this post was submitted on 01 May 2024
643 points (100.0% liked)

196

16601 readers
1972 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 215 points 7 months ago (2 children)

Any tool that calls itself “open source” and uses proprietary encryption that they refuse to let any neutral third party review, should absolutely not be trusted.

[–] [email protected] 137 points 7 months ago (4 children)

It's open standard, not open source

[–] [email protected] 54 points 7 months ago (1 children)

but we need to trust them that the standard is actually implemented

[–] [email protected] 46 points 7 months ago

Yep. Which is why FOSS development and support of FOSS developers is so important

[–] [email protected] 27 points 7 months ago

The definition of words are indeed, critical 👍

[–] [email protected] 9 points 7 months ago

Too many people misunderstand open source and free to use.

[–] [email protected] 8 points 7 months ago

So can I write my own implementation and talk to other people via rcs? If not, then I don't think it deserves being called an open standard

[–] [email protected] 9 points 7 months ago (1 children)

Wonder if maybe there could be some organization that could fill that need. Independent, or a collection of industry vets, who look through the code and say if it’s safe or not. With the assumption details won’t be leaked or something to protect anything actually proprietary?

[–] [email protected] 9 points 7 months ago

there could but it would take cash

or one could make it truly open source for free

[–] [email protected] 105 points 7 months ago (4 children)

Signal > Matrix/Element > RCS > SMS.

iMessage isn't in the equation because it only works on a single platform.

[–] [email protected] 56 points 7 months ago (2 children)

signal protocol is basically the opposite, open source but the company is hostile to 3rd party client development

[–] [email protected] 10 points 7 months ago (1 children)

They can't prevent 3rd party apps, so what's the issue?

[–] [email protected] 22 points 7 months ago (2 children)

From what I understand, they don't want 3rd party apps to use their servers.

[–] [email protected] 30 points 7 months ago (1 children)

Understandable actually. Server maintenance costs money and if a 3rd party chat app; which significantly has more usage than other forms of social media; is trying to connect to the server, they have to handle that traffic too. Remember, it is not just about data size, but also the sheer volume of connection to handle.

I think the solution is just P2P with each peer acting as a relay to the other too. The protocol needs to be designed in such a way that no-one in the middle can reply to send false acknowledgement so as to prevent sybil attack or other attack where a malicious actor is a part of the network.

[–] [email protected] 25 points 7 months ago (1 children)

My point is basically that matrix/element is arguable the much more ethical chat solution because of its openess still with a focus on security.

[–] [email protected] 5 points 7 months ago (1 children)

Right, the rating list is generic, whereas it should be categorized. For example while iMessage is a walled garden, if the list was sorted by ease of use, it should be first, as it’s nearly zero-configuration for the end user and they get encrypted messaging. Matrix would be first on open access (if we weren’t counting SMS), because it’s available on so many platforms and clients. Signal probably wins on security, though I don’t know enough about it to verify that. So on and so forth

[–] [email protected] 8 points 7 months ago (3 children)

For example while iMessage is a walled garden, if the list was sorted by ease of use, it should be first

Should it, though? It requires the user to buy an Apple device.

load more comments (3 replies)
[–] [email protected] 9 points 7 months ago

This is an often repeated piece of misinformation. The developer of gurk-rs, a third party Signal client, has even said this himself. The client presents itself with a completely identifiable name to the Signal servers - the Signal devs can see this and could easily block this client from connecting but they don't. This project has existed for at least 3+ years now.

[–] [email protected] 5 points 7 months ago (5 children)

There's a few clients for Signal, nobody is preventing developers from creating apps; there's Molly, gurk-rs, Axolotl, Flare, signal-cli, Pidgin (with the Signal plugin.

The problem is 3rd party clients don't implement all features because it takes a lot of work and they're created/developed by volunteers - just take a look at Matrix and how many clients support all features or even just group end-to-end encryption (E2EE). Last I checked many third party Matrix clients didn't support encrypted group messages, primarily just Element, the reference client built by the matrix developers. So you have the same problem on Signal that you have on Matrix.

load more comments (5 replies)
[–] [email protected] 21 points 7 months ago (1 children)

Now to convince Grandma to use Signal

[–] [email protected] 29 points 7 months ago (1 children)

We successfully managed. Good times over here.

[–] [email protected] 17 points 7 months ago (2 children)

Meanwhile I can't even get my boomer mom to switch to Google Messages from Samsung Messages because she'd "have to relearn how to use it." Then she just continues to complain that she can't send messages over WiFi, and that when she sends or receives pictures over SMS they get compressed... 💢

[–] [email protected] 5 points 7 months ago

Doesn't Samsung messages support RCS? I know it did at one point. You just had to go into the settings and enable the option.

[–] [email protected] 3 points 7 months ago (4 children)

I had several friends and family switched over, until they killed SMS support like idiots. I now know maybe one or two people using it, and barely use it anymore.

load more comments (4 replies)
[–] [email protected] 13 points 7 months ago (1 children)

Matrix/element > signal > xmpp > telegram > RCS > SMS

[–] [email protected] 9 points 7 months ago (1 children)

I could settle for this but remove telegram as it's not even E2EE by default. It's basically facebook v2.

[–] [email protected] 8 points 7 months ago (1 children)

Guess what? Neither is matrix/element.

load more comments (1 replies)
[–] [email protected] 7 points 7 months ago

Where's the XMPP commenters.. The floodgates will open

[–] [email protected] 24 points 7 months ago (3 children)

disclaimer: i barely know what im talking about here so if any of the language in this post is inaccurate feel free to reach out

[–] [email protected] 27 points 7 months ago* (last edited 7 months ago) (1 children)

It's correct, although I'm surprised that there isn't even a FOSS implementation of the unencrypted part.

Hopefully you made this in GIMP

[–] [email protected] 25 points 7 months ago (1 children)

impgflip.com, with full love to the community GIMP is ass at making memes

[–] aBundleOfFerrets 36 points 7 months ago* (last edited 7 months ago) (3 children)

This meme is just two images and some text, no offense but you could make this using only ffmpeg if you were sufficiently masochistic

[–] [email protected] 32 points 7 months ago

"What photo editing app do you use? Photoshop? GIMP? MS Paint?"

"ffmpeg."

"All hail technomancer Joe, wielder of ffmpeg!"

[–] [email protected] 8 points 7 months ago (1 children)

yeah i could use a hex editor if i wanted but turns out the fasted app workflow is often the best

[–] aBundleOfFerrets 6 points 7 months ago (2 children)

“Fastest workflow” has no bearing here, nobody gives a shit if a task takes exponential time or linear time when the total time is less than three seconds in both cases. You are acting like you are some prodigal graphics designer when the task at hand is the computer artist equivalent of banging two rocks together.

[–] [email protected] 23 points 7 months ago* (last edited 7 months ago) (1 children)

bro ur getting so antagonistic and for what 😭

imgflip is purpose-built for the process i am taking. GIMP takes more than 3 seconds to boot up on my device. there is no competition. stop with the toxic behavior and insults. this was a joke. you make the internet miserable.

[–] aBundleOfFerrets 18 points 7 months ago (1 children)

yeah I got carried away lmao

[–] [email protected] 18 points 7 months ago

thank you for admitting it 😭 just like chill out im here to hang out and have a good time and i hope you are too 🩵

[–] [email protected] 7 points 7 months ago* (last edited 7 months ago)

I couldn't do this in three seconds even with imgflip. I'd say a minute using normal tools, and probably 20 seconds with imgflip.

[–] [email protected] 3 points 7 months ago (1 children)

The ~~whatsapp~~ signal image editor is the best meme creating tool

load more comments (1 replies)
[–] [email protected] 9 points 7 months ago* (last edited 7 months ago) (1 children)

Rcs isn't a open source but an open standard. Two very different things.

Open standard: anyone can use the standard but could be proprietary/closed source

Open source: anyone can edit/review the code and forket it if they want to.

The issue with RCS currently is that Google won't release the API for it on android and only allows Samsung to use it for their app. Another part is that their encryption is based on signal and released a white paper about it.

Now it's understandable why people would distrust Google. But apple is currently trying to add e2ee to the open standard (google also tried in the past but failed).

Mind you the only reason apple is even implementing RCS is because China is forcing them to. Since any new 5g devices must support rcs to be certified in china.

I hope this helps. Also have a android turtle from the blob!

[–] [email protected] 3 points 7 months ago (1 children)

this true, ty for the clarification

ill leave the meme as is (in quotes) since that was the thrust of the propaganda i saw 18 months ago

seems like a term that is intentionally thrown around to make things sound secure and cool when it’s not.

load more comments (1 replies)
[–] [email protected] 8 points 7 months ago (1 children)

I'm not sure I understand it fully either, but what I do know about this topic is certainly disappointing

Typical Google fuckery

[–] [email protected] 3 points 7 months ago (1 children)

"Android is open source"

puts kilos worth of proprietary software into it, so people can still be tracked

load more comments (1 replies)
[–] [email protected] 19 points 7 months ago (3 children)

-switches to signal or Matrix-

load more comments (3 replies)
[–] [email protected] 4 points 7 months ago

So it isn't locked down on Google-approved devices?

load more comments
view more: next ›