To add something constructive, think of how deamanding people can be in ordinary everday life.
Now think of how demanding they can be when something doesn't quite work how they want.
I've been on both sides of the fence being a demanding user myself and prolific contributor. I could write entire volumes on the cesspool that can be opensource contributing; obviously there's lots of good that comes with it too, good communities, good people.
But open source is an ecosystem like any other really, there are cesspools of obnoxiousness, toxic behavior, and also havens of really insightful and friendly people.
Not only this, but most US companies do not really have any incentive to focus on security.
On HN there is an echo chamber with the shunning of companies who have experienced incompetence based breaches. Your average consumer does not know (beyond the news cycle) or generally even really care.
I think you can even look at FBI and NSA public service announcements and guides about consumer electronics security as a sort of ''shit this industry stuff is pretty bad we need to think about our goal differently,'' with regards to them trying to pick up some of the security slack that US companies shit out with their products.
The various 3-letter-agencies really are incentivized to help government and industry be legitimately secure against anything short of the sophisticated attacks they themselves can orchestrate
When you’ve got the sort of reach and resources they have, it does you no good if script kiddies or unsophisticated attacks are causing problems and you don’t need the easily preventable attack vectors they’d use.
When the HDDVD-Bluray wars were going on China had their own implementations of optical storage, and it has been evolving ever since. Much of it is undocumented in languages other than Chinese.
Companies in China use these alternative optical discs, some of which store up to 1TB of data.
The only reference I can find to it on English Wikipedia is the CBHD
it's actually 128GB per disk (BDXL), I only know of Chinese companies announcements of 500GB optical disks last year[1], not sure if they are already deployed to some enterprise partners, it's entirely possible. Their more theoretical research goes far beyond that. [2]
There are archival storage machines similar to tape drive robots for archival storage in the Chinese market where you have hundreds of such disks in a single unit and 1PB+ per rack.
Wireshark is nice, but for HTTPS MitM you'll need a tool like mitmproxy/Burp to do the proxying and either modifications to the system image or a Frida daemon running as root to make most apps trust the MitM'd certificates.
To get the traffic routed right, the Wireguard option for mitmproxy is pretty useful in my experience. Not sure how well Waydroid + Android VPNs work together, though.
There's also certificate pinning which is done by basically every modern android app so you often need to modify apk to remove that. Httptoolkit has a good blog on the process: https://httptoolkit.com/blog/frida-certificate-pinning/
It's a pretty neat feature! I think it's in beta but it works flawlessly in my experience. Sure is a lot easier than setting up a separate (W)LAN with iptables rules to force redirect traffic.
/s
To add something constructive, think of how deamanding people can be in ordinary everday life.
Now think of how demanding they can be when something doesn't quite work how they want.
I've been on both sides of the fence being a demanding user myself and prolific contributor. I could write entire volumes on the cesspool that can be opensource contributing; obviously there's lots of good that comes with it too, good communities, good people.
But open source is an ecosystem like any other really, there are cesspools of obnoxiousness, toxic behavior, and also havens of really insightful and friendly people.