• Activity
  • Votes
  • Comments
  • New
  • All activity
  • Showing only topics with the tag "third party". Back to normal view
    1. Should I use third party firewall or antivirus on Windows (or elsewhere)? Which one?

      It's seems to have been common sense for a while now that Windows has good-enough security software that you don't need 3rd party tools but is it actually the case now? Is there anything to lose...

      It's seems to have been common sense for a while now that Windows has good-enough security software that you don't need 3rd party tools but is it actually the case now? Is there anything to lose or gain from trusting 3rd party with this stuff?

      20 votes
    2. Continue to use your favorite third-party app for Reddit after July 1st with ReVanced!

      Hey Reddit enthusiasts! Revanced has recently extended its support to some of the most popular Reddit apps out there. The list of supported apps now includes Boost, Infinity, rif is fun, Relay,...

      Hey Reddit enthusiasts! Revanced has recently extended its support to some of the most popular Reddit apps out there. The list of supported apps now includes Boost, Infinity, rif is fun, Relay, and Sync.

      For those who are new to Revanced, this means you can patch these existing apps with your own oauth-client-id, allowing you to continue enjoying them seamlessly.


      Why does this work?
      • Reddit is now charging for certain API usage, causing many third-party clients to either shut down or start charging.
      • If you don't exceed 100 API calls per minute, API use remains free (to the best of my knowledge). However, this doesn't help third-party clients because they use a single client ID for all users, resulting in millions of requests per minute.
      • The solution is to obtain a private client ID from Reddit, which allows for free API use.
      • The client ID patch enables you to replace the default client ID used by apps like Sync, Boost, and Infinity with your own private client ID from Reddit.

      Quick tutorial:

      1. Go to https://www.reddit.com/prefs/apps in your web browser.
      2. Create a new app by giving it a name of your choice.
      3. Tick the "Installed App" option and fill in the redirect URI field. The specific URI depends on the app you're using. For example, for rif, the URI would be redditisfun://auth. You can find the required redirect URI in the app's corresponding section on GitHub.
      4. Copy the client ID string that appears for the app you just created.
      5. Create a text document named "reddit_client_id_revanced.txt" and place it in the root directory of your phone's storage (e.g., /storage/emulated/0/<file here>). Paste the client ID into this document.
      6. Install the latest version of ReVanced Manager on your device.
      7. Open the Patcher tab in ReVanced Manager and select your app.
      8. In the Patches section, enable the "Change OAuth Client ID" patch.
      9. Apply the patch and install the modified app (Note: If you already have the app installed, you may need to delete it first and then click Install once ReVanced finishes creating the new APK.)

      Following these steps will help you navigate through the process of obtaining a private client ID and applying the necessary patches to enjoy Reddit using ReVanced.

      Guides with screenshots:

      1. https://gist.github.com/decipher3114/4423a2671dc3ce4401025b737d5c89f4

      2. https://docs.google.com/document/u/0/d/1wHvqQwCYdJrQg4BKlGIVDLksPN0KpOnJWniT6PbZSrI (Thanks to @kobew50 on Discord)

      If you encounter any difficulties during the process,head over to ReVanced Discord server to seek assistance.


      Reddit applications that have available patches or modified versions.

      ➡️ Platform: Android 🤖

      Application Patch status Note
      BaconReader Available ✅ ReVanced
      Boost Available ✅ ReVanced
      Infinity Available ✅ ReVanced, Fork by KhoalaS (works without patching), Fork by KhoalaS (need to be patched)
      Joey Not available ❌ -
      Nara Not available ❌ Exempt from the new API changes (will introduce a paid tier eventually)
      Now Not available ❌ Exempt from the new API changes (will introduce a paid tier eventually)
      Reddit (official app) Available ✅ ReVanced, Redited
      RedReader Not available ❌ Exempt from the new API changes
      Relay Available ✅ Exempt from the new API changes (will introduce a paid tier eventually), ReVanced
      rif Available ✅ ReVanced
      Sync Available ✅ ReVanced

      ➡️ Platform: iOS 🍎

      Application Patch status Note
      Apollo* Available ✅ Tweak by EthanArbuckle
      Dystopia Not available ❌ Exempt from the new API changes
      narhwal Not available ❌ Exempt from the new API changes (will introduce a paid tier eventually)

      *Shout-out to WefWef - a Lemmy client not only inspired by Apollo, but which is aiming for feature parity. (GitHub)

      89 votes
    3. The Apollo app for Reddit closes this evening. End of an era.

      Mixed feelings about it all. I think Reddit suffers from the same ‘1 discussion keeps you coming back for ten years in hope of a repeat’ that most if not all social media struggles with. It also...

      Mixed feelings about it all.

      I think Reddit suffers from the same ‘1 discussion keeps you coming back for ten years in hope of a repeat’ that most if not all social media struggles with. It also has excellent dogs in hilarious situations and because of the amount of users, a constant refresh of what should be a tired genre but which just dosnt seem to die.

      I have enough respect for r/pics for the John Oliver death march, that I cant go back.

      265 votes
    4. Megathread for news/updates/discussions about Reddit API changes and reactions to it

      A lot of people want to talk about Reddit and that will likely continue. This is a place to post minor news updates, so that Reddit topics don't fill up the front page of ~tech. (Up to you what...

      A lot of people want to talk about Reddit and that will likely continue. This is a place to post minor news updates, so that Reddit topics don't fill up the front page of ~tech.

      (Up to you what counts as "minor.")

      144 votes
    5. I kind of feel bad for spez.. what would you do if you were in that position?

      I have never been a leader at a big company (or anywhere...), and honestly I am pretty ignorant when it comes to money and business, so maybe that's why I feel this way but... isn't this what...

      I have never been a leader at a big company (or anywhere...), and honestly I am pretty ignorant when it comes to money and business, so maybe that's why I feel this way but... isn't this what for-profit companies ultimately are supposed to do? (make money?)

      Reddit is blowing up today over his internal memo, and that's when I kind of started to feel bad for him. Wouldn't an internal memo be expected at a time right now? Wouldn't it say that kind of stuff? I'm just curious but for others, if you were in his position, what would you do right now? Is there a better move to be made? What should he have said in that memo? I kind of feel bad for him. At the end of the day he helped create reddit, and it must kind of suck to watch your own project devolve and people come to hate you.

      The thing about this API decision that got to me is how abrupt it was - 30 days or thereabout. That doesn't seem like very long. But aren't these decisions usually made by multiple people? (not just a CEO?) I also think it sucks that reddit app hasn't been made accessible to vision impaired folks. So maybe he sucks as a leader, but is that a reason to hate him?

      I'd love to better understand.

      51 votes
    6. Twitter cuts off access for popular third party clients

      Starting on Thursday night, Twitter cut off API access for some of the biggest third party clients. From The Verge: It’s hard to tell whether the third-party client outage is due to the API....

      Starting on Thursday night, Twitter cut off API access for some of the biggest third party clients.

      From The Verge:

      It’s hard to tell whether the third-party client outage is due to the API. Attempting certain calls from my individual Twitter developer account seemed to work, while Twitter’s own API explorer tool is currently broken.

      It definitely seems like it is on purpose. For it to last this long without any update definitely makes it feel like it was done on purpose. Many developers' apps have started showing up as "suspended". In looking at my own account, I can see that both Tweetbot and Fenix are gone from my list of connected apps.

      The Icon Factory (makers of Twitteriffic) have a blog post about it as well.

      The complete silence from Twitter is completely baffling. Burning more than a decade of working with developers overnight seems incredibly stupid. As Paul Hadad, one of the makers of Tweetbot said:

      Even during the darkest Twitter 1.0 days they were pretty open about what they were doing. I remember getting a call prior to the 4 quadrants token limit where they explained what was going to happen and answered questions. I wasn't happy but at least felt there was respect.

      27 votes
    7. What are your favorite third-party controllers?

      What are the best controllers for console and PC that you've used that aren't just official console controllers? I'm a nerd when it comes to getting a million different input methods for games,...

      What are the best controllers for console and PC that you've used that aren't just official console controllers? I'm a nerd when it comes to getting a million different input methods for games, and I'm always looking for new ones to play with.

      Glad we'll never go back to the hellish days before Valve and various FOSS projects fixed the nightmare that controllers on PC used to be.

      15 votes
    8. Hidden third party telemetry found in Nokia 6.2, 7.2 smartphones

      Update 12/03/2020: this is not a telemetry, but a kill switch from Colombian carrier - confirmed by HMD. Kill switch will be removed from most devices soon. I updated an article and posted it...

      Update 12/03/2020: this is not a telemetry, but a kill switch from Colombian carrier - confirmed by HMD. Kill switch will be removed from most devices soon. I updated an article and posted it here.

      Original article below:

      I have recently purchased Nokia 6.2 and wanted to check if it sends any data somewhere, considering what happened with previous models

      First, I noticed approx. daily connection to dapi.hmdglobal.net
      This is a Google Cloud that could belong to a company behind Nokia - HMD Global.
      But the Privacy policy in my phone only speaks of "activation" process, not of daily diagnostics data.
      So I used developer tools to remove the following packages (warning: this may break your device, I am not responsible for any consequences)

          com.hmdglobal.enterprise.api
          com.qualcomm.qti.qms.service.telemetry
          com.qualcomm.qti.qmmi
          com.qualcomm.qti.qdma
      

      Before removing them, I used APK Extractor to save APK files just in case it breaks my phone and I may be able to attempt reinstall. This part comes into play later.
      The first was my blind guess about what exactly connects to dapi.hmdglobal.net
      The next 3 I found mentioned in various forums for other devices as "safe to remove", however, I have not seen any telemetry sent to Qualcomm or anywhere else, except what I mention next.

      After removing these packages, I noticed that there are some remaining unknown connections my device attempts several times per day.
      They are all done in same order, one right after the other:

          www.pppefa.com
          www.ppmxfa.com
          www.forcis.claro.com.co
      

      After some investigation, I found that the first two domains point to some Microsoft Cloud servers rented in US.
      The last one most probably belongs to Colombian telecom company, and this is where it becomes interesting.
      After many hours of fruitless removing of different apps in my attempt so stop it, I suddenly remembered something.
      When I used APK Extractor previously, there was an empty first line with some generic icon where an app icon should have been.
      I went there again and indeed, this is a hidden system app, that you can not see in the list of all apps in Settings, normally. But it turns out, you can see it in Data usage (after it successfully sends some data using your mobile connection).
      The name of the app is deliberately left empty to hide it, but if you click it in Data usage, you can see that this app is co.sitic.pp , which can receive SMS, can make calls, and has access to internet.
      As with all Android apps, you can reverse read the name to guess what it is.
      Turns out, http://sitic.com.co is a Colombian company, who "are leaders in innovation and create mobile and WEB applications for new products and services." (credit goes to Google Translate)

      screenshot of the app with permissions

      In other words, this app is a 3rd party telemetry, hidden from user, not mentioned in the Privacy policy, that has access to SMS.
      This looks very bad and I really hope this is a malware injected by factory and not something knowingly distributed by Nokia, HMD Global, the EU company.

      After removing the co.sitic.pp app, requests to Microsoft Cloud and Columbia stopped.
      I was later pointed to a German forum, where (I believe) it was first found in a Nokia 7.2 device.
      So, we have it confirmed in 2 devices in 2 different countries.

      On German forum they contacted Nokia (I assume support) but got tired exchanging emails for weeks without any result.
      On 02/03/2020 I have requested an official reply from Nokia and HMD Global via press.services@nokia.com and press@hmdglobal.com and waiting for reply.
      Since I am not a journalist, I may never get one.

      TLDR: 3rd party telemetry is found in Nokia 6.2 and 7.2 devices, is hidden from user, has access to SMS, and sends data to Microsoft Cloud in US and a server in Columbia.
      It is probably supplied by SITIC S.A.S., a Colombian company, and looks more like a malware than a telemetry.

      28 votes