Yog-Sothoth @ Supernova1051 @sh.itjust.works

Posts

1

Comments

86

Joined

2 yr. ago

Tesla facilities face wave of attacks as Elon Musk delves into politics

I love good news!

XMPP is more comparable to Signal, yes.

XMPP allows unencrypted messages and leaks metadata - Signal does neither.

Signal does need (yes, need) a phone number, and most people only have one so that is identifiable info.

Signal is basically a privacy enhanced text/SMS/phone replacement. I can give my phone to someone in person and they can immediately start "texting" me on Signal - this is a feature (as well as a con to some people).

This puts it at mostly the same level as some competitors, including WhatsApp which is often advised against.

People advise against Whatsapp because while it uses Signal to encrypt message contents, they take no effort to minimize the collection of metadata - Signal's been compelled by court to present all data it has on its users various times and the only info they have is the day/time you signed up for their services and the last day (not time) one of your clients pinged their servers - Source: https://signal.org/bigbrother/

I have yet to find any other free service that collects this little information and works just as well as a normal non-encrypted messenger. Even Signals sticker packs are end-to-end encrypted - Source: https://signal.org/blog/make-privacy-stick/

Maybe I'm confused, do the DeltaChat and ArcaneChat clients only work with DeltaChat/ArcaneChat servers?

Edit: forgot to mention I can see the sender & recipient addresses (Signal uses sealed sender to minimize this metadata leak). I can also see what time the message was sent, this is the kind of metadata Meta collects through Whatsapp even though they also encrypt message content. It doesn't seem - although maybe it now does - that DeltaChat nor ArcaneChat support key ratcheting, so if someone's intercepting messages they can decrypt all future + past messages. Lastly it doesn't seem either support any kind of protection against attacks from quantum computers. Currently Signal, SimpleX and iMessage are the only clients that do protect you from these kind of attacks.

Also "Minimal metadata" says "no" while there is no personal data at all required to use ArcaneChat, accounts are fully anonymous hence what metadata and from whom?

Unfortunately email wasn never built for privacy. As DeltaChat and ArcaneChat both run on top of email, they suffer from many of the same privacy issues that have existed since the inception of email, over 50 years ago.

https://www.privacyguides.org/en/basics/email-security/

Stephanie Lovins is a piece of shit racist

Just a reminder for anyone not in the know:

While Bluesky is better than Xitter right now, don't forget that it's still a centralized service that has censored - and will continue to censor - content they disagree with. Bluesky Relay servers costs so much to run that it's only financially feasible for big corporations to run them. This forces centralization, although technically can be decentralized, and puts it's end users onto the same path of enshittification that Xitter and other social networks have gone through.

Mastodon, while imperfect, is actually decentralized (including DM's - all Bluesky DMs are centralized amd can be viewed by its admins) and cannot suffer this type of censorship.

While Signal's home base is the US, they are a non profit org that doesn't operate in the same way as for-profit corporations. Also, Signal collects basically zero data so there's no incentive to sell out, and who would want to buy them anyway when they have no data and the server and client are open source.

Matrix is great, but I wouldn't compare it to Signal. I use both for very different purposes.

I've been giving them the benefit of the doubt, but I'm kinda done with them. Anyone have any suggestions for a mail provider? I'm not yet willing to self-host that.

just tell people to join mastodon.social. problem solved

Which is a great workaround but then all your private notes are on Google's servers, accessible to anyone with enough admin rights on their end. All apps should be end-to-end encrypted going into 2025. There's no reason security AND privacy shouldn't be included.

I've never seen constant login reminders, but I've only used it in a browser, and the Android/Window/Linux apps are you seeing it on iOS? Maybe its a bug? If you go to settings in the app and then click "Help and support" > "Report an issue" you can open a github issue. I've had really good success in getting issues resolved.

Anyone able to download & seed this? I'd like to download & help seed when I'm able to get to my PC.

technically yes. they just recently made the sync server open source - https://github.com/streetwriters/notesnook-sync-server - but their documentation for it is still pending.

I've been following their progress for a while and can say that they appear to be following through on all their goals. and are very responsive to issues on GitHub. but don't take my word for it, check out their roadmap to see when they release the self hosting documentation- https://notesnook.com/roadmap/

did you vote? because a lot of people didn't even do that.

I couldn't get work to pay for it so I found a better, cheaper alternative, Notesnook. It's open source (client and sync server), you can publish notes, and it's end-to-end encrypted.

why?

$600?! is this not the budget line? I'm not all that familiar with Apple's lineup.