ramenu

joined 3 months ago
[–] [email protected] 19 points 2 months ago (14 children)

When you use a client, you are relying on the client's crypto implementation to be correct. This is only one part of it and there's a lot more to it when it comes to hardening the program. Signal focuses on their desktop and mobile clients and they hire actual security professionals and cryptographers (unlike the charlatans in this thread) to implement it correctly.

Having third party clients would not definitively mean the client is bad, but it most likely would break the security model. Just take a look at Matrix's clients.

[–] [email protected] -2 points 2 months ago (5 children)

Seriously, what are you talking about? The vast majority of people don't want anonymity. Obviously Signal isn't cut out for that! The fact is, most people don't care about anonymity.

And what metadata can you harvest exactly from a UNIX timestamp and phone number? Signal can tell who is communicating to who, but they cannot read your messages.

[–] [email protected] -2 points 2 months ago (18 children)

What? How is this a red flag? Having third party clients is not good for security.

[–] [email protected] 2 points 2 months ago

It's Proton. What do you expect?

[–] [email protected] 7 points 2 months ago

"There are so many things you can do. Don’t accept doing nothing, be a stubborn fuck and do something to alleviate the sadness."

Good words to live by. :)

[–] [email protected] 2 points 2 months ago (4 children)

Speaking of which, Debian users, how safe are distribution upgrades?

[–] [email protected] 2 points 2 months ago

I know. And that's reasonable of course. I'm sure most of us would agree that proprietary blobs are bad. I'm optimistic that firmware will become more open in the future though.

[–] [email protected] 5 points 2 months ago

That's true. I didn't think about that. Thank you. :)

[–] [email protected] 5 points 2 months ago

Sidenote: If you just want a nice web frontend for others to view your Git repositories, you can use cgit instead.

[–] [email protected] 32 points 2 months ago (6 children)

I'm not a fan of GrapheneOS, but the point they bring up here is valid. There is already proprietary firmware on your computer. There's no reason why you shouldn't be updating it to protect yourself from serious exploits. The FSF takes an ideological stance rather than a practical one, unfortunately.

[–] [email protected] 2 points 2 months ago

In contrast to my experience, all the other search engines stink. Google is the only good one. But I suggest using a frontend like Araa if you want privacy.

[–] [email protected] 3 points 2 months ago

For me personally, it was mostly due to programming on Windows was a painful experience. I was using MinGW compilers, which were quite good but I wanted the latest and greatest GCC. The other options were using MSVC or clang, but I believe clang is just a frontend to MSVC (I'm not sure.. please correct me if I'm wrong).

WSL was an option, but I was doing graphics programming at the time. And I needed to upgrade to WSL2 to run GUI applications or something, which required Windows 11. So at some point I got fed up and just thought to myself, why not run the real thing. This is probably one of the few instances where the technical merits of Linux is what actually got me to switch in the first place. I didn't hear anything about software freedom, privacy, or even care about any of those reasons at all when I did the switch.

As a Windows user for a very long time, using it from my childhood, I wouldn't have switched no matter how unethical it was to use Windows if Linux was too difficult to use. So I'm glad that ended up not being the case. :)

view more: ‹ prev next ›