Mayyybe just lead by example and have a tested, reputable, reliable, decentralized, account somewhere, to send updates about ECC’s work, blog posts, etc? Why the focus on X? It’s very far from our ethos. Use Mastodon or something that checks all the boxes above and move on?
Or maybe let’s not speak of legal things without properly understanding them? Or maybe we make it attractive to economists, lawyers, etc, to participate more? Ding ding, reminder about the potential of having a quality booth in various types of events instead of a fancy ass elite Zcon.
Raise does not currently support ZEC. We have been working with Radom (who will process the ZEC for Raise) and Raise to add ZEC support. These App permissions are not relevant to Zashi.
My understanding is that Brazil requires legal representation in country so that the courts have someone to approach for the purpose of having content removed that it considers to be a crime, and that Elon is not complying. In this case, I believe the issue arose when seven accounts posted content about a possible coup. Complicated indeed.
But my reference here is related to more than Elon not complying with the law. They tried to shut down people’s access to VPNs. Even if you believe that Brazil’s laws are just, can we agree that this is a troubling action? Related article.
Ah yes, I agree. They quickly gave up on the blanket VPN ban but there is still a fine in place for accessing Twitter via VPN (which is silly and mostly unenforceable). The upside is that Brazilians are migrating en masse to BlueSky
Camera access is necessary to allow scanning QR codes. Unfortunately Android’s security architecture doesn’t support a more dynamic way of ensuring that a permission is used only when the feature that needs it is being used, via a UI that makes that apparent to the user. So if an app ever needs the camera, it must request camera permission for the whole time it is running (either in the foreground or background). That sucks because if there were a vulnerability that allowed the app to be taken over via external input, then all of its permissions could potentially be misused. Most of the code being written in memory-safe languages does help there.
I’ve been complaining about this issue for literally longer than Android has been a thing, and advocating for the use of capability-based security models that would allow it to be fixed in general. The specific case of QR code scanning could be handled within the current security model by having a dedicated “scan QR code” permission, but there is currently no such thing. (Also we plan to have support for Keystone wallets which need animated QR codes in order to send more data that can fit in a single code. So a dedicated permission would have to handle that in order to support Keystone.)
Some of the other permissions there look as though they should not be necessary. I think you meant that they are requested by the Raise app rather than Zashi, though?