@freakazoid @tuxicoman @micahflee 2. mainstream crypto is US government grown, and there are unverifiable by the nature of the problem suspicions that they might have built in a one-way backdoor in the crypto by choosing the default parameters (e.g. in the case of Bitcoin using non-standard parameters I think that might be a reason) in use by everyone. This means that with non-diverse crypto, a problem means that everybody is spied on instead of a part. [2/2]

@freakazoid @tuxicoman @micahflee the home grown crypto is made for easy usability (it's much easier on phone hardware) and if it breaks down some time, it can easily be replaced. The problem with well-audited generally known crypto is twofold: 1. if one thing breaks, everything breaks. You want diversity to be able to switch to something not broken yet if something breaks down all of a sudden. [1/2]

@micahflee @tuxicoman @freakazoid true, the same friend of mine that explained the closed source thing told that too.

@Tjeri ekzistas fungoj kiuj manĝas plastaĵojn. ili ne estas tiel teruraj kiel vi imagas, sed nun ni bezonas ektimi pri ili por ke ni ĉesu la venenon de konsumismo kaj materiismo.

My latest trip made me realize that I am more trans that I thought I was. I updated my profile to pangender. Please use any pronounce you are happy about using with me. I am perfectly happy with the genders people assign to me and I am perfectly happy with my body, there is no mismatch at play.

@bob @micahflee @tuxicoman SSB has a kinda in-between approach for private messages. it hides metadata better than the signal plan and it provides less load than bitmessage because it uses network proximity. it is expected in the network that some messages won't reach their destination. bitmessage has better reliability if you don't have an existing social network you can route the private message through. Telegram makes the right trade-offs for a server oriented system.

@freakazoid @tuxicoman @micahflee I don't invest in any ICO. I trust Telegram because it keeps my dear friends in oppressive regions safe.

@micahflee @tuxicoman encrypting metadata is good... the point is that good security makes you not stand out. using those features might make you a target, and figuring out who uses those features is still basically possible.

@micahflee @tuxicoman If that's WebRTC now and that uses an open source implementation I might be out of date and I have to beg for excuses about that.

@micahflee @tuxicoman Adding metadata encryption will lure people into a bigger sense of security that might not be justified, so people take more risks and any spying done on data that is giving itself away will be much more effective. You basically know that security minded people will use it, and might risk their lives doing so.

@micahflee @tuxicoman Another problem about Signal is that it is not very clear in communications about what it protects you from and what not. Insecurity by obscurity, people don't know what will give them away. That's what I mean with security theater: they are technically providing protection and that is tried and works, but people don't understand crypto and security well enough to understand how safe on which parts it actually is.

@micahflee @tuxicoman I agree about bitmessage having terrible UI and other stuff by the way. It's not for mainstream usage. I don't really use it.

@micahflee @tuxicoman client side calling code ("optional functionality") is not open source. this hooks directly into the rest of the code and can be used for spying even if the rest is completely honest. We cannot check on that. Any kind of business model is honestly irrelevant. A billionaire doesn't want payment in money, they are in it for the leverage. And they got Whatsapp. Whatsapp is basically the current business model.

Again, you are probably right that I am paranoia about this...

@mew probably my favorite part of what I know about Undertale. I mostly use Undertale nowadays for the references when people talk about having standards... Although I KNOW they are not talking about spaghetti...

@mew sorry, just have to say to you how cool your Temmie userpic is. can't help.

@tuxicoman @micahflee basically Signal is in the business of security theater, not actual security. and honestly, usually that's good enough, but I don't trust it enough myself. your experience may be different.

@tuxicoman @micahflee
1. Signal has closed source elements and as such cannot be trusted as a whole
2. The whole business model is talking shit about Telegram using buzz words without actually using good security. I don't trust people who rely on black-mouthing.
3. Hiding metadata is a lot harder than they make it out to be, and the only app I trust about that is bitmessage. Study bitmessage and you understand why this metadata hiding stuff is full of shit.

@micahflee stay away from Signal, it's too easy to prove that they are full of shit. Sorry for the harsh words. The article doesn't answer my questions, or essentially it does, confirming my fears.

@bpeel la doloroj de la mondo venas de la daŭra ignorado de la fonto de problemoj. medicina scienco fuŝe funkcias ĉar oni ne serĉas la fonton, sed nur kaŝi la realecon por si mem kaj la resto de la mondo. nia mondo estas materialisma, kaŝema, kaj profunde rompita. kion vi vidas kaj kio dolorigas vin ne estas malbono, sed la disfalo de ĉiamaj maljustecoj. necesas ŝanĝi la vidon, ne la bildon.

Show more

Bonvenon! Malferme al ĉiaj kaj ĉiuj respektemaj esperantistoj.