• 0 Posts
  • 232 Comments
Joined 1 year ago
cake
Cake day: July 1st, 2023

help-circle
  • So yes.

    You think a nearly trillion dollar public company has an internal division that writes malware against flaws in its own software in order to harvest data from its own apps. It does this to gain just a bit more data about people it already has a lot of data on, because why not purposely leave active zero days in your own software, right?

    That is wildly conspiratorial thinking, and honestly plain FUD. It undermines serious, actual privacy issues the company has when you make up wild cabals that are running double secret malware attacks against themselves inside Google.


  • Anduril is Palmers Luckey “smart” missle/border tower company. Palmers Luckey, the alt right billionaire that sold Oculus to Facebook, whose sister is married to child rapist and former attorney general nominee Matt Gaetz. He has deep ties to alt right billionaire Peter theil, the facebook/paypal billionare, that owns the data harvesting/ai company Palentir that Israel uses to target “enemy combatants”.

    Theil is an outspoken monarcist who literally believes in an american king and that women should not be allowed to vote. He was the primary donor to Vance senate campaign, and a large reason he was the VP pick.

    Yes, deeply fucked.









  • That’s a different threat model that verges on “most astonishing corporate espinoage in human history and greatest threat to corporate personhood” possible for Google. It would require thousands if not tens of thousands of Google employees coordinating in utter secrecy to commit an unheard of crime that would be punishable by death in many circumstances.

    If they have backdoored all android phones and are actively exploting them in nefarious ways not explained in their various TOS, then they are exposing themselves to ungodly amounts of legal and regulatory risks.

    I expect no board of directors wants a trillion dollars of company worth to evaporate overnight, and would likely not be okay backdooring literally billions of phones from just a fiduciary standpoint.


  • Its a specific, technical phrase that means one thing only, and yes, googles RCS meets that standard:

    https://support.google.com/messages/answer/10262381?hl=en

    How end-to-end encryption works

    When you use the Google Messages app to send end-to-end encrypted messages, all chats, including their text and any files or media, are encrypted as the data travels between devices. Encryption converts data into scrambled text. The unreadable text can only be decoded with a secret key.

    The secret key is a number that’s:

    Created on your device and the device you message. It exists only on these two devices.

    Not shared with Google, anyone else, or other devices.

    Generated again for each message.

    Deleted from the sender’s device when the encrypted message is created, and deleted from the receiver’s device when the message is decrypted.

    Neither Google or other third parties can read end-to-end encrypted messages because they don’t have the key.

    They have more technical information here if you want to deep dive about the literal implementation.

    You shouldn’t trust any corporation, but needless FUD detracts from their actual issues.


  • The messages are signed by cryptographic keys on the users phones that never leave the device. They are not decryptable in any way by google or anyone else. Thats the very nature of E2EE.

    How end-to-end encryption works

    When you use the Google Messages app to send end-to-end encrypted messages, all chats, including their text and any files or media, are encrypted as the data travels between devices. Encryption converts data into scrambled text. The unreadable text can only be decoded with a secret key.

    The secret key is a number that’s:

    Created on your device and the device you message. It exists only on these two devices.

    Not shared with Google, anyone else, or other devices.

    Generated again for each message.

    Deleted from the sender’s device when the encrypted message is created, and deleted from the receiver’s device when the message is decrypted.

    Neither Google or other third parties can read end-to-end encrypted messages because they don’t have the key.

    They cant fuck with it, at all, by design. That’s the whole point. Even if they created “archived” messages to datamine, all they would have is the noise.





  • That’s a lot of words to say “I was wrong about windows not having built in tooling” but you did include it, so good on you.

    Linux being mainly enthusiasts is a detriment, not a positive. Windows appealing to everyone is something Linux needs to work more towards, and thankfully it slowly is. Bifurcating the different use cases into “no, only enthusiasts over here in linux land and you casuals over on windows” is a problem, not the solution.

    Both OSs can be used for serious or casual purposes. That should be applauded, and the better elements of both should be considered honestly. Making easily rebuffed strawmen about what Windows can or cant do isn’t helpful to anyone.


  • Im sure there are linux users that don’t ever use ssh and would look at you quizzically if you asked them about bash. The fact that linux has built more of an enthusiast community doesn’t change the operating system. I would be entirely wrong if I said you had to install a tightVNC viewer/server to connect to a remote linux system, or install golang to write a simple linux script.

    You should criticize Windows, as it’s woefully user hostile, but do so in a reasonable way. Pretending that it doesn’t have excellent built in tooling doesn’t help your case.


  • I live and work in both worlds, and neither of your examples are true.

    Powershell/cmd line/wmi is pretty deep tooling at this point. Windows being object instead of text based is a different thought process, but it is deeply powerful. Simple one line powershell scripts can do a lot.

    Ssh is also a built in feature now, since Windows 10. You can just enable it, but there are also tons of clients that aren’t mobaxterm like putty/kitty/royal ts/etc. Its also not the primary text interface to work interactively with other windows machines, so it doesn’t have the same importance in the windows world.

    I much prefer linux in general, but it’s best to criticize microsoft for its actual faults, not imaginary ones.