100% agree. Browsers don’t need to, and shouldn’t be reporting all Javascript attributes that make us unique, especially things like canvas.
You can test this out here, but nowadays its rare for any out of the box browser to be anonymous.
Snowden doesn’t even think the NSA is evil:
The lesson of 2013 is not that the NSA is evil. It’s that the path is dangerous. The network path is something that we need to help users get across safely. Our job as technologists, our job as engineers, our job as anybody who cares about the internet in any way, who has any kind of personal or commercial involvement is literally to armor the user, to protect the user and to make it that they can get from one end of the path to the other safely without interference,” he told an auditorium filled with the world’s foremost computer and network engineers at a 2015 meeting of the Internet Engineering Task Force in Prague.
He reaffirmed his view a year later at Fusion’s 2016 Real Future Fair in Oakland, California. “If you want to build a better future, you’re going to have to do it yourself. Politics will take us only so far and if history is any guide, they are the least reliable means of achieving the effective change.… They’re not gonna jump up and protect your rights,” he said. “Technology works differently than law. Technology knows no jurisdiction.”
Snowden is a brave guy in some ways, but even in spite of his leaks, he’s remained a naive US-supremacist libertarian, who evangangelizes tech over political action, defends the OTF, silicon valley, and US-DoD funded crypto tools and privacy apps.
The lesson of 2013 is not that the NSA is evil. It’s that the path is dangerous. The network path is something that we need to help users get across safely. Our job as technologists, our job as engineers, our job as anybody who cares about the internet in any way, who has any kind of personal or commercial involvement is literally to armor the user, to protect the user and to make it that they can get from one end of the path to the other safely without interference,” he told an auditorium filled with the world’s foremost computer and network engineers at a 2015 meeting of the Internet Engineering Task Force in Prague. He reaffirmed his view a year later at Fusion’s 2016 Real Future Fair in Oakland, California. “If you want to build a better future, you’re going to have to do it yourself. Politics will take us only so far and if history is any guide, they are the least reliable means of achieving the effective change.… They’re not gonna jump up and protect your rights,” he said. “Technology works differently than law. Technology knows no jurisdiction.”
Not just lemmy, but every fediverse platform can and should be trying to do better than centralized social media when it comes to mentally harmful / addictive patterns in our apps. I’ve tried to do some things to minimize addiction, but there’s a lot more we could be doing.
If you were to rank the things about lemmy that are most addictive, what would they be? Then we can think of ways to minimize or subvert them, where feasible.
IMO infinite scrolling, seeing the same things over again, and wanting to check like your own content likes / dislikes, are the worst offenders.
I don’t doubt it. Those NSLs would have returned zero information from Signal because, as Signal has repeatedly demonstrated, and I have repeatedly stated, they don’t have any information to share.
Part of the stipulation of NSL’s, is that its illegal to disclose that you’ve been issued one. You are gagged, and you can’t even criticize that gagging publicly, or you will face criminal charges. You can read more about that here: https://www.eff.org/issues/national-security-letters
Not my name, email, birthdate, nothing.
Your phone number is already linked to all that info. I, even as a private person, could type in your phone number right now and get all that information about you in seconds. So you can stop saying “my phone number doesn’t have that information”, because it 100% does. And signal stores it as their primary identifier.
Again, if you really believe what you’re saying, you’ll give me your phone number, and the phone numbers of your friends. If this is a secure identifier, that contains none of the information above, then why not? Put up or shut up.
They still require a phone number to sign up, and its a US domiciled company (5-eyes country), so its inherently unsafe. The obama administration issued an average of 60 national security letters every single day of his administration.
If your answer is “I don’t think signal is giving my phone number to the US government”, then why do you have to “trust” signal to not do that? Actually private chat apps don’t ask for identifying information like phone numbers, then say “trust us”, like apple or something.
That doesn’t make much sense. With a single piece of info, your phone number, I can learn hundreds of things about you. It’s one of the most linkable identifiers out there.
Every chat platform has some sort of unique identifier, other than SimpleX.
Of course, which is why its super-important that the id not be linked to your real identity.
Here’s a test: I’ll give you my matrix id, and you give me your phone number. Deal?
I don’t know enough about grapeneOS to comment on it.
Any signal app forks still have to use signals main servers, so they still got your phone number and identity.
Matrix was originally funded by an Israeli company until it spun off, but unlike signal, it’s entirely open source, self-hostable, and can be run in a private manner. Phone numbers and identifiers are not required, so even if you connect to a malicious server, the most they get is your matrix id, and things you’ve explicitly leaked about your identity.
The most we could say is that specific servers are compromised, but its also possible to host it outside a five-eyes country, unlike signal.
What’s funny is this is pretty out in the open, and ppl don’t realize it. When Yasha Levine criticized signal, the president of Radio Free Asia (a US government propaganda org), sent this out, openly pushing Signal to european internet freedom communities:
Our primary interest is to make sure the extended OTF network and the Internet Freedom community are not spooked by the [Yasha Levine’s] article (no pun intended). Fortunately all the major players in the community are together in Valencia this week - and report out from there indicates they remain comfortable with OTF/RFA.
And I remember you mentioned before, Meredith Whittaker, president of the Signal Foundation, holds interviews with US defense-department think tanks.
I wrote a longer one here: https://dessalines.github.io/essays/why_not_signal.html
The short version is, that it’s a centralized, US hosted service. All of those are subject to National Security Letters, and so are inherently compromised. Even if we accept that the message content is secure, then signal’s reliance on phone numbers (and in the US, a phone number is connected to your real identity and even current address), means that the US government has social connection graphs: everyone who uses signal, who they talk to, and when.
I personally don’t think he did it. He could easily be a grifter trying to take credit for a very popular act. There’s no shortage of those. All you’d need to do:
The altoona cops then forwarded this to the NYPD, who were desperate to pin this on someone, after they messed up and let the shooter slip through their fingers. Out of the all the tips, this was the best one they’d gotten so far, so they’re running with it now.
This also explains why Luigi’s taking credit for some, but not all of the claims the police made (especially about the money he was supposedly carrying).
I read through the whole list, and monero was the only decent privacy recomendation I could find. Everything else was US-hosted. A lot of it was just recommendations from Apple and Google on “privacy” services they offer.
No mention of syncthing, matrix, xmpp, even with sections dedicated to those categories.
Yes, I believe all the messages are in plain text, and it’s up to the server not to log it.
It is possible to e2ee the message content yourself tho.
Edit: it looks like ntfy.sh specifically keeps messages cached in memory for a few hours befor discarding them. https://docs.ntfy.sh/config/
One feature that genuinely is cool that keeps getting better (at least on lots of android models) : battery life and charging speed.
My OnePlus 12r has a 2 day battery life, and can charge from 0-50% in like 10 minutes.
Its so good that I use the 80% max charge setting to preserve the battery for a few extra years.
At this rate I could totally see a future where we can fully charge phones by plugging them in for less than a minute.
I really wanted this, but couldn’t find anything than worked well. I ended up using tasks.org, an open source todo list that has great calendar functionality and syncing, and moved all my calendar events to it.
Even with a dumb phone, they have
So I don’t doubt that they’re at least aggregating message history and selling data/trends about certain topics to advertisers and anyone who will buy it.
Plus if they know that your most contacted person is also texting/searching about certain things, they can safely sell that also and present ads to you based on their interests.