- 18 Posts
- 145 Comments
Matrix stores all this info and gives it freely to other servers retroactively(!)
Can you show me the part of the spec that allows a server with no room members to get private room info from another server? I’m skeptical, but if true, I believe that would be worth reporting as a bug.
network layer sniffing (which is anyway much harder to do)
You’re funny.
The network layer of all internet servers reveals almost everything you listed. Signal has the same problem, and there’s nothing they can do about that. The only way to avoid it is to use a completely peer-to-peer model (Matrix has started work on this, btw) and avoid communicating across network routes that can be monitored.
There might be one exception, depending on what you mean by “Accounts”: The user IDs participating in a room can be seen by server operators and room members. But then again, server operators can already see their users’ IP addresses (which is arguably more sensitive than a user ID), and I believe room members have to be allowed into the room in order to see them. For most of us, that’s fine. Far from a disaster.
Human behavior is funny, isn’t it? No matter what the topic, there are always people around who like to repeat criticism they heard from someone else, even if it’s so vague as to be useless (“metadata disaster”) or they don’t understand the details at all.
It’s not a disaster. A few minor bits of metadata (avatars and reactions, IIRC) haven’t been moved into the encrypted part of the protocol yet. If that’s a problem for your use case, then you might want to choose a platform with different flaws, or simply avoid those features. It’s already good enough for the needs of many privacy-minded folks, though, and it continues to get better.
I couldn’t bring myself to watch more than half of this.
tl;dr: This video is a misleading, sensationalist, bad-fath, hit piece. It’s constructed upon faulty logic, fear of things used or supported by governments, and a single anonymous person’s poorly-reasoned conclusions.
3·5 days agoNot a Google fan, huh?
Maybe a pool of big corp captive portal / connectivity test servers? For example:
20·7 days ago6 ≠ 16
v ≠ o
12·9 days agoI’m on Debian Stable (with a few backported packages) for both work and gaming. It’s not the most beginner-friendly distro, but I’m no beginner, and I love how low-maintenance it is. It just keeps on working.
I would like to try Qubes OS eventually. I don’t think it will be ready for gaming any time soon, but for privacy and security-minded isolation of components, I expect it’s tough to beat.
I don’t like closed systems, vendor lock-in, overpriced tools, or buying equipment that I’ll never truly own.
Reminds me of the Apple version of Karateka, which did something special if you inserted the floppy disk upside down.
https://www.theverge.com/2021/7/5/22564151/karateka-apple-ii-upside-down-easter-egg
Sadly, many motherboards don’t have POST code displays.
Their download page doesn’t make this clear: Molly is not on F-Droid.
Instead, the Molly project hosts an F-Droid-compatible repository, which you can configure your F-Droid client to use in addition to / instead of the F-Droid repository. If you do this, the downloaded software will come directly from the Molly developers, not from F-Droid.
Some people avoid this because it loses a layer of oversight. Others prefer it because it avoids a potential attack vector. You’ll have to decide for yourself whether it’s something you want to do.
In principle, one could probably do this to a rooted phone by removing all the Google apps, and all the Google services, and giving up the other apps and services that depend on them. It would be a nontrivial task, and the steps would likely be different for each phone model (and possibly each OS version). I don’t know of a project that does this successfully. You might try searching xdaforums.com for someone who has done it.
However, I wouldn’t depend on Google services staying disabled when Google still controls the OS.
IMHO, it’s safer and easier to replace the entire OS.
The Xperia phones are often horrendously locked down
Not really, at least when compared to most other brands. I’ve had three or four different Xperia models, and unlocked the bootloader on every one of them using official Sony tools. They even have official open-source software archives, which are very helpful to people who build de-googled “ROMs”.
The one thing that has been especially locked down is the TA partition, which contains DRM keys used for Sony’s proprietary apps. It’s not needed for an open-source OS like LineageOS.
For this phone specifically, it looks like official LineageOS support is already underway, despite it being a fairly new model:
https://wiki.lineageos.org/devices/pdx234/
I would definitely recommend a Pixel device if you’re going to go De-Googling.
Pixels do have unusually good support for user-installed OS, but the irony here is that you can’t truly de-google them, because no OS will change the fact that Google controls the hardware and firmware.
No, I would not say that.
I used XMPP in the past, but long-lived public server support is almost nonexistent these days, and proper setup/maintenance requires too much tech skill for the general public. Also, it lacks modern features that many people have come to expect. I would only suggest it for small groups, and only if you can run your own server and provide tech support.
For my needs, Matrix is the best available today. It covers the things that I find most important, and is constantly improving.
There is no best, because none of them cover every use case or threat model. However, these are worth considering:
- Matrix, if you don’t mind minor meta-data leaks (reactions and avatars have not yet been moved to the encrypted channel, IIRC).
- XMPP with OMEMO, if all your contacts are technically skilled enough to manage the requisite clients, servers, and protocol extensions, or if they have a skilled admin to do it for them.
- Signal, if you don’t mind linking a phone number to your account, can tolerate an ecosystem effectively married to Google, and accept the risks of a centralized service that can be attacked or shut down by someone with the right access or influence.
In situations where your safety depends on anonymity from the powerful or well-connected, I would instead look for a messaging system tailored for such things. (It would, of course, require giving up some convenient features that most of us expect from a general-purpose chat platform.)
22·20 days agoNeat. I just hope it can be disabled to save power.
A more charitable reading might detect irony in that comment. Their intent might not have been victim-blaming.
You can, but that doesn’t solve the privacy problem, since all the aliases on your custom domain correlate to the same person (or small group of people) and can therefore be used for tracking.
Well then, your assertion that Matrix gives it freely is false.
This is false, too. Historical event visibility is controlled by a room setting. (And if you don’t trust admins of a sensitive room to configure for privacy, then you’re going to have bigger problems, no matter what platform it’s on.)
Edit: I suppose you might argue that you can bypass this by running your own homeserver and attempting to join the room from it, thereby granting visibility not through joining (as you wrote), but instead through federation with the server you control. The thing is, you can’t do it without permission. Room admins can simply deny your join request when they see what server you’re on. This might make sense in a particularly sensitive room, for example, just as it would to restrict history visibility.
LARPing? I’m not the one stirring up drama with falsehoods and patronizing snark, am I? Farewell.