• 19 Posts
Joined 10M ago
Cake day: Aug 02, 2020


It’s not irrelevant but it’s not proof of anything either, and does not justify the clickbait title…

Many organisations everywhere in the world receive government funding but it doesn’t mean that they’re intelligence agencies’ honeypots. Matrix has received contributions from the French and German government, yet that doesn’t mean it’s a government op.

This article is just an ad for the book of the author.

It just shows that Signal received a bit of funding from the US government via the Open Tech Fund like many other projects.

It does make a fair point that the fight for privacy should be more political and less technogical but it’s not like people aren’t trying.

I’m pretty sure that there have been external contributions for the implementation of websocket notifications for phones without google’s services, but I might be wrong.

I largely disagree with this video.

Given the license, it wouldn’t even be legal for Signal to make the server closed source. AGPL prevents that.

After the huge migration in January, a lot of people asked for a payment feature, WhatsApp has that in some country and it is used a lot, mainly in India I think. And I think the criticism is way overblown, remember, this is just a feature that was introduced in beta in one country!

The goal of MobileCoin is not to provide decentralised currency without the need for central banks and all like other cryptocurrencies. The goal of MobileCoin is to provide an experience that is very similar to what WhatsApp and a few other apps already have, the crypto part is only here to make it private. The fact that there are transaction fees and that it is centralised doesn’t make it any different from any other payment app like Paypal.

Anyway crypto currencies have completely failed at providing actual decentralisation. Transaction fees are way too high for them to be used for everyday payment, and they waste way too much energy. The instability is also a barrier (though I’m not exactly sure how will MobileCoin deal with it).

Most critics are also not neutral. They are often invested in other cryptocurrencies and would have greatly benefited economically from the increased demand if Signal had chosen to go with one of their cryptocurrencies.

I see ads for car, the main thing I use fb for is bicycle events

Is it really a false positive? I could see why car manufacturers would want to target ads at Cyclists.

the goal of those ads is not to change your individual behavior. It’s to produce small societal shift

But does it even work? I am not sure that there is any concrete proof that advertising is actually any good at making people buy more. I’m pretty sure that creating trends and buzz is much more efficient marketing than targeted advertisement.

That’s why “influencers” and other similar creators “tech reviews” for example manage to strike suany deals with so many brands. They have much more power over their follower (because there is implicit trust) than any standard ad can have, no matter how targeted.

The worst thing with surveillance capitalism is that it’s building one of the worst surveillance system in the world and in the end it turns out their ads don’t even work.

Hell site - Aral Balkan

I found this to be a nice re-flexion around the issues of Venture Capitalism founded websites…

I’m pretty sure that the moment they begin charging for Facebook they loose 90% of their userbase. The same would happen with most social networks. I’m pretty sure that once people think about it for a minute, they will come to the conclusion that social networks are not worth it.

The only things that Signal stores “in the cloud” are:

  • Message that haven’t been delivered yet (for 90 days max), they are encrypted with the Signal protocol, which is widely regarded as very secure, meaning that even they can’t see the contents and the sender thanks to Sealed Sender). They also delete the messages once they have been delivered (though we can’t prove that).
  • Profile and group membership information, protected via the PIN. The PIN itself is cryptographically weak, but they use secure value recovery to make it safer. It is enough for most users but I still recommend using a strong randomly generated password instead of a 4 digit pin, which is easy to do if you are already using a password manager.
  • Group administration mechanisms, protected by their private group system which means that everything about group membership, the name and picture of the group is encrypted, and they don’t have access to it.

AFAIK not much else is stored on their servers, beside what is naturally required to forward messages.

They don’t store users contact list, and use private contact discovery so that you can see who is on signal and who is not, without revealing your entire contact list.

how can they make sure the people not in the recipient’s contact list can’t use sealed sender to send messages to the recipient

I think your phone sends this setting to their severs, and it is forwarded to anyone trying to contact you, and the app only sends with sealed sender if you already have exchanged some messages. It would still be possible to build a modified version of the app that always sends with sealed sender, but I think that your phone would simply reject the message.

I don’t have any source on that last part though, it’s mainly a guess. The solution would be to look at the source code.

What is the tag #myasstodontownhall?

I have seen it be trending multiple times but I have never been able to find what it means…

You probably don’t want that. Even once you get past the technical hurdles (having a server, configuring eveything), which could be easily offered as a paying service, you would still be responsible from moderating the instance.

Mastodon gives you quite a lot of granularity over what is and isn’t public on your account. I think that people that don’t want to be found already have the the option not to be.

There is no clear way to distinguish who want to be found and who doesn’t want to, and I personally believe that people that don’t want their stuff to be found shouldn’t make their posts public.

FB has made a statement to a journalist (sorry, I wasn’t able to find anything other than the journalist’s twitter)

There seem to be some push back questioning the honesty of Signal and this HN thread seems to agree with it.

I personally think that Signal doesn’t have any reason to lie. The ads are explicitly against facebook advertising policies that “prohibits ads that assert that you have a specific medical condition or sexual orientation”, so its not like it would be hard for them to actually get the ads banned.

The solution I think I’m going to use is to have mailbox.org with my custom domain name for my real address and use @mailbox.org random aliases for stuff I don’t want to keep my real email private from.

I’m currently using Firefox relay but it is quite limited.

I don’t see how downtime of a provider could lead to leaking my real email.

It could work to deal with spammers, but I also want my pseudonymous accounts and my real name accounts to not be linkable, even by someone that actively tries to do so and somehow gets their hands on both my emails.

I’ve considered self hosting my mail, but if you self host your aliases are all recognisable because you are the only one using your domain name.

The question is now whether publisher will revert their migrations and stop using AMP, or if they will continue to use it just because they already support it. I guess only few will be the first ones to dare stop supporting AMP before there is significant evidence that non-amp pages are treated fairly.

deleted by creator

Until now I’ve used the free emails provided by gandi.net with my domain name, but the @mailbox.org aliases and the bundled jitsi+cloud storage might make me switch.

One of the main issue I have with my current setup is that I can’t have an anonymous email. So I still use my old random gmail account, but I want to switch as soon as possible.

Didn’t know about mailbox dot org. This seems like a really great offer, including storage a Jitsi instance, aliases! I’l look at it.

I’m guessing they’re forcing the hand of the university to do something about it, and then will unban the university except the few who worked on the patches.

They don’t want to bother investigating/punishing so they expect the university to do it for them.

It would seem unfair to ban the whole university forever.

I don’t really like Apple, but once in a while they do the right thing. This comes from the App store’s new labels on apps. …


Which Company Uses the Most of Your Data?

A nice table listing the social networks and the personal info they can have access to…

Thunderbird 78 is now available in the arch repos!

Thanks a lot to all the packagers that worked on it! And thanks to everyone that contributes to making such an amazing distro!..

This post from the Signal blog is old (2016) and not about the fediverse (more about Matrix) but the arguments raised seem interesting. …