This is blatantly false.

Don't forget the USA

Is Wipr open source?

People reusing passwords probably also aren't using long and complex passwords.

Imagine defending forced arbitration just to try to score on Valve...

I'd expect free software people to not have the funds to sue corporations. Are there any examples of these major lawsuits I can take a look at? I do remember a telecom company in France was fined quite a large sum but that was reported as a rare incident.

unfortunately.. noone seems to stop and think for a second why Meta would maintain an infrastructure/team, spending millions upon millions to provide a service that seemingly has no monetization built-in.

Those type of stuff should come preinstalled in phones rather than fucking Candy Crush or Facebook.

Am I too harsh in believing that if you claim to have E2EE but I can't verify a) your source code b) my client was built from that source code (i.e. reproducible builds) then you don't have E2EE? The whole point of encrypting my traffic on the client is I don't trust you. Why would I believe you aren't sending the encryption keys off to your server if I didn't trust you before?

The amount of malware you can cram in a source-code patch without drawing attention vs. in a binary is vastly different.

There's also the fact that if you want to ship binaries, you can just wget them from source during the build process. Not a perfect solution but much better than what's ventoy doing. The source code updates works the same in every project because it has to. That's why this is drawing more attention.

It matters because nobody is going to check the hashes for all of the files match whenever there's a change so the maintainer can just replace them with whatever he wants.

Most people need more than a brick for their daily.