Tuta’s trancparency report vs Posteos
machiavellian
- 0 Posts
- 34 Comments
Joined 10 months ago
Cake day: April 4th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
0·1 day agoUnlike most other messengers, Delta Chat apps do not store any metadata about contacts or groups on servers, also not in encrypted form. Instead, all group metadata is end-to-end encrypted and stored on end-user devices, only. Servers can therefore only see:
- the sender and receiver addresses and
- the message size.
By default, the addresses are randomly generated. All other message, contact and group metadata resides in the end-to-end encrypted part of messages.
https://delta.chat/en/help#message-metadata
> Doesn’t store any metadata on servers > Servers still see the sender and reciever and the message size
Explain how this is not contradictory.
Furthermore my original argument on protocol blocking still stands (if almost all communication platforms rely on a widely used protocol, the blocking of which is infeasble, then how is this a feature noone else besides deltachat has).
And as the FAQ brilliantly illustrates, you don’t have to block the mail protocol to inhibit deltachat users from communicating. All you have to do, is just shut down the relays which are crucial to masking your metadata.
Speaking of relays, all they do is transfer the trust. Without using relays you have to trust that normal mail servers wont’t log your activity (they do). With relays you have to trust that the relay operators won’t log your activity.
Perhaps they’ve changed, but last I checked they didn’t allow IMAP/POP3 due to “security concerns”.
Deltachat can’t be considered as private as Signal, SimpleX, Briar, Threema or Cwtch due to the fact that it’s based on the mail protocol. The mail protocol will always leak metadata (who, to whom, where and when) because it could’t function otherwise. And because we live in a world of surveillence, metadata can be oftentimes more valuable than the message itself.
Also saying that deltachat is unblockable because it is based on the mail protocol would be the same as saying that every app utilizing VOIP is unblockable because it uses the TCP/IP stack and blocking it would render the internet unusuable.
An email provider who doesn’t lock you into their ecosystem and doesn’t collaborate with law enforcement without putting up a fight.
I would advise against deleting your account. When you delete your account you also forfeit your username which can then be used to impersonate you. While I’m not sure on the exact math, it would seem logical that having a stagnant account keeps up their costs but doesn’t bring in almost anything resulting in a net loss on an account basis.
22·6 days agoThey just changed the maintainers? What in this thread does not give you confidence?
Why do NFTs make then inherently bad? AFAIK they are not trying to pivot into selling mokey pictures but rather selling prepaid phone cards to cover server costs for large communities. Why is this bad?
DISCLAIMER
I am not a computer security expert, merely a hobbist having read some blogs from people who sounded smart. It is more than probable than I am mistaken in one or more parts of this post.Linux is not more secure than Windows. By default, it’s actually considerably more vulnerable than Windows. Source
In my opinion an antivirus doesn’t really solve your problem. What you actually want is sandboxing, which means restricting user and program privileges. I recommend getting familiar with SELinux (or alternatively AppArmor, although it isn’t nearly as effective) and bubblewrap (or alernatively Firejail, which requires root privileges to run and is thus a bigger threat vector than bubblewrap).
Aside from that just disable any service you aren’t using (like ssh), use a deny-all-allow-some firewall, and verify what you download. If the link says “100% REAL 1 MILLION FREE ROBUX DOWNLOAD CLICK HERE NOW”, then maybe don’t click there.
Because even an antivirus won’t help you if you download malware, which isn’t compiled by skids who lifted the code from some darknet hacker forum. Antivirus isn’t some magical tool which makes your computer inherently more secure. Meaning you can’t offload your responsibilty to a program running with kernel level privileges. Your computer, your responsibilty.
P.S: If you want a more secure computer, I’d recommend a minimal and/or rolling release distro (openSUSE, Arch, Void, Debian) or FreeBSD/OpenBSD (BSD variants mitigate many of Linux’s inherent flaws).
36·3 months ago5 hours? … You have much to learn, padawan.
And it has been audited by an independent auditor. And it doesn’t have user ID’s. And you can have multiple accounts with no effort. And you can selfhost your own servers. And it’s actively developed. And it’s available on all major platforms. And the list of pros goes on.
I have to contend that the founders views don’t align with my own (or with most people on lemmy). But that aside (freedom of speech), I wouldn’t dismiss them simply because “VC bad”. If you want a different perspective, read this.
0·4 months agoI must admit the bars are quite gas. If only Android shaped toolbars like liquid glass.
Will do. Also rereading my first comment I realised that I was perhaps overly negative which was not at all my intention. Apologies.
While your here, I wanted to ask if I missed anything from the article or is my criticism valid?
While I agree with the overall premise, it’s not a great article. The author just quotes facts while drawing no relevant conclusions or wrong conclusions.
The fact that there is fraud in Estonia, like any other country, is, I imagine, due to people being stupid. In my country most fraud cases are grandmas handing off their pensions to randos to help their grandchild escape prison or to help with a super secret government mission to catch thieves. Similar to the classic Nigerian prince schemes. Not once does the author mention how digital ID’s are connected to fraud or how they enabled money laundering.
I hope that the author is just not that great of a writer and not malicious because throwing in scary statistics and names like Palantir without making any conclusion as to how digital ID’s could exarcebate the problem, really feels like fearmongering.
Nevertheless, I quite liked the website design and the extensive quotation of sources.
Holy hell! Didn’t imagine him being that far right. Always thought the accusations were half made-up.
It’s always sad to see promising FOSS projects taint their image with deplorable political views or behaviour (Hyprland, GNU, GrapheneOS, probably some others). Although I believe in freedom of opinion, I draw the line on inciting violence and hatred against minorities. Also, I can’t fathom why he would still use Xitter, when so many better alternatives exist?
Maybe Peergos?