• 1 Post
  • 21 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle



  • XMPP is often neglected even though it’s the most secure, private, fast, and reliable framework for end-to-end encrypted messengers.

    This. I studied on how e2ee works in XMPP when I was trying it a few years back. It is absolutely atrocious. I have seen half-assed school projects with better security than most XMPP clients. Largely caused by encryption being bolted on through an extensions of the standard as an afterthought and going throug several revisions. Its usually not even enabled by default.

    Now you may find a good client implementation, I think conversations for android seemd decent, but with everyone using a different client and no way to ensure the other side uses a secure one, there is little point.





  • As I understand it, it is not impossible, just too much effort to register an esim without google services. However, once registered, they are not needed anymore. So one solution is to register the esim on stock android before installing a custom ROM.

    GrapheneOS has an even better solution where you can temporarily install google services in userspace and give them control of the esim module to register an esim and then remove the access and optionally uninstall them.


  • I never tried calyx, but graphene is great for me. As to your two comments:

    1. Graphene has network acess as a standard permission, so you can just deny network access by not giving permission
    2. Yes, graphene intentionally does not ship with anything but barebones apps so you can install the ones you like. I like this approach a lot more than having bloatware I don’t want pre-installed but it is a matter of preference



  • They should also need it in the US. The issue is, that if the tool is in the hands of the cops, there is no way to check who they spied on (and therefore if they had warrant).

    At least if it was executed by a comercial entity, they can check the warrants and be liable if they do it without one. But that is very likely not how it will be implemented. The cops will get the tools to do with as they please.

    As an example, one state in the US (forgot which one) put in a law that requires the police to submit every data search warrant into a public database so that they could be audited by the public. After they compared the contents of the database to number of requests in companies transparency reports, it turned out there were over 5 times as many requests in the state then what was reported in the database, despite reporting being required by law.





  • Quite possibly not. Remember that the admins running lemmy instances have very limited revenue so paying for servers is an issue. Some instances even encourage posting links instead of images to save on cost.

    Videos are in a league of their own when it comes to size and therefore the server power needed. Lemmy probably can’t afford it. Its the price we pay for freedom and no ads. You have to link videos.