Notices by Strypey (strypey@mastodon.nzoss.nz), page 116

@clacke group chat is all #JitsiMeet does. The voice/ video uses #WebRTC and their own #VideoBridge software. It's a totally separate thing from the #Jitsi #XMPP client. AFAIK it doesn't support XMPP and if it supports #SIP that's news to me.
@xj9

@wolftune @rbe_expert
Wait, I just realized that person *blocked* me for being ironic. WTF?!?! *sigh* Oh well, no great loss. I can do without their brand of bloody-mindedness in my notifications.

@wolftune @rbe_expert
Wait, I just realized that person *blocked* me for being frustrated with their bloody-mindedness. WTF?!?! *sigh*

@bhaugen #SSB, like any distributed/ #P2P system, is perhaps more structurally resistant to capitalist domination than server-client systems based on publishing stuff to the web. But for many of the same reasons, it's much harder for Jo User to understand and use (and the #fediverse is already harder than #DataFarms). I mean, I haven't figured out how to install an SSB client myself yet ;-)

Just when I thought I knew everything about corporate psychopathy, it turns out there is a thing called #CorporatePedophilia:
https://www.trustedclothes.com/blog/2016/03/08/working-title-sexualization-of-young-girls-in-advertising/2

@bhaugen
> Have capitalists dominated the fediverse yet?

Not yet, but what's stopping them? History makes it clear that relying on the decentralized nature of the protocol is not enough. If we don't want the #fediverse going the way of email (vast majority of users on a handful of #DataFarms), we need ways to ensure that both software development and the deployment of non-capitalist instances are economically sustainable. The point I was making was that #PlatformCoops is one way to do that.

@wolftune am I missing part of the discussion here, or were your last few posts directed at me? Genuinely confused.
@Adoxographer @Adoxographer @rbe_expert

@gentoorebel
> I do not trust [Signal], and I will not exchange sensitive data with it.

So why use it at all? If you're only using it for non-sensitive data, you don't really need an encrypted chat app. It is because you have contacts you want to keep in touch with who refuse to use anything else (#NetworkEffect)?
@noorul

@Ajz (2/2) Google has control only on #Android OEMs that include their app suite. They have no control over, for example, Android devices purchased in China (although these presumably come with other issues). Unlike iOS, most of the code in Android is available to be audited to see if Google is using it to track users, which makes it much less likely they'd try it. Need I go on?

@Ajz
> Google likes to track you much more than Apple does.

Even if you're right (and I'm sceptical), that's not nearly as important as how much control either of these companies has over the hardware of the device and the software on it. Apple = total control, right down to banning apps with #GPL code from their app store. No #FDroid on #iThings. This is the total opposite of #SoftwareFreedom.

@gentoorebel @noorul
This piece sums up most of the problems with Signal quite nicely:
https://drewdevault.com/2018/08/08/Signal.html

@grainloom nope:
> Basic security precautions for non-profits and journalists in the United States, mid-2017.

For activists and journalists, the #5Eyes are a much more dangerous adversary to protect against than random crackers (ask #EdwardSnowden). Besides, there are other apps providing the same kind of #E2EE service as Signal that are not US-based (eg #Wire). Why recommend Signal specifically? It bothers me that this list provides no rationale or evidence to back up its recommendations.

Is #Signal founder Moxie Marlinspike working on creating the US equivalent of #WeChatPay? Is his end game to integrate #MobileCoin into Signal, so that people will start using his app to make online payments, just like people use #WeChat to do the same in China?
https://www.wired.com/story/mobilecoin-cryptocurrency/

BTW I was linked to that guide from @nolan 's blog piece on using a #YubiKey, which is well worth the read:
https://nolanlawson.com/2018/09/15/yubikeys-are-neat/

Use #Signal? Despite the fact that there any *many* good reasons for anyone with important secrets to protect
*not* to do that (US-based, no warrant canary etc), and Moxie has defended aspects of his centralized set-up by saying people shouldn't use it for that?

This "security guide" is mind-boggling. Use #iThings instead of an #Android/Linux device (ideally with a custom ROM), and even instead of a laptop?!? Use #Chrome (not Chromium, *Chrome*) and a #Chromebook?!? #WTF
https://techsolidarity.org/resources/basic_security.htm

New #Disintermedia blog post: 'Concerning Policies and Practices of NZ Government Websites':
https://www.coactivate.org/projects/disintermedia/blog/2019/01/04/concerning-policies-and-practices-of-nz-government-websites/

There's some good advice in here about what *not* to do with passphrase policies for online services, and why, with some potentially helpful references. But ultimately I disagree with a lot of Troy's conclusions, because they're biased by what kind of US makes sense to him, a power user with a high level of security knowledge, not a #JoUser. My favourite approach is what #Medium does; they send a login link to your registered email address instead of storing a password.
https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/

@Adoxographer When you have a single, silver-bullet solution that will solve the whole "corporate environmental catastrophe apparatus" problem, and that doesn't require anyone to do anything different in their day-to-day lives from what they currently do, sign me up!
@rbe_expert @wolftune

@Adoxographer I know for a fact that every person who is "choosing to not eat meat or only ride bikes or whatever" is reducing their carbon footprint *right now*, in ways that are unavoidably part of the overall solution. They are trying to back-paddle as best they know how right now, and as a consequence, anything they say about climate change carries more weight, and anyone they convince to act has some ideas on how to start learning to back-paddle.
@Adoxographer @rbe_expert @wolftune