Have strong opinions, but I welcome any civil fact-based discussion.
Mastodon: @BrikoX@freeradical.zone
No audit, no 2FA, no transparency report, limited servers, proprietary clients. There are better options.
There were warrants issued on March 25 to him and his brother, which were ignored.
Instance blocking only hides communities from that instance, but not users.
A good rule of thumb is to never click on links in emails. Always go to the domain manually.
It’s listed as a honorable mention in the article.
I think it more comes down to it not being Discord than people liking it.
Element X (Matrix client). Basically anything that offers F-Droid or open source release will have builds without built-in notifications. Play Store/App Store builds requires using native notification systems.
It was a conscious decision for them not to enforce E2EE by default. https://web.archive.org/web/20211215132539/https://infosec-handbook.eu/articles/xmpp-aitm/
XMPP clients have like 10 different implementations because of that and are not always consistent with each other or even function universally across platforms.
But I’m not an author. That would be @nateb@mastodon.thenewoil.org.
Spoofing just changes the displayed called/sender ID, not the actual number. They would still need real numbers for each account. And they block a lot of VoIP numbers, like most services these days. And getting carrier SIMs or e-SIMs is a not that easy.
No mandatory 2FA as far as I know.
It’s there for a reason. You can’t easily create a spam waves if you need a phone number to create an account. And they added usernames now, so you don’t need to share your phone number with people you want to talk to. It’s just there to create an account and can be hidden after that.
There is Session, that uses UUIDs for names with no phone number requirement, which is basically a fork of Signal with decentralized Loki on top of it.
Not all of them work, and most require some details to create.
That might work in most places, but there are countries that only sell pre-paid cards with ID registration.
It really depends on each person’s threat model. But there are a few things everyone would benefit from. Like VPN, email aliasing, password manager, 2FA/MFA. They don’t have any convenience cost and in most cases make your life easier.
If you are interested in learning more:
If you read the blog post you would know there are 0 mentions of VPNs there. VPNs have very limited purpose, and it’s just a small tool in the arsenal of privacy.
RCS doesn’t support encryption natively. Google only has proprietary encryption for Messages app.
How about the false positives? You want your name permanently associated with child porn because someone fucked up and ruined your life? https://www.eff.org/deeplinks/2022/08/googles-scans-private-photos-led-false-accusations-child-abuse
The whole system is so flawed that it has like 20-25% success rate.
Or how about this system being adopted for anything else? Guns? Abortion? LGBT related issues? Once something gets implemented, it’s there forever and expansion is inevitable. And each subsequent government will use it for their personal agenda.
Shameless promo !databreaches@lemmy.zip
They offer integrated aliases via Proton Pass now.
Only in UK English, US English doesn’t.