• 0 Posts
  • 578 Comments
Joined 5 months ago
cake
Cake day: July 15th, 2024

help-circle

    1. Not just that, but also it’s small in description. If you read their papers, they are very easy to understand. I suppose that’s intentional, clarity and simplicity are among the main criteria of anything intended for security.

    2. “A lot of eyes” is overvalued. There are a lot of eyes on every nation-state in history too, you tell me how that works.

    3. It doesn’t matter because of protocol design. They’ve solved very complex problems and have not stopped doing that. E2EE is the wrong buzzword, zero-knowledge is the right one. No, I’m not remotely qualified enough to explain what that is.

    4. Still supply chain attack on clients is the most probable, but not much they can do with it. It’s similar to fearing trojans on user devices. Yes, 3-letter agencies and such most likely will do that, not bother with pressuring Signal developers. And no, there’s not much you can do to defend against a targeted attack, if it’s targeted, then you’ve already bothered people you shouldn’t have.

    5. Well, it’s not as if one could avoid that. It all lies in the area of smart contracts and distributed computing then, and see point 1, right now Signal’s protocol can be in general strokes understood by someone like me. If they make something like that, it won’t be. Everything is a compromise.

    There’s functionally less “trust” here than any messaging application on the planet.

    I think Wire and maybe Session use slightly modified Signal protocol. But Signal itself is the thing, made by people with clear vision of the whole architecture, model, which is not limited to protocols, but also to sociology, human psychology, politics. And they’ve explained literally every architectural decision of theirs in articles.


  • I’m not getting you.

    There’s correspondence, there’s metadata, and there’s phone-ID relationship.

    Signal still protects #1 and #2 better than #3. And the way it works, infrastructure load is much bigger than for most other messaging platforms. So it makes total sense they limit registration somehow .

    I’m not sure I remember by now what I’ve read about Signal protocol, but I think the fact of who messages whom they don’t have, so it’s not just trust.

    ~~Anyway, if you’ve read about 90s’ mixmaster servers for mail, while Signal developers don’t approve of alternative clients, there are libraries and it’s possible to make some kind of a mixmaster bot. ~~

    I’ve left this, because it’s funny as a good illustration of why they don’t want alternative clients, among other things - because I’ve described a voluntary MITM.


  • E2E is only available in one on one chats and is disabled by default.

    Considering that there’s no technical problem with enabling it for all one-on-one chats, this tells a lot.

    Also no E2EE on desktops.

    I hate TG’s UX. It’s atrocious. WhatsApp is the closest to something normal, but imperfect too.

    At least it has an open-source client.

    Chromium is an open-source browser.

    OK, more specifically - what matters is that TG’s protocol is a big ugly target moving fast. So its official client with released sources is in practice the only one. There are things like libpurple plugin and some python TUI client and an emacs one, but they are all lagging behind. And I think they are all using official tdlib.

    This tells something too, that their talk about possibility of alternative clients is of the same kind as their talk about privacy.

    About the network effect - bring your family and friends to Signal one by one. Of course it won’t happen overnight.













  • That text just lists a set of comorbid traits of similar movements.

    It’s vague from author’s viewpoint, but also quite specific as compared to how the word “fascism” is being used today.

    I can agree there are regimes that fit there, but they are small. Nothing mainstream in USA is fascism. Putin’s Russia isn’t fascism. Even Turkey and Azerbaijan are not fascism. They all have fragments and elements of fascism, but that doesn’t mean anything.

    I think everyone is focusing on that mechanism too much, equating it to despotism, tyranny, evil and death. All of these exist very well outside of fascism. That something isn’t fascist doesn’t mean it’s better.

    That essay is about totalitarian regimes with cult of personality, cult of sacrifice and irrational youthful power, hierarchical structure, deification of technology, all that. I also advise you to read his “Foucault’s Pendulum”, a wonderful read, except with my ADHD I haven’t yet finished it. Its atmosphere is focused on literal fascism and its roots, but the atmosphere of Stalinism (which I know better) is not too different.


  • They are not attempting to regulate big tech. They are attempting to use fear of big tech to more easily regulate what they want. Successfully.

    I dunno, is it just me getting older or is our time very similar to Star Wars EU in the Coruscant Nights novels time period? Late Clone Wars, early Empire. After its early period Empire had less and less need to pretend.

    If they wanted to do something about big tech, they would have. Have you seen what Israel did in Gaza and how its NATO allies were all fine with it? Do you think the governments of those countries wouldn’t be just as ruthless if they needed to get big tech to behave?

    The difference that gives them potential to spark riots is the same that made them preferable to random forums for governments. It goes both ways, they can plant their own misinformation and they do. They can sleep well knowing that most of public discourse works in systems where all voices of reason are silenced naturally, which prevents most of threats to them.


  • They are not attempting to regulate big tech. They are attempting to use fear of big tech to more easily regulate what they want. Successfully.

    I dunno, is it just me getting older or is our time very similar to Star Wars EU in the Coruscant Nights novels time period? Late Clone Wars, early Empire. After its early period Empire had less and less need to pretend.

    If they wanted to do something about big tech, they would have. Have you seen what Israel did in Gaza and how its NATO allies were all fine with it? Do you think the governments of those countries wouldn’t be just as ruthless if they needed to get big tech to behave?

    The difference that gives them potential to spark riots is the same that made them preferable to random forums for governments. It goes both ways, they can plant their own misinformation and they do. They can sleep well knowing that most of public discourse works in systems where all voices of reason are silenced naturally, which prevents most of threats to them.