Notices by rugk (rugk@social.wiuwiu.de), page 3

@gxtony what are "your native apps"?

@gnupropaganda direct link, because nobody wants to type of URLs from images: https://libreplanet.org/wiki/Group:Women%27s_Caucus

@frumble wtf

@frumble @mehdorn plkay, threat model "forgot to lock screen" lasse ich gelten. Das andere geht sowieso nicht: Der UAC-Screen ist extra abgeschirmt, da können keine Skripts laufen

@frumble @mehdorn verstehe den Punkt nicht. Warum wäre es denn besser, nach einem passwort zu fragen?

@flyingcreep @juka sicher die IDE

@beli3ver @fdroidorg Warum sollten sie nicht? Kann es nicht einfach gebuildet werden?

@DC7IA well… yeah… you can also use hashes phone numbers and mails in #Threema e.g. But you don't have to. That was the point.

@martinmuc @frank klar, das war auch meine Antwort auf " ich weiß grad keine andere pingbare IP als die von Google 😂 "

dachte, wenn du Google vermeiden willst

@martinmuc @frank 9.9.9.9 lässt sich leicht merken. Ist von #Quad9 das DNS.

Oder 1.1.1.1, aber das ist auch Cloudflare, da würde ich Quad9 eher nutzen.

@frumble

That said, of course the alternative must be properly maintained etc. But if it is not, people will switch to the original FLOSS implementation. So competition is kinda built-in into FLOSS… 🤔

@frumble hmm, disagree a little.

Actually, if you have good products also FLOSS competition is good. Because an alternative can stil do things differently/better/provide better options etc.

Just see how #bind, that FLOSS monopoly on DNS servers, causes troubles. One vulnerability and everything is gone wrong.

@NHonigdachs @DC7IA AFAIk Wire has a desktop client, so no. (but that is also some web dev thing, so there we have bigger problems than insecure smartphones lol); and Threema, yeah kinda. Although an unofficial desktop implementation exists: https://github.com/blizzard4591/openMittsu/

(though AFAIK they have not yet implemented generating your key pair)

@Dee just fear the AI getting it possible to restore your pixelated images way easier than you think 😜

something like https://letsenhance.io/, but I have seen better, more impressive examples (don't get a link right now)

@raspberry_boy @Dee expected "I am not wearing my skin"

Sure, I also want to get rid of it… 🤔

@Dee looks human

@NHonigdachs @DC7IA (because Threema does the same and hashes these)

@NHonigdachs @DC7IA 2. that is a workaround. (and maybe they'll block these numbers later, like Google does for their sign-up. AFAIK they want an identity to be a phone number.)

1. I know, yes. But phone number hashes are easily brute-forced (because they cannot contain a salt in our case), so that is not-really a protection. And with easy I mean at most some seconds for one number without special setup. The keyspace is just too low.
Even Threema devs acknowledged that and calculated it.