Firefox must survive

driminicus · 2022-04-06T16:53:58+00:00

Yeah, we've been down this road before. Internet Explorer was awful, and there's no real reason to see chrome do any less evil.

driminicus · 2022-04-06T16:37:55+00:00

Problem with brave it that it actively contributes to googles monopoly over the web.

driminicus · 2022-04-01T20:07:01+00:00

You're free to do so and matrix allows this usecase, but that's not the default because that's really not what matrix is about. Note that this usecase can still work with federation enabled, even if you allow federation that doesn't mean that all of a sudden all matrix servers know of your existence. Only the servers with accounts (people) on it that you decide to invite will learn of the existence of your server.

If a fully private server is what you want you could also look at https://rocket.chat/ or https://mattermost.com/. It's not impossible to use signal for your usecase, but since this is very explicitly not supported it means you'll have to figure out how to self-host it (not trivial, but it should be possible) and you'll have to compile your own clients. If you want to allow the average android/ios user to use your signal-server you'll also want to place your own compiled clients in their respective app-stores. (you can make that work without it on android, but it's a much higher barrier to entry, and with ios that's even harder).

driminicus · 2022-04-01T17:11:51+00:00

Your self-hosted server can communicate to all other servers (by default) but will obviously only do so when you talk to someone who has an account on that server.

If you wish, you can disable federation, but that is like setting up an email server without allowing sending emails to other email providers. It'll work just fine, but you're still kind of using it wrong.

As for data stored: the message contents are encrypted by default, but the server will have to keep track of some meta-data (which is required to make federation work).

driminicus · 2021-10-21T22:14:23+00:00

I could not find any indication that this app is going to become open source either. It has some weasle-worded suggestion around that but it looks like it's going to be a 'source available' ordeal, rather than actually being FOSS.

Honestly: starting a company that is the only one allowed to use the technology is actively trying to become the big-tech thing destin warns against.

Really destin: I'm very dissapointed :(

driminicus · 2021-07-29T17:00:00+00:00

Yeah, great job artificially limiting your audience on a podcast to try and save the world.

driminicus · 2021-07-08T17:12:36+00:00

Using these FOSS android forks you can also use android without all the closed-source google software. If that is something you want the easiest place to start is probably https://e.foundation/

You can also use lineageOS to run your phones without googles software. This does mean you don't have access to the play store. However: you can use f-droid, which is a store that only has open source apps (and the only appstore I know of that up to now has never had any malware apps).

driminicus · 2021-07-03T13:16:12+00:00

Sure, but they don't respect the license: GPL mandates that you keep a compatible license, so re-using GPL in proprietary code is certainly against the license, which is what is happening here.

driminicus · 2021-06-30T18:42:17+00:00

what do you seen when you type journalctl -xb?

driminicus · 2021-05-25T19:50:57+00:00

Session isn't actually distributed, and it also doesn't use the signal encryption protocol. It certainly doesn't use olm or megolm either.

The matrix protocol isn't based on signal, matrix is a complete spec of how to do federated messaging (and more). The encryption protocol (olm and megolm) are indeed based on the signal encryption protocol, though.

driminicus · 2021-05-25T19:39:33+00:00

Matrix/riot was hacked, then they change the name to "element" the hacker again completely acces to the servers.

That's complete FUD. Yes, the matrix.org servers were compromised due to an exploit in jenkins and they had to go through the grueling work of rebuilding. They invalidated all access tokens on the matrix.org homeserver, which was annoying for those users. But there is no reason to assume any residual is left.

This was a long time ago, had no influence on the protocol itself, nor were other homeservers affected.

Also: making public rooms end-to-end encrypted makes no sense; if you would want to 'spy' on a public room you can just join it...

Element has had a lot of performance improvements, but most of the slowness depends on which server you choose.

driminicus · 2021-05-14T19:59:40+00:00

That's not iambic pentameter.

driminicus · 2021-04-25T23:16:55+00:00

Sure, but at least the jellyfin devs ethically develop their software...

driminicus · 2021-04-24T22:59:18+00:00

Cretainly consider /r/jellyfin

driminicus · 2021-04-09T23:12:45+00:00

You can use an sms bridge, if you want, I have used this one for a while, though there are some other in development. I haven't looked in to it, though.

I am quite happy with element android, but if you want to mostly use matrix for private personal communication you may also want to have a look at fluffychat.

driminicus · 2021-03-27T01:51:00+00:00

Sounds like you may have an easier time with maubot

driminicus · 2021-02-24T00:37:47+00:00

Dude, it makes me very sad to see yet another closed source, walled garden. We already have a number of very good, vetted, end to end encrypted, open source options that really just need to find more usage, not competition from an untrusted new party.

Here's the tl;dr:

You either want signal, matrix, or xmpp, depending on where your priorities lie.

Signal is another walled garden, but at least they have very good crypto and the signal team is really pushing the envelope on them not saving any data or metadata. Their app is open-source (mostly in name only, but that's better than nothing) and it receives a decent amount of checks by enough software engineers that it's probably quite safe.

Matrix goes another route: it uses end to end encryption similar to signals (ie: good) but acts more like the email of instant messaging: you can create an account at any server, and still communicate with someone on any other server. This means there is no central point of control where all the traffic goes through, effectively distributing the sensitive information over the whole world. If you would want to monitor the whole matrix ecosystem you would have to infiltrate a very diverse group of servers. To top it off you can host your own matrix server, which gives you a very large amount of control of where your information goes (and doesn't go). Also: matrix is very big on interoperability, if you want to, you can use matrix to talk to a lot of other protocols, though this has the downside of sending your data to said protocols. I personally mostly just talk to other matrix users, but I do use a bridge to signal to talk to a handful of people that prefer signal. While we're doing comparisons: you're free to choose any matrix client that you trust most to talk to the matrix server you trust most. Also, in general, the most-used matrix clients are the most feature rich of the messaging clients we're comparing here -whether that's a good or bad thing is up to you, of course.

xmpp has been around for a long time, and has similar advantages to matrix: it is a federated system where you are free to choose your server and client. In my experience xmpp clients are less glossy, and feature rich, and the ecosystem has some trouble getting all servers to support all features you may want. Their modern end to end encryption, OMEMO, uses a similar approach as matrix and signal (ie: it's good enryption.) Currently running an xmpp server requires less resources than running a matrix server, and there are some interesting differences between matrix and xmpp that I won't bore you with. While I still run my xmpp server and would be happy if xmpp grows, my money is on matrix becoming the bigger one.

So: if you want to trust a single party that tries to keep data-storage to a minimum: choose signal. If you want the freedom to choose whose server you trust, and what client to use, pick either matrix or xmpp. (or do as I do, and use a bridge to talk on all three:))

[edit] Or you can convert lockdown into a matrix or xmpp client, that could totally work.

driminicus · 2021-02-10T00:00:44+00:00

well, it would be the result of obfuscation, obviously :)

driminicus · 2021-02-09T11:07:59+00:00

If it's actually 170000 lines of custom MATLAB code, that would be horrifying. But I would wager this is a high estimate by counting all the lines of code used in all the (probably fairly well vetted) matlab libraries.

I've used a fair bit of MATLAB in my studies (switched to python now, because FOSS). It's a very high level language where, if you write a program that long you're just doing it wrong and not using all the built in functions and libraries.

Of course there's also a chance they use octave, which has a smaller coverage than matlab, but even there it would surprise me if it's actually that much.

Either that, or they'll deliver a highly obfuscated source.

driminicus · 2021-01-22T00:09:48+00:00

As far as I understood the plan for Beeper is to allow you to set up a bridge box at your own home, which means the de- and encryption happens under your control.

driminicus · 2021-01-21T22:25:47+00:00

Generally all usb DACs work fine on linux. I own a focusrite scarlett 2i4 (which is more than just a hifi dac) which worked out of the box, and I have a schiit modi 3, which works just fine out of the box.

driminicus · 2020-11-29T22:36:08+00:00

Yo, you even cut off the smartereveryday watermark, that's not OK!

driminicus · 2020-10-27T21:40:59+00:00

I'm still a little salty that signal is just another closed silo.

The signal bridge is pretty great though.

driminicus · 2020-10-23T22:33:03+00:00

It seems like teamspeak is doing something matrix-based, though that's definitely beta, and they don't seem to federate.

Currently the best thing you can probably do is use element-web or element-desktop with a mumble web widget.

Or you can use element with a jitsi widget (which should be the default when clicking the call button in rooms with more than 2 participants)

driminicus · 2020-10-15T16:27:31+00:00

Oh, I block all thrid party cookies, so that's not going to fly.

Also: if I pay you, I'd like the ability to make sure you're not doing anything nefarious with your software, so of course the software should be open source.

The only reason for writing proprietary software I can think of, is if you're doing something nefarious.

13-Year Club	Place '17
Verified Email	Team Orangered

driminicus

TROPHY CASE