Conversation
Notices
-
Embed this notice
feld (feld@bikeshed.party)'s status on Wednesday, 12-Jul-2023 23:52:48 JST 
feld
Does Matrix still exist? If so, why? -
Embed this notice
feld (feld@bikeshed.party)'s status on Wednesday, 12-Jul-2023 23:57:15 JST
feld
bloated, slow, amazingly confusing e2ee implementation on-lain ✔ᵛᵉʳᶦᶠᶦᵉᵈ likes this. -
Embed this notice
casey is remote (realcaseyrollins@social.freetalklive.com)'s status on Wednesday, 12-Jul-2023 23:57:16 JST 
casey is remote
@feld What's wrong with #Matrix? Seems like a fine platform to me.
Fediverse Contractor likes this. -
Embed this notice
feld (feld@bikeshed.party)'s status on Wednesday, 12-Jul-2023 23:58:45 JST
feld
the black shield shouldn't even exist
allowing e2ee from multiple devices shouldn't exist
their entire private key syncing situation is *insane* and I will never trust it -
Embed this notice
casey is remote (realcaseyrollins@social.freetalklive.com)'s status on Wednesday, 12-Jul-2023 23:58:46 JST
casey is remote
@feld What's confusing about this
-
Embed this notice
feld (feld@bikeshed.party)'s status on Wednesday, 12-Jul-2023 23:59:25 JST
feld
Because doing it securely is impossible -
Embed this notice
casey is remote (realcaseyrollins@social.freetalklive.com)'s status on Wednesday, 12-Jul-2023 23:59:26 JST
casey is remote
> allowing e2ee from multiple devices shouldn't exist
Why not?
-
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 00:33:37 JST
feld
Because that's why almost no software on the planet does this. It's why HSMs exist in the first place. Private keys must be protected at all costs.
Here's the best attack vector for Matrix:
someone gets your account credentials by one of many different means
they login to Matrix and impersonate you
someone says "hey why aren't you verified? you're not green anymore"
attacker responds "my phone broke, this is my new one sorry I'll approve it when I get home but can you help me with..."
and they'll fucking fall for it. Every time. -
Embed this notice
casey is remote (realcaseyrollins@social.freetalklive.com)'s status on Thursday, 13-Jul-2023 00:33:38 JST
casey is remote
@feld Why do you say that?
-
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 00:52:23 JST
feld
What if everything was magically secure and there was no other possible side channel for extracting your credentials? Not even shoulder surfing?
That fantasy world just doesn't exist -
Embed this notice
casey is remote (realcaseyrollins@social.freetalklive.com)'s status on Thursday, 13-Jul-2023 00:52:24 JST
casey is remote
@feld What if you don't leak your credentials?
-
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 00:54:32 JST
feld
It's hard to beat Telegram's UX, API, speed, and bot integration -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 00:54:33 JST 
Johnny Peligro
FOSS guys really want to try to compete with Messenger/Discord (mostly this one)/Telegram so Matrix is one of the things that people use. I use it too. It more or less works -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 00:55:21 JST
Johnny Peligro
so far me and my friends have had many issues with encryption suddenly not working right. we have both encrypted and unencrypted chats for that reason feld likes this. -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 00:58:27 JST
Johnny Peligro
yup. It's my favorite chat app. sucks that many foss people don't want touch it at all 😭 -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 00:58:27 JST
feld
I have multiple bots on there, built a push notification service for private and work related usage (but work on also messages Discord... but Discord sucks. Half the notifications never arrive at my phone...)
They have the best stickers. They have the best features. Group chats are wonderful, screen sharing works fantastic. It does everything I could want except... code syntax highlighting I guess? -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 01:03:45 JST
feld
and their E2EE implementation is GOOD! It's permanently tied to the device that started the chat.
Steal my account, you'll never get access to my E2EE chats. -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 01:03:46 JST
Johnny Peligro
EXACTLY IT'S FUCKING WONDERFUL. I wonder why no one has tried to copy Telegram rather than keep copying Discord. on-lain ✔ᵛᵉʳᶦᶠᶦᵉᵈ likes this. -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 01:06:36 JST
feld
Nobody with half a brain when it comes to UI/UX ever built an XMPP app. They're all so bad it makes me so sad. -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 01:06:37 JST
Johnny Peligro
wew. I love TG even more. I've noticed that XMPP apps (at least cheogram on android) just blindly accept omemo keys and such lol -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 01:08:20 JST
feld
Well, there's always Trillian... :sigh: -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 01:08:21 JST
Johnny Peligro
they are all terrible ya -
Embed this notice
Mitch Conner (olmitch@shitposter.club)'s status on Thursday, 13-Jul-2023 01:12:32 JST 
Mitch Conner
@mischievoustomato @feld telegram is open source. There is literally nothing stopping anyone from using it for other networks. on-lain ✔ᵛᵉʳᶦᶠᶦᵉᵈ likes this. -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 01:12:32 JST
feld
The server needs to be reverse engineered, but the clients are all open -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 01:13:13 JST
feld
Yes, has existed for a long long time and supports XMPP (among almost everything else that ever existed) -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 01:13:14 JST
Johnny Peligro
huh, this? https://trillian.im/free-instant-messaging/ -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 02:14:05 JST
feld
right, a lot of features are incompatible with E2EE as a concept and also for groups... how the fuck you gonna do E2EE with a group that can have 200,000 members?
To do it right you need to re-encrypt the same message for each member of the group. Suddenly your 1MB gif becomes 200,000MBs that need to be uploaded? (alternatively you upload the image only once but it's encrypted with a unique key, then distribute the *key* to each user -- but still needs to be encrypted with their own pubkey, so it's less data but still insane) -
Embed this notice
Johnny Peligro (mischievoustomato@marsey.moe)'s status on Thursday, 13-Jul-2023 02:14:06 JST
Johnny Peligro
@paulo @feld you sacrifice a lot of features for it -
Embed this notice
paulo (paulo@marsey.moe)'s status on Thursday, 13-Jul-2023 02:14:07 JST 
paulo
glow-esque post :marseyglow2:
if their e2ee is so good why isn't it own by default :marseystare: -
Embed this notice
on-lain ✔ᵛᵉʳᶦᶠᶦᵉᵈ (lain@lain.com)'s status on Thursday, 13-Jul-2023 02:21:28 JST 
on-lain ✔ᵛᵉʳᶦᶠᶦᵉᵈ
@realcaseyrollins @feld some guy wrote a blogpost about it https://blog.soykaf.com/post/encryption/ -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 06:10:46 JST
feld
Some people really love to punish themselves I guess 🤷 -
Embed this notice
PublicLewdness (publiclewdness@freespeechextremist.com)'s status on Thursday, 13-Jul-2023 06:10:47 JST 
PublicLewdness
@feld @mischievoustomato
For me using FOSS options isn't about competing as much as having an option where privacy and security are valued. I have never used Telegram or Discord and I never will. No matter what feature they may have over a FOSS alternative they can't compete where it matters to me. -
Embed this notice
feld (feld@bikeshed.party)'s status on Thursday, 13-Jul-2023 06:23:51 JST
feld
> Telegram 'require' you have an SMS no and use the 'app' on a 'smart phone'
https://www.theverge.com/2022/12/7/23498236/telegram-fragment-phone-number-crypto-verification-monetization -
Embed this notice
charliebrownau (charliebrownau@poa.st)'s status on Thursday, 13-Jul-2023 06:23:52 JST 
charliebrownau
@PublicLewdness @feld @mischievoustomato ((( Discord ))) >>> Mumble
((( Telegram ))) >>> Delta Chat
((( DDG/Google Search/Bing search))) >>> SearX
((( Google Maps))) >>> OpenStreetMap
CEO of Telegram is on board of WEF
Telegram 'require' you have an SMS no and use the 'app' on a 'smart phone'
Lets look at the CEOS of these companies of 'platforms'
Bigtech:-
* Amazon CEO - Andy jassy (Ashkenazi Jew)
* Meta/Fakebook CEO - Mark Zuckerberg (Ashkenazi Jew)
* Whatsapp CEO - Jan Koum (Ashkenazi Jew)
* Instagram CEO - Adam Mosseri (Ashkenazi Jew)
* Alphabet CEO - Larry Page (Ashkenazi Jew)(owns Google)
* Youtube CEO - Susan Wojciki (Asheknazi Jew) (Replaced with Diversity shield in 2023)
* Twitter CEO - Leslie Berland - People & Marketing(Ashkenazi Jew)
* Snapchat CEO - Micheal Lynton (Ashkenazi Jew)
* Reddit Chairman - Steven Newhouse (Ashkenazi Jew)
* Reddit CEO - Steve Huffman (Ashkenazi Jew)
* Tumblr CEO - David Karp (Ashkenazi Jew)
* Discord CEO - Jason Citron (Ashkenazi Jew)
* Twitch CEO - Emmett Shear (Ashkenazi Jew)
* Paypal CEO - Dan Schulman (Ashkenazi Jew)
* Imgur -Alan Schaaf (Ashkenazi Jew)
Alt Tech :-
* ODYSEE CEO ((( Jeremy Kauffman )))- (Ashkenazi Jew)
* Rumble CEO ((( Chris Pavlovski ))) -(Ashkenazi Jew)
* Gettr - Jason Miller - (Ashkenazi Jew)
* DDG CEO - Gabriel Weinberg (Ashkenazi Jew)
* Signal - Moxie Marlinspike (Ashkenazi Jew)(Resigned Jan 2022)
Gig Economy:-
* ETSY CEO - Josh Silverman (Ashkenazi Jew)
* AirBnB CEO - Brain Chesky (Ashkenazi Jew)
* Uber Founder CEO - Travis Kalanick (Ashkenazi Jew)
-
Embed this notice
All GNU social JP content and data are available under the