From the FAQ of the Sunbird website (the tech powering Nothing Chats):

Will the app be open source?

Some of the messaging community believes that software that is open source is more secure. It is our view that it is not. The more visibility there is into the infrastructure and code, the easier it is to penetrate it. By design, open source software is distributed in nature. There is no central authority to ensure quality and maintenance and by putting that responsibility on Sunbird, development would not be feasible. Open source vulnerabilities typically stem from poorly written code that leave gaps, which attackers can use to carryout malicious activities.

To help satisfy our own ambitious goals of providing total privacy and security, we are currently undergoing a third party audit that will validate our security, encryption and data policies and plan on receiving ISO 27001 certification after launch.

This was a huge warning sign when the first round of news about Nothing Chats came around, so I'm glad we're now getting early confirmation that security by obscurity still is a horrible idea and doesn't work

I'm pretty happy with Digital Ocean if I need a temporary VPS because I can pay by the minute and the UI is great. Anything that I want to stay alive for more than a month or two, I do on a single 6-core VPS rented long-term from Netcup, a low-cost German provider, deploying with Docker and Traefik.

I've been very happy with Home Assistant. There are zigbee USB sticks such as ConBee that work well with it, and home assistant runs on many different types of computers including Raspberry pi.

Right! The last I remember hearing the "closed source is more secure" argument was about fifteen years or so ago, so it's surprising that it is being pulled up from the dead.

As another German, I can confirm that the "first e in mesmer" way is how Germans would pronounce it. See for example 11seconds into this German video also officially from SUSE's YouTube channel - a SUSE employee and German native speaker who is moderating a series of talks is using that pronunciation.

It's just a tiny mistake that most Germans are used to hearing Americans make all the time (see also Porsche which is also not pronounced porsh, nor por-shay, but porsh-eh) and will politely ignore, but since this aims to be an educational video, should be pointed out to be slightly incorrect

I'm surprised that the post does not mention switching to Firefox or any other privacy tool other than their privacy badger, e.g. no mention of uBlock Origin.

I have been using it for the last 3 months to expose services from my home internet (plex, wireguard, etc.) through a VPS and I'm pretty happy with it. It's relatively simple to set up, I haven't had any outages so far, and it's nice that it supports UDP port forwarding as well as TCP (for wireguard).

You could go even further and use hard links. That way, you can have two paths pointing to the same data on the partition, with the space getting cleaned up only after all references to it are removed.

The blog posts mentioned in the NYT article [1, 2, 3] are also worth a read, if you want to understand the evidence for tampering.

Hey URL, go and fetch your friend JSON!

Makes perfect sense.