That’s a good point. One of the two biggest weak points of a so-called e2e provider/platform is, the e2e provider itself.
The only true e2e is e.g. Alice does gpg -ea on an offline computer, copy-pastes ascii and sends it to Bob via an online computer, who copy-pastes this ascii to his offline computer and does gpg -d there. Their seckeys are airgapped from the communication channel. Sharing your sec with a provider is especially ridiculous (e.g. Proton). At least that’s what I think.
Bit difficult to keep using it since they killed sms interoperability. I understand the security concerns but if no one uses it, doesn’t really matter does it.
If you were using Signal just for SMS, none of your messages were secure anyway since the SMS protocol itself is not–defeating the purpose of signal. And if you had already convinced people to install Signal by using SMS as a caveat, you can just continue contacting them through the app.
I was able to convince pretty much everyone who matter in my life to install Signal and they all love it because WhatsApp has become too cluttered and spammy.
I can’t get anyone to use it. They should market it as a workaround for the Android/iPhone/PC messaging issues with privacy and security as a bonus, but I don’t know if iPhone users would go for it.
iPhone user and monthly signal donor here. Have been using it since it was available for signal. Have managed to get everyone I care about to install and use it.
I basically made it the only way to message me and get my attention.
I’m not that special, I just care about my friends and I think they might like me enough to do this one thing for me. At least they know they can cut me out of their lives by uninstalling signal.
Actually it does not, sadly. I’ve used it for years (probably five or even more) and ditched it couple months ago when I got angry at it. The main problem is I could not force it to accept MMS on newer android (used to work on my old phone IIRC) which is crucial for my work - because voice mail gets delivered as MMS in my country. Every time I got work phone call that I missed meant voice mail that never got delivered. I got notification that I have MMS, and that I need to allow them, but that’s it. Everything was allowed in the app and in the systsm, still no MMS.
Same. I've been supporting it for some years now, but I'm upping the ante. I have many friends, family, and business associates I've been able to get on Signal. It's a super useful app, and a crucial privacy service. Let's do what we can to keep it going.
Umm, doesn't one have to backup anything one wants to save/ have access to in the future? Aren't upgrades a thing will all software? I'm not sure how this is different for Signal versus any other messaging app. Or any app / client that produces documents, etc?
The process is a bit involved on mobile. Setting up a backup location, using a third party app to sync updates and deletions etc. It could be simplified by integrating with common cloud storage services (the encrypted file)
Also iOS doesn’t have backups at all last I checked. If you lose your phone the messages are toast
Well sure, but encrypted backups are still secure. What’s not secure (or private rather) is someone realizing they can’t have a backup of important chats and going back to Facebook Messenger.
Backups are a thing on Android, and they’re planned for iOS. It just hasn’t happened yet. People can choose what they want to backup and when they want disappearing messages turned on.
does anyone know roughly how much operating costs could be per person? I'd like to donate, but I don't have a whole lot of money. I'd like to at least ensure that I'm covering "my share" so to speak
Signal had 40 million active users in 2021. With 14 million in infra cost, that comes to .35 per user/year. Total expenses are about 33 million, so about .825 per user/year. All in all that seems very reasonable.
Mozilla will want to be API-compatible, but there’s nothing inherent to the API that requires the arbitrary content-blocking limitation that Google put in. So, Mozilla will be API-compatible without adopting this shitty limitation.
Interesting, I didn’t know that, but it doesn’t really change anything about my comment. Mozilla can offer APIs in addition to what Manifest v3 offers, allowing extensions that want to do these things to do them. It’s already the case today, for example, that uBlock Origin makes use of additional APIs for more effective ad blocking on Firefox.
Why would they want to stop? This is their fight against adblockers and on Chromium based browsers it's an effective way so of course they keep pushing. ;)
I don’t want to hear the realistic argumentation of why this is proceeding. I want to live in my fantasy headspace where comments like this can stop superpower megacorps from being assholes…okay? 😅
Many people forgot, many others now think that he is the villain of the story just because he did what he had to do to save his life, a whole lot don't care because 'they have nothing to hide'. For what it's worth, people who actually care about their privacy is a very small minority in pretty much all countries.
Using a public service like proton or firefox for that has the advantage of you blending in with the crowd, i.e. the service doesn’t know who the account belongs to whereas the service knows exactly that it belongs to you because only you have the top level domain.
In theory … in the real world it doesn’t matter too much because noone will hunt you down.
I guess that it’s no more of a hassle than using one email with your own top level domain.
Email hosting is hard for two reasons. The first is that there are too many parts to configure - MTA, MDA, DKIM, RDNS, spam filter, webmail, etc. The viable solution is to use a turnkey solution like mailinabox, mailcow or mailu.
The second problem is deliverability. At the minimum, you will have to ‘warm up’ the server. You will have to send a few dozen mails to others and ask them to mark as not-spam. Even then, a lot of other factors come into play - like the IP address block (for example, mails from AWS always gets blocked), domain name and even the top-level domain - they all influence the spam filter score.
Meanwhile, deliverability with Google and Microsoft (incl google workspace and ms 365) are lost causes. Google sends your mail to the spam folder irrespective of your spamassasin score. They provide no viable solution to this. MS on the other hand just drops mail silently. This isn’t a bug. Both of them are trying to destroy the federated nature of email and consolidate all email business to themselves.
Meanwhile, the big players like fastmail and migadu get better treatment. Especially, migadu is a good choice if you want unlimited aliases.
Finally, talking about aliases. Most services (except migadu) offer only a few aliases. That limitation is not there for selfhosted email. An alternative to aliases is to use + addresses (eg: mybox+bank@mydomain.com). The advantage of this method is that you can make up multiple addresses on the fly (without registering) using a single alias/address. You can use this in combination with a filter like sieve (server-side) or notmuch (client-side) to sort and filter incoming mail.
@tesseract Yea, I was thinking about using aliases and alias providers as a middle-man to send&receive emails to&from providers that are known to be hard to tackle for people self-hosting their email. I understood from the article I linked that setting up an email server and maintaining it is a hassle itself, but I was wondering whether doing what I said above does make things easier for me or if it would be an extra burden.
privacyguides
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.