Notices by Simon Müller :ablobcatcoffee: (cyrus@wetdry.world)

@Blort

Just note that "your metadata" actually extends to less things than any XMPP and Matrix homeserver can see.

Signal knows your number, when you last connected, whether your account should be discoverable by phone # , how many devices you have linked, when you created your account, and whether anyone can use sealed sender or not.

If for some reason a message doesn't arrive, they store the encrypted data until it can be sent.

Meanwhile your average matrix homeserver has a full copy of chat history and more (including any other homeserver in a room) not including encrypted contents but including:

• room participants
• timestamps for messages and other events
• unencrypted events (join, leave, invite, settings changes, avatar change)
• your avatar, name, MXID/username
• associated E-Mails
• SSO Origin (e.g what you used to login, if not just username+password)
• Media (encrypted, but kept indefinitely due to design oversight)
• Reactions (unencrypted due to design oversight)
• Any and all account settings (notifications, preferences and more)
• Full list of devices including reported names
• all rooms you're in
• all spaces you're in
• any custom settings your client adds to your account data

For XMPP, its much of the same.

reminder that "AI Art" is not art but just a statistical model regurgitating stolen content to you whilst drawing the approximate power and water of a small city

#AiArt (so that all of YOU out there see this too. Yes I am mad.)

muted the post in advance, feeling good

@tokyo_0 honestly, cut it down to "respectfully, whoever thought requiring JS for news was a good idea, reconsider your life choices"

@FinchHaven @tokyo_0 ...can you opt out of the fucking CTRL+C button combination?

@FinchHaven @tokyo_0 uh, this is not some mega exploit to magically post as someone else this just copies the content (like yknow, CTRL+C) and opens a new editor and pastes it (like yknow, CTRL+V)

@tokyo_0 if that was a private post, yes.

@tokyo_0 yeap, that's the way it is from what I know :P

@tokyo_0

By the nature of federated software, a post that gets federated to another server doesn't have to be respected.

If I delete a post, and that deletion federates to another instance, that instance could be malicious and not respect my deletion request.

@darl sent me this, idk the original source

@blakespot reminder that there is no "cookie banner law"; Companies interpreted the GDPR in this way to implement dark patterns to get people to consent

@dansup I was kind of hoping for reproducible builds down the line, with a setup like this that won't be happening sadly :/

hey @dansup ! 👋

I was wondering, and probably many others too, how is the Sup project going?

End-To-End-Encrypted DMs for the Fediverse is probably still highly desired, and seeing it implemented and actually working would be a really awesome sight

I don't want to pressure you, I just couldn't find anything regarding the projects' status on your page, and I don't have Full-Text Search on my instance either 🙃

@aral @intelgraphy well, proprietary in of itself doesn't say anything about privacy, but a lack of freedom.

@intelgraphy a KaiOS device may be what you're looking for, I haven't looked into KaiOS privacy however

@Polychrome those sounds manifested in my brain

@MediaActivist I was thinking something more elaborate, but I wanna think about it's structure and how to contribute first

Like, I have this page but it's been outdated for a bit (as in, I haven't touched it and some of the things in here don't hold true anymore)

@MediaActivist https://privsec.dev?

Not as much about recommendations as it is knowledge, but...I guess this is the best right now?

I'd love to work on my own privacy resources, though 🤔

@xyhhx we need more unique reasons fedi instances shut down