Can’t go wrong with publishing order. I refer to the Coppermind wiki for that: https://coppermind.net/wiki/Cosmere#Bibliography_of_the_Cosmere

I personally started with Stormlight Archive, which I wouldn’t call optimal, but hey, I have no regrets. In general I’m a “gates open” kind of fan, so I encourage readers to go in whatever order they like and enjoy any extra mystery that might come along with it. :)

The only ones I’d really recommend against reading without context are The Sunlit Man, and to a lesser extent Yumi and the Nightmare Painter. It kind of pains me to say that about Yumi because it’s such a fantastic book and I’d hate to discourage anyone from reading it. But you’d need to comfortable rolling with confusion if you’ve never read any Stormlight Archive, because

That said, Lost Metal includes connections to

I wouldn’t say that’s required reading before Lost Metal. I personally read Lost Metal first and, again, no regrets. But now I do kind of want to go back and read a few chapters again given the additional context I have now.

For most: yes, there is a risk that the vendor has included a backdoor. There is also the risk that they are straight-up lying about how their service operates.

For Signal in particular: You can verify that their claims are true because you can audit the source code.

The Signal client is open-source, so any interested parties can verify that it is A) not sending the user’s private keys to any server, and B) not transmitting any messages that are not encrypted with those keys.

Even if you choose to obtain Signal from the Google Play Store (which comes with its own set of problems), you can verify its integrity because Signal uses reproducible builds. That means it is possible for you to download the public source code, compile it yourself, and verify that the published binary is identical. See: https://github.com/signalapp/Signal-Android/tree/main/reproducible-builds

You might not have the skills or patience to do that yourself, but Signal has undergone professional audits if anyone ever discovers a backdoor, it will be major news.

You are more likely to be compromised at the OS level (e.g. screen recorders, key loggers, Microsoft Recall, etc.) than from Signal itself.

I’m also on a Brandon Sanderson kick (for roughly two years now). I’m currently reading The Sunlit Man. It’s good, but don’t read it until you finish the Stormlight Archive series and the standalone novella Shadows for Silence in the Forests of Hell. Most of the Cosmere stories are fairly approachable in isolation, but this one is very dense with references to established characters, places, and lore, to the point where it should be considered a sequel or spinoff. Even I feel a little lost!

If anyone’s looking for an easy way into Sanderson’s Cosmere (it’s intimidating! I get it!), I highly recommend the novella The Emperor’s Soul. It’s self-contained, it’s short, and it’s just a fantastic story. If you prefer listening to reading, Graphic Audio has an “audio movie” version which is a nice taste of what they offer, too.

@dresden@discuss.online let me know if you want recommendations on reading order before you continue on to The Lost Metal.

Last I checked, there is still no way for developers to use RCS on Android, so it’s a non-starter for me. I do not and will not limit myself to first-party apps.

Please correct me if I’m wrong. If there’s an open-source RCS-compatible messaging app out there, I’d love to try it.

That’s a good rule of thumb, but as a direct point of comparison, it’s not that bad with iPhones. Apple’s MDM protocol is very particular about what admins are allowed to control even on company-owned devices. For example, admins can’t see the Apple ID used on the phone and can’t grant apps screen sharing permission without user approval.

And we certainly can’t access iMessage.

Kagi actually does have an anonymous authentication option. https://blog.kagi.com/kagi-privacy-pass

I get that they don’t want to deal with Google Play

Was that the reason? Shame they didn’t just leave it on F-Droid and GitHub then. Nobody needs to use Google Play (at least not yet…)

This reminds me of a line from the novel Popco by Scarlet Thomas: “Do what can, then stop.”

I repeat this to myself when I feel overwhelmed with the scope of a task, or when I start to let “perfect” become enemy of “good”.

For example, if you feel like you should stop eating meat but find that difficult for whatever reason, don’t throw your hands up. Do what you can, then stop. Maybe that means eating meat a few times a week instead of every day.

It applies to politics as well. I know plenty of people who refuse to engage at all because they don’t feel like it’s possible to do “enough”. Do what you can, then stop. Maybe that means spending fifteen minutes before voting day to find the least odious candidate you can vote for. Maybe it means phone banking or joining a campaign. Maybe it means running for office. Or maybe it just means talking to some friends about issues that matter to them.

Or maybe you’re trying to lose weight. I think we’ve all seen people try and fail because there seems to be no middle ground between giving up and letting it dictate your entire life. Do what you can, then stop. Maybe that just means drinking more water and less of anything else.

Don’t beat yourself up just because you can’t fix the whole world.

I used to use Filen for this, but it never worked very well. The file provider path it returned to Keepass2android was only temporary, so it would break periodically. Did Filen change how that works?

I eventually started using Syncthing instead. I connect to my home wi-fi often enough that it’s never too far out of sync with my home PC. And since it’s a local file, there’s no issue with using absolute paths.

I was thinking that it sounded about right, until I read beyond the headline:

Its value is approximately one hour, or half an hour for a one-way trip.

WHAT. I thought he meant one hour each way!

Are there any cities where that is the norm??? I’ve had sub-30 commutes in my life, and it felt like the height of luxury.

I had a 1.5 hour (one way) commute for a while, and I was burned the fuck out after a year of that. It takes a toll on your health.

Thanks for the info. I have not really tested Seedvault myself so this is all good to know.

Ironically, one of the main reasons I switched to GrapheneOS was because Google’s backups were so frustrating and I was hoping Seedvault would be more comprehensive.

What’s wrong with Seedvault?

I jumped on a lifetime deal they had a few years back. I mostly use it via the web UI and Android app, so I cannot comment on desktop or CLI client functionality.

The Android app is “okay”, but not great. Background photo sync doesn’t work consistently; I need to manually launch the app periodically to jog it. I know Android is kind of aggressive about background services, but other apps do this better so I think this is on Filen. Perhaps they should run a permanent notification to stay alive 24/7, like Syncthing does?

As with pretty much every other cloud storage app, it does not let me sync arbitrary folders/files, only photos and videos. *sigh*

It uses Android’s file provider API, so you can open and save files in most apps directly from/to Filen. However, this only seems to work for one-time use, not for apps that need to regularly open/save the same file. For example, when using Keepass2Android, you can have it store your password database on a cloud storage service. This works pretty well with Google Drive, but with Filen it loses the connection frequently because the pseudopaths the API returns are not stable over time (which makes sense, I guess, and is one more reason I want arbitrary local file sync instead). Personally, I went back to storing my Keepass database locally and then periodically backing it up rather than keeping it on live cloud storage.

It’s one of the cheapest E2EE cloud storage services I’ve seen (definitely the cheapest for me with the lifetime promo I got), and the core functionality of uploading and downloading files (and folders) works. That’s good enough for me to give it the thumbs-up.

But here’s the really funky bit. If you ask Claude how it got the correct answer of 95, it will apparently tell you, “I added the ones (6+9=15), carried the 1, then added the 10s (3+5+1=9), resulting in 95.” But that actually only reflects common answers in its training data as to how the sum might be completed, as opposed to what it actually did.

This is not surprising. LLMs are not designed to have any introspection capabilities.

Introspection could probably be tacked onto existing architectures in a few different ways, but as far as I know nobody’s done it yet. It will be interesting to see how that might change LLM behavior.

Snapchat does not use end-to-end encryption for messages, so it doesn’t even belong in the conversation.

WhatsApp and FB Messenger are somewhat defensible choices since they at least use E2EE by default (Messenger did not until recently). However, there are a few good reasons to favor Signal:

1. It is open source. Interested parties can actually verify that Signal’s encryption claims are true. Interested parties can also audit new versions as they released.
2. Facebook/Meta, as a company, has a long history of tracking users, leaking user data, and even conducting psychological experiments on users without consent and in secret.
3. WhatsApp and Messenger only allow 6-digit PINs to secure your messages. With that PIN, you can decrypt those messages. Signal allows for longer alphanumeric passcodes.
4. Facebook makes no promises not to track your usage of Messenger or WhatsApp, only that the messages themselves are encrypted.

I don’t have a Palma, but I have a Book Go 6, which looks like it has similar display tech. So I think I can answer some of your questions.

The backlight can go all the way off, to the point where it is invisible in a dark room. You can also adjust the backlight color temperature.

Typing is bad, but I’ve never spent time optimizing it. I would guess that the responsiveness on the Palma might be higher. I also never tried it in high-speed mode, which is much more responsive but has worse ghosting and generally worse image quality. For my use case (99% just reading) I don’t mind the slow response time.

It’s possible to access the normal Android settings, though I just picked up my Boox Go and I can’t actually figure out how. I know I’ve done it before somehow. The Boox settings app has a VPN section, but I don’t see DNS options. Pretty sure you can do this though.

One thing I want to point out is that the Palma is not technically a phone. It’s a wi-fi device, so it will not make calls or send SMS. You would be limited to internet-based messaging apps like Signal or Telegram. I can’t speak to how smoothly those run.

There are also a couple proper phones (with SIM cards) with similar display tech coming out this year. See:

https://www.theverge.com/2025/1/6/24335983/tcl-60-xe-nxtpaper-e-ink-specs-ces

https://liliputing.com/the-minimal-phone-is-now-shipping-e-ink-phone-with-a-qwerty-keyboard/

Additionally, you can set Android to use an ad-blocking DNS server without apps. In Settings > Network & Internet > DNS, select “Private DNS” and set the hostname to a custom server, like base.dns.mullvad.net (Mullvad’s DNS server is free to the public, does not require a VPN subscription).

The per-app controls sound neat! I might give that a try. Google killed the ability to restrict apps’ network access years ago, specifically so ads would always work. I’ve never tried a local VPN as a workaround.

Oh huh. I didn’t know there even was a video. Perhaps my ad/tracker blockers cut it.

Just found a hands-on CNET video: https://www.cnet.com/videos/at-ces-2025-tcl-debuts-new-tcl-60-phone-with-e-ink-display/

Never used TCL’s “Nxtpaper” so not totally sure how it compares.

TCL is releasing a new phone later this year with a toggle-able e-ink mode. So you can use it with in full color when you want, and switch to e-ink when you want. It’s in a more conventional aspect ratio so apps will look more “normal”. I can say from experience with my Boox e-reader that a lot of apps do not work well in 4:3.

https://www.theverge.com/2025/1/6/24335983/tcl-60-xe-nxtpaper-e-ink-specs-ces

Might be my next phone if the CPU and software is not awful (big if).

It used to say “container-native”. They recently changed the wording, but there was no technical change.

It’s a Linux distro that runs locally, like any other. It has no particular tie-in with any cloud services. If Flatpak, Docker/Podman, Distrobox, Homebrew, etc. are “cloud” just because they involve downloading packages hosted on the internet, then I don’t know why you wouldn’t call “traditional” package managers like apt, dnf, zypper, etc. “cloud” as well. 🤷 So yeah, I feel your confusion.

The big difference compared to something like Debian or vanilla Fedora is that Bazzite is an “immutable” distro. What this means is that the OS image is monolithic and you don’t make changes directly to the system. Instead, you install apps and utilities via containers, or as a last resort you can apply a layer on top of the OS using rpm-ostree.

The only thing cloud-related about any of this is that atomic OS images and containers are more common in the server space than the desktop space.