…that proved that the algorithms/protocols work.
You can use a perfect algorithm and still be insecure because the implementation was bad. You are trusting the SimpleX Chat devs to a degree.
- 0 Posts
- 45 Comments
Joined 5 months ago
Cake day: February 17th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I wouldn’t trust encryption made by anti-vaxer more than…
Important to note: SimpleX Chat has gone through two security audits.
The SimpleX Chat is AGPL. If the founder is problematic, one can fork it and avoid reinventing what has already been made.
It is forkable if necessary. I do think SimpleX is a great piece of software that shouldn’t be reinvented because of the founder.
21·24 days agoThere is a fairly all-or-nothing-security group of people within the GrapheneOS community. They will defend using a Google device on the claim of enhanced security.
Security is nice, but I’ll take a hit to security if it means I get to support the growth of an ecosystem that respects the user.
Malware would explicitly have to be executing a terminal for a window to popup. They can just call a shell directly.
7·1 month agoSame could’ve once been said about a free OS like Linux. Now it is absolutely possible, with the downsides shrinking bit by bit.
The goal of 100% free is one I support. And these people are working to make it possible.
2·2 months ago…including to minors.
I haven’t seen evidence of this.
Only that Valve doesn’t require an ID to open cases in counterstrike, which makes it easier for a minor to open cases (Which I would consider a massive violation of privacy for them to do, as well as a tasty target for data leaks).
I wouldn’t call not adding ID checks “pushing” gambling to minors
Simple solution is to use
cryptsetupto encrypt it, forget the key, and optionally overwrite the first megabyte or so of the disk (where the LUKS header is).
Sounds like flatpaks/appimages with extra steps.
I’m fairly sure the complexity of flatpak/appimage solutions are far more than the static linking of a binary (at least on non-glibc systems). Its often a single flag (Ex:
-static) that builds the DLLs into the binary, not a whole container and namespace.
The question should by why you’d want to.
Because the application working is more important than the downsides in my case. Its quite useful for an application which hasn’t been updated in a long time, will never receive updates again, or doesn’t work in my nonstandard environment.
I have had older applications fail to function due to DLL hell.
22·2 months agoWe’re using the definition differently. There is nothing left to discuss.
Miranda is required by law
Irrelevant to the point. I was pointing out the value proposition. Certain things exist for a minority of people. I view the 'reason why" as valuable, even if only a minority care about it.
They don’t have to explain anything to you
Correct. We wont do business if one cannot give an explanation. One can write in the privacy policy that they collect all sorts of private information, but the kicker, for me, is often why.
The vast majority of people who run into the Anubis setup will have no fucking clue what any of it means, nor give a shit about it. They just want to get to the content.
One doesn’t have to care about the Miranda warning, but its still read off to someone in case they do.
From my experience a user account usually needs to be in the “wheel” group to elevate privileges through sudo. So try that.
Its their responsibility to make clear the reason they require it.
Something like Anubis does it well by adding a “Why am I seeing this?” section to their JavaScript challenge.
You are seeing this because the administrator …
Anubis is a compromise. Anubis uses a Proof-of-Work scheme in …
Ultimately, this is a hack whose real purpose is to give a “good enough” placeholder solution so that more time can be spent on …
Please note that Anubis requires the use of modern JavaScript features that plugins like …
Sadly, you must enable JavaScript to get past this challenge. This is required because AI companies have …
If you require something, such as an account, to view the content. Simply add why.
Simply: Do the protections against someone taking your computer and installing a malicious program before/as your OS, or a program that has attained root on your machine and installs itself before/as your OS, matter enough to you to justify the increased risk of being locked out of your machine and the effort to set it up and understand it.
If you don’t understand and don’t want to put in the effort to, then my advice would be to leave it off. Its simple, and the likelihood it saves you is probably very miniscule.
A threat model in which you don’t trust the Linux Foundation and volunteers but do trust Microsoft.
Its all about what you want to protect. If a security breach is worse for you on Linux than it is on Windows because of which party has the data, then for you, Windows might be more secure.
Some people get confused because they think there is some objective measurable security rating one can apply to a system for every person. There isn’t. We may use the same systems but have different threat models and thus rate the security different.
I am very intelligent.