• 0 Posts
  • 69 Comments
Joined 1 year ago
cake
Cake day: July 9th, 2023

help-circle



  • Oof, that sounds rough. Are these the kids got hit hardest by the pandemic lockdowns? If so, maybe there’s a glimmer of hope that this is an aberration and next year will be a bit more 'normal ', if you can get through this year with your sanity intact. It’s got to be rough on the kids too, the ones who aren’t causing trouble must still be struggling to deal with itm and the ones who are just sound desperate.

    I enjoy teaching, or at least, transferring knowledge and experience, I’ll do it to pretty much anyone who sits still long enough, and I’ve been told I’m good at it, but you couldn’t pay me enough to teach a classroom full of kids all day, so you have my respect for that.

    Good luck, and I hope things get better for the kids and teachers everywhere.


  • I enjoy reading dead tree books as much as anyone, and whilest the publisher/distributor can’t take it away, there are plenty of ways you can lose access to them. Fire and flood being the two obvious ones, whereas digital books can be backed up offsite. It’s also easier to carry many books when they’re digital compared to physical.

    For books I care about I try to get both a physical and a (drm free) digital copy for the best of both world.




  • notabot@lemm.eetoLinux@lemmy.mlVPS encryption
    link
    fedilink
    arrow-up
    16
    ·
    2 months ago

    It depends what you want to do with it. If it’s just for storing files/backups then encrypt them before uploading and make sure the key never goes anywhere near the VPS. If it’s for serving up something like a simple website, you probably care more about data integrity than exfiltration, so make sure you have the security, including selinux or equivalent, locked down, and regularly run integrity checks. If it’s for running something interactive, or where data will be generated or downloaded to the machine, you’re out of luck, there’s no even theoretical way of securing that against an adversary with that much access.




  • I agree that them having users’ phone numbers isn’t ideal. There are other identifiers they could use that would work just as well. However, both the client and server are open source, so you can build, at least the client, yourself. If you can content yourself that it does not leak your ID when sending messages, then you don’t need to trust the server as it does not have the information to build a graph of your contacts. Sealed sender seems to have been announced in 2018, so it’s had time to be tested.

    Don’t get me wrong, the fact they require a phone number at all is a huge concern, and the reason I don’t really use it much, but the concern you initially stated was addressed years ago and you can build the client yourself to validate that.


  • You’re correct that if you use the system the way it used to work they can trivially build that connection, but (and I know this is a big assumption) if it does now work the way they say it does, they do not have the information to do that any more as the client doesn’t actually authenticate to the server to send a message. Yes, with some network tracing they could probably still work out that you’re the same client that did login to read messages, and that’s a certainly a concern. I would prefer to see a messaging app that uses cryptographic keys as the only identifiers, and uses different keys for different contact pairs, but given their general architecture it seems they’ve tried to deal with the issue.

    Assuming that you want to use a publicly accessible messaging app, do you have any ideas about how it should be architected? The biggest issue I see is that the client runs on your phone, and unless you’ve compiled it yourself, you can’t know what it’s actually doing.




  • Whilst I absolutely agree it’s correct to be skeptical about it, the ‘sealed sender’ process means they don’t actually know which account sent the message, just which account it should be delivered to. Your client doesn’t even authenticate to send the message.

    Now, I’m just going on what they’ve published on the system, so either I could be completely wrong, or they could be being misleading, but it does look like they’ve tried to address the very issue you’ve been pointing out. Obviously it’d be better if they didn’t have your phone number at all, but this does seem to decouple it in a way that means they can’t build a connection graph.





  • Look, I’m not attacking them over this, as you rightly said, it has plenty of other drawbacks and concerns, I’m just emphasising that Google do have a large degree of influence over them. For instance, Chromium is dropping manifest v2 support, so Brave pretty much has to do the same. They’ve said that, as Chromium has a switch to keep it enabled until June (iirc) they’ve enabled that, but after Chromium drops manifest v2 the most they can do is try to support a subset of it as best they can. The Brave devs may not want to drop support, but Google have decreed it will be dropped, so they end up dropping it and having to put in extra work to keep even a subset working for some period of time.

    If Brave gets even a moderate market share, Google will continue to mess them around like this as they really don’t like people not seeing their adverts.

    Ultimately it’s software, so the Brave devs can do pretty much whatever they want, limited by the available time and money. Google’s influence extends to making that either easier or harder, it much the same way as they influence the Android ecosystem.