• 0 Posts
  • 13 Comments
Joined 4 years ago
cake
Cake day: March 31st, 2021

help-circle


  • I constantly see this argument but let’s face it, it’s very unlikely that enough people will ever switch to something like Matrix. I like decentralization and the matrix protocol is brilliant, but it brings many problems:

    • Many people will have to care enough to host their own servers (which now is not remotely as common as it should be) otherwise everyone will just use the biggest severs, weakening the advantages of decentralization
    • It’s way harder to implement new features that people care about
    • People are not used to Element’s UI and there aren’t clients good enough to compete with Telegram, Whatsapp or even Signal
    • The performance wouldn’t be as good exept for the biggest servers, causing centralization again
    • If people don’t use it, it becomes useless, which is the same problem other alternatives have. This means that people must want to change naturally to it, meaning clients, ease of use and performance would have to be at least on par with what they’re using at the moment

    On the other hand, Signal:

    • Is very similar to the way Whatsapp works, which is what most people are used to
    • The Android and iOS clients are getting better with time (the desktop client needs to abandon electron but it’s hard with only few developers and it’s a lot of work)
    • The protocol is robust and audited
    • It doesn’t leak metadata, as Matrix does
    • Even if it’s centralized and Signal runs their servers on AWS, the only useful information third parties could gather are timestamps and the recipient of the message, not even the sender
    • It’s easy to jump on Signal, the network of contacts already exists and you wouldn’t need to ask for usernames or email addresses
    • Don’t foget that the clients and the server are open source, and even if the Signal Foundation decides to stop working on Signal, shutting down the services (VERY unlikely), we could fork the projects and bring them back up

    Centralization can be problematic, but if it’s done correctly the pros may outweigh the cons, and in my opinion this is the case for Signal, but I’d happy to be proved wrong in future


  • This makes sense if you have a basic configuration of i3, if you run on i3 many other programs as polybar, rofi, redshift, etc. you’ll find yourself spending way more time recreating something you already have with different software, just to find out that most of the applications you used to run need XWayland to work on sway. I really like the idea, but until applications get a decent support for wayland, I’m sticking with i3 (and I’m really looking forward to switch)




  • AceKat@lemmy.mltoAsklemmy@lemmy.mlHow to share confidential information?
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    edit-2
    3 years ago

    Imho the doubts about signal are legitimate but way too overblown. Signal has sealed sender, so nobody could (easily) know who sent the message, a VERY strong cryptographic protocol and encrypted profile information. Sure, it’s centralized and it collects your phone number when you sign up, but your messages are safe, they are not stored in the cloud and even if they were collected, all the information would be useless thanks to the signal protocol. I understand that the doubts are in good faith but they dismiss every effort made to bring a solid, private messaging app like signal to the general public. You can’t self-host, third-party clients are not officially supported and the service it’s centralized, but that’s a matter of freedom, not privacy. If it makes you feel better you can use matrix, but the problem you’re trying to solve doesn’t exist


  • I agree with you that FLOSS doesn’t mean automatically better and there is no reason to wear a tinfoil hat. You ultimately have to trust someone if you don’t inspect the source code yourself. I was just saying that being revolt centralized and having access to every information isn’t the best design for a discord privacy-respecting alternative, but they do have a good privacy policy, so if you trust they respect it (atm no reason to doubt that) then it will be surely better than discord. Discord does collect chat history though. On discord privacy policy:

    Information You Provide: We collect information from you when you voluntarily provide such information, such as when you register for access to the Services or use certain Services. Information we collect may include but not be limited to username, email address, and any messages, images, transient VOIP data (to enable communication delivery only) or other content you send via the chat feature.

    They don’t say that they sell said information to advertisers (even if they send some data to third parties) and I don’t have seen any report about them getting caught doing that, I’m sorry I assumed. But I admit I get a bit carried away with doubts about companies who offer closed source software to a very large userbase. If there is a chance of making more money, they usually take it.


  • For the same reason facebook is one of the biggest companies in the world. Having access to thousands of users’ chat history is very useful for ad personalization and could be worth a lot of money. To fight this decentalization and encryption are crucial, you can’t trust that they will never use that data for advertisement purposes, maybe introduced in a privacy police change. Solid encryption algorithms are feasable for smaller groups, but as I said, at least DMs could be encrypted


  • Since it doesn’t have any encryption the only advantage I see is the fact that it’s open source and that there won’t be (hopefully) any data collection, but conversations will still be completely unencrypted, which is not that great. Nothing tells me that whenever this revolt’s userbase grows in size, they won’t start collecting data, including every message previously sent. Encryption exists so you don’t have to trust anyone to keep your messages safe, I hope they implement some sort of e2ee protocol at least for DMs



  • Really depends on which extension you actually install. For example using something like ClearURLs has no way of impacting your fingerprint. Telling people that they can’t install extensions in general is deceiving, instead you should just suggest to consider the pros and cons of each one specifying that some are counterproductive.

    For the second part, Bromite is great and I’ve been using it for quite some time, but you have to be aware that using a chromium-based alternative still indirectly depends on google. Using firefox or firefox-based alternatives is the best option