Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://digitalcourage.social/users/f09fa681/statuses/113877501183587221">Lenny (f09fa681@digitalcourage.social)'s status on Thursday, 23-Jan-2025 23:38:57 JST</a><a href="https://digitalcourage.social/@f09fa681" title="f09fa681@digitalcourage.social"><img src="https://gnusocial.jp/avatar/156256-48-20230801110043.webp" width="48" height="48" alt="Lenny" style="position: absolute; left: 0; top: 0;">Lenny</a><div><a href="https://mstdn.social/@rysiek/113868633791655142" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://mstdn.social/@rysiek">@rysiek</a> This is downplaying it way too much for my taste. Let me explain:</p><p>The rough location information is usually only available to servers. Now, even though I prefer zero trust, I would argue that trusting a messenger's server to not give away my rough location is way more reasonable than trusting the person that uploaded the data I'm downloading from the server.</p><p>**But in this case, the person that uploaded the data can extract the location I'm downloading it from.** This is big. It takes metadata to a whole different level.</p><p>I also want to quickly respond to the arguments:</p><p>That very rough radius could actually a pretty big deal in less populated areas. </p><p>The second argument is whataboutism. (And there are definitely apps that are not affected.)</p><p>Kinda agree with the third one though.</p><p>---</p><p>If I were <a href="https://digitalcourage.social/tags/Signal" rel="tag">#Signal</a>, I would turn off the caching mechanism for now and urge <a href="https://digitalcourage.social/tags/Cloudflare" rel="tag">#Cloudflare</a> to rethink their statement. The privacy protection mechanisms are clearly lacking. Cloudflares position is simply not acceptable.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4420667#notice-8672391">In conversation</a><time datetime="2025-01-23T23:38:57+09:00" title="Thursday, 23-Jan-2025 23:38:57 JST">about 7 days ago</time> <span>from <span><a href="https://digitalcourage.social/@f09fa681/113877501183587221" rel="external" title="Sent from digitalcourage.social via ActivityPub">digitalcourage.social</a></span></span><a href="https://digitalcourage.social/@f09fa681/113877501183587221">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Lenny (f09fa681@digitalcourage.social)'s status on Thursday, 23-Jan-2025 23:38:57 JSTLenny
in reply to
- Michał "rysiek" Woźniak · 🇺🇦
@rysiek This is downplaying it way too much for my taste. Let me explain:
The rough location information is usually only available to servers. Now, even though I prefer zero trust, I would argue that trusting a messenger's server to not give away my rough location is way more reasonable than trusting the person that uploaded the data I'm downloading from the server.
**But in this case, the person that uploaded the data can extract the location I'm downloading it from.** This is big. It takes metadata to a whole different level.
I also want to quickly respond to the arguments:
That very rough radius could actually a pretty big deal in less populated areas.
The second argument is whataboutism. (And there are definitely apps that are not affected.)
Kinda agree with the third one though.
---
If I were #Signal, I would turn off the caching mechanism for now and urge #Cloudflare to rethink their statement. The privacy protection mechanisms are clearly lacking. Cloudflares position is simply not acceptable.
In conversationabout 7 days ago from digitalcourage.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice