spelen in #educatie?
Geert-Jan en @remark gaven een #analyse met #oplossingsrichting op #FOSDEM.
Sterk aanbevolen, zeker aan degenen die actief zijn in het onderwijs:
https://video.fosdem.org/2025/ud6215/fosdem-2025-6042-public-values-and-foss-for-education.av1.webm
You know what grinds our gears? #VendorLockin.
Here is why: https://cloud68.co/blog/we-need-to-talk-about-vendor-lock-in
Broadcom's VMware Acquisition: A Wake-Up Call for Enterprise Virtualization
As Broadcom tightens its grip on VMware, enterprise users face a critical juncture. The latest Gartner report highlights the hidden costs of vendor lock-in and the urgent need for organizations to ree...
Should we migrate the communication platforms of our FOSS projects (e.g., Python, Django, …) to Matrix? 
The idea of avoiding the vendor lock-in is increasingly widespread 
Migrate social networks to the Fediverse, self-host your blog, regain control of your Git repository, … 
I wonder if it's time to migrate to “an open network for secure, decentralized communication” 
Answer here or share your experience 
#Matrix #VendorLockIn #Communication #Freedom
CC @matrix
Replied in thread
Anvil looks interesting. Unfortunately, it appears to be 100% proprietary. Even if you're okay with software you can't examine and modify, you appear to be stuck with using the vendor's website/app for designing your app's UI. They also push you hard to use their cloud-based, SaaS-type deployments.
There's an open source runtime you can apparently run your app with once it's built. But who says that's gonna stick around?
Investing a lot of time in building an app that is one proprietary license change away from being impossible to continue to use seems unwise.
Replied in thread
Was für ein absoluter Müll.
Das ist nicht nur ein Abo, sondern auch #Vendorlockin und #righttorepair Einschränkung.
Man wird sich also sicher nicht einfach irgendwelche Akkus kaufen können.
Meinetwegen könnte man Akkus ja irgendwie einmal "freischalten" und sie können dann nur an einem Gerät genutzt werden, oder mit dem Passwort des Käufers in einem Laden wieder entsperrt werden.
Aber so... warum nicht analog festschließen?
Replied in thread
@alper : forget the marketing blah about public key encryption; it's advantages are extremely exaggerated.
Just think of each passkey as an extremely strong and unique password tied to the domain name of a website.
The strength of passkeys (the WebAuthn protocol actually) lies in the fact that software (not the user):
1) Insists that the connection uses https;
2) Uses the passkey only if the domain name of the website (as shown in the browser's address bar) is the same (*) as the one used when the passkey was created.
(*) It's a bit more complicated than that: subdomains may be permitted under certain conditions.
Unintentionally logging into a fake website with a look-a-like domain name (phishing) is impossible (an "Adversary in the Middle" attack is possible only if a fake website possesses a certificate deemed valid by your browser, like I wrote about in https://infosec.exchange/@ErikvanStraten/112914050216821746).
However, passkeys suck in practice (Dan Goodin is right), see https://infosec.exchange/@ErikvanStraten/113730072998238596.
Infosec ExchangeErik van Straten (@ErikvanStraten@infosec.exchange)🌘DV-CERT MIS-ISSUANCE INCIDENTS🌒
🧵#3/3
Note: this list (in reverse chronological order) is probably incomplete; please respond if you know of additional incidents!
2024-07-31 "Sitting Ducks" attacks/DNS hijacks: mis-issued certificates for possibly more than 35.000 domains by Let’s Encrypt and DigiCert: https://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/ (src: https://www.bleepingcomputer.com/news/security/sitting-ducks-dns-attacks-let-hackers-hijack-over-35-000-domains/)
2024-07-23 Let's Encrypt mis-issued 34 certificates,revokes 27 for dydx.exchange: see 🧵#2/3 in this series of toots
2023-11-03 jabber.ru MitMed/AitMed in German hosting center https://notes.valdikss.org.ru/jabber.ru-mitm/
2023-11-01 KlaySwap en Celer Bridge BGP-hijacks described https://www.certik.com/resources/blog/1NHvPnvZ8EUjVVs4KZ4L8h-bgp-hijacking-how-hackers-circumvent-internet-routing-security-to-tear-the
2023-09-01 Biggest BGP Incidents/BGP-hijacks/BGP hijacks https://blog.lacnic.net/en/routing/a-brief-history-of-the-internets-biggest-bgp-incidents
2022-09-22 BGP-hijack mis-issued GoGetSSL DV certificate https://arstechnica.com/information-technology/2022/09/how-3-hours-of-inaction-from-amazon-cost-cryptocurrency-holders-235000/
2022-09-09 Celer Bridge incident analysis https://www.coinbase.com/en-nl/blog/celer-bridge-incident-analysis
2022-02-16 Crypto Exchange KLAYswap Loses $1.9M After BGP Hijack https://www.bankinfosecurity.com/crypto-exchange-klayswap-loses-19m-after-bgp-hijack-a-18518
🌘BACKGROUND INFO🌒
2024-08-01 "Cloudflare once again comes under pressure for enabling abusive sites
(Dan Goodin - Aug 1, 2024) https://arstechnica.com/security/2024/07/cloudflare-once-again-comes-under-pressure-for-enabling-abusive-sites/
2018-08-15 Usenix-18: "Bamboozling Certificate Authorities with BGP" https://www.usenix.org/conference/usenixsecurity18/presentation/birge-lee
Edited 2024-09-05 14:19 UTC: corrected the link for the "jabber.ru" incident.
#DV #LE #LetsEncrypt #Certificates #Certs #Misissuance #Mis_issuance #Revocation #Revoked #Weaknessess #WeakCertificates #WeakAuthentication #Authentication #Impersonation #Identification #Infosec #DNS #DNSHijacks #SquareSpace #Authorization #UnauthorizedChanges #UnauthorizedModifications #DeFi #dydx_exchange #CryptoCoins
@Tutanota Apparently #tuta still hasn't set a concrete, near term date for the availability of the *option to export all emails in one go* .
So: Customers can easily import their emails to #Tutamail, but they have to manually select and export all of their emails if they want to migrate away to a different #email provider.
To me, that looks like a vendor lock-in.
You can keep on telling that it's already planned, but you should really walk the talk!