fwiw, besides the “Proton’s Free plan now offers up to […] after completing certain tasks.” post earlier, i also just deleted some adverinfonewstainment tutanota spam blogpost ("Chat Control May Finally Be Dead: European Court Rules That Weakening Encryption Is Illegal") from this community.

tutanota is just like protonmail except there is more evidence indicating that they are primarily a honeypot for privacy-seeking rubes (as opposed to protonmail where it is maybe only obvious to people knowledgeable about the history of the privacy industry).

People should be skeptical of anyone selling a service involving cryptography software which has nearly no conceivable purpose except for to protect against the entity delivering the software. Especially if they re-deliver the software to you every time you use it, via a practically-impossible-to-audit channel, and require you to identify yourself before re-receiving it (as almost any browser-based e2ee software which doesn’t require installing any software does, due to the current web architecture).

If you think this kind of perfect-for-targeted-exploitation architecture isn’t regularly used for targeted exploitation… well, you’re mistaken. In the web context specifically, it has been happening since the 90s.

imo this community should not tolerate advertising (or other posts who’s purpose is to encourage using/purchasing) this type of deceptively-marketed service.

almost every proprietary thing, including windows and macos, has some open source components.

https://simplex.chat/ is probably the best option today

ProtonMail’s encryption system isn’t particularly useful

Anil Dash is posting on threads?! lmao 🤡

Briar has even fewer N/As than SimpleX and all greens otherwise. Second column in the table.

I haven’t reviewed this thoroughly but I can see that there are a lot of attributes that could be added to this table in regards to metadata protection against various parties, including revealing online presence to servers and contacts (which is a place where briar falls short).

This is worthy of a more usable interface than this spreadsheet widget.

It took me a fair bit of scrolling to identify which attributes each of the six purple “N/A” values for SimpleX are, but now that I have I agree they’re accurate (though I think there is an argument to be made for just writing a green “no” for each of them).

It is noteworthy that SimpleX is currently the only one of these (currently 34) messengers to not have a single red or yellow cell in its column. well done, @epoberezkin@lemmy.ml! 😀

edit: istm that SimpleX (along with several other things) getting a “no” in the “can hand IP address to the police” row is not really accurate. SimpleX does better than many things here in that they don’t have a lot of other info to give to the police along with the IP, but, if Bob has their phone seized (or remotely compromised) and then the police reading Alice and Bob’s messages from Bob’s phone want to know Alice’s IP address… they can compel a server operator to give it to them. (And it is the same for a user who posts a SimpleX contact link publicly.)

There is a version of VLC for the Nvidia Shield, but it has a somewhat irritating UI and I don’t know if it can actually read the menus like the desktop version can.

It’s possible that it had some vulnerability which was automatically exploited by one of her majesty’s secret services (perhaps with help from their US counterparts) to make it a component of their covert infrastructure.

(The onlt client that implements material you in a fun and usable way, sync is usable one-handed)

Touchscreen keyboards and their consequences have been a disaster for the human race.

i am against paying for DRM streaming services, and i boycott apple products, but i must say this is an impressive hacking effort and a well-executed meme about it. 🥂

Sure, fuck WhatsApp, but Telegram isn’t even end-to-end encrypted most of the time. Their group chats never are, and their “secret chat” encryption for non-group chats must be explicitly enabled and hardly ever is because it disables some features. And when it is encrypted, it’s with some dubious nonstandard cryptography.

It’s also pseudo open source; they do publish source code once in a while but it never corresponds to the binaries that nearly everyone actually uses.

And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯

State-sponsored exploits against WhatsApp might be more common than against Telegram, or at least we hear about them more, but it’s not because the app is more vulnerable: it’s because governments don’t need to compromise the endpoint to read your Telegram messages: they can just add a new device to your account with an SMS and see everything.

(╯° °）╯︵ ┻━┻

Anything claiming to prioritize privacy yet asking for your phone number (Telegram, WhatsApp, Signal, …) is a farce.

cloudflare’s service puts them in the middle - so, HTTPS doesn’t encrypt traffic between the browser and your server anymore, but instead between the browser and CF, and then (separately) between CF and your server. CF is an antidote to intelligence agencies’ problem of losing visibility when most of the web switched to HTTPS a decade ago.

cloudflare is an intelligence company who’s flagship product involves them mitming your TLS.

why bother self-hosting, if you do it from behind cloudflare?

the upcoming release of Lemmy, v0.19 (which as of two weeks ago is planned for release “within the next weeks”) includes among its many improvements this PR: Adding a scaled sort, to boost smaller communities. Hopefully that helps!

canada rn:

You call that a TTY? This is a TTY:

smdh at kids today with their fancy emoji-having terminal emulators

The current link in this post goes to a year-old story about the online translation feature… here is the same site’s coverage of this week’s news - which is that there is now offline translation support: https://www.ghacks.net/2022/05/30/firefox-translations-firefoxs-offline-translate-feature-is-making-progress/ (i assume this is what OP actually meant to post). (edit: OP fixed the post’s link)

Here is a web page that loads their wasm translation engline and does the actual translation offline (and it does work in the stable release of Firefox). It’s irritating that the extension still requires a nightly firefox build, as I’d like to use it in my daily browsing but I don’t want to use nightly all the time.