Are we there yet? >.>

  • 96 Posts
  • 54 Comments
Joined 8M ago
cake
Cake day: Sep 25, 2020

help-circle
rss


NLnet is doing god’s work by funding so many important projects based around decentralization and privacy like Kaidan, Fractal, Lemmy, SearX, Briar, previously the Tor Project and many more current ones.




There goes our chance of finding life on Mars :P


It was mainly for contributors and bug-reporters so that they can create a system quickly and reproduce issues/test things; when archinstall was moved to the repos. I haven’t seen anyone asking support specific to the install script method yet. And the wiki isn’t going away; if anyone doesn’t have a basic grasp of for example partitioning or in need of a customized setup they’ll still need to read it.


Regardless of the criticism Matrix is probably one of the best bets right now of a federated, decentralized real-time communication platform. Yes it gets complicated at the spec/protocol level when one is made to support so many use cases like Twitter,VR,IM,collaborative editing,bridges,bots,integration,video,audio,encryption,multi-device etc. but that is necessary to have a rich,diverse and modern protocol. The criticism is mainly at the specific IRC bridge and the clients. Admittedly the IRC bridge isn’t perfect due to the feature disparity between Matrix and IRC at a protocol level but it has been getting better. And saying that bridge isn’t perfect would be similar to saying IRC or a particular IRC client isn’t perfect.





See here. This is the issue tracking the UI for proxy too. The flag comes from Chromium; you can’t use a http+password proxy though since Chromium doesn’t support that too.


Verification of own/others’ devices is optional; it won’t prompt to setup if you aren’t using something other than Element or an E2EE capable client. Someone might have an account with cross-signing disabled or if it is enabled the new device will show up as unverified then there are chances/edge cases where they can be tricked into verifying that device; this way they’d also have control over encrypted content. Also admins have control over the password+login; they can delete the old one add a new password and it’s hash to the database then login using those and chat using someone else’s account on a public room. These are the reasons why it is always recommended to host one’s own instance or trust the instance you are joining.

This is an example of MITM in case of XMPP; Matrix would be very similar if the person doing it is the server admin.


If anyone is running AMD Stoney they might want to be a bit careful with 5.11 kernels; from 5.11-rc1 to 5.11.8 it gets stuck on loading initial ramdisk. The issue is solved in >=5.11.9.


This is a new low; not surprised though.


You have to trust the instance admin you are joining; the same goes for Lemmy/Mastodon/XMPP. The instance owner can see your IP address, your devices, email etc. They can act on your behalf - so basically they have a fair amount of control over your account. But they cannot see any encrypted content. These issues are a bit hard to solve in case of something like Matrix often at performance costs; same goes for the metadata issue.

If you want to self host you can run a de-federated instance for only personal use or you can run it as a onion hidden service - this way the metadata issue is solved. But note that Synapse is pretty resource intensive.


Matrix clients does support connecting to Tor. For example Quaternion,Mirage has this;Element doesn’t have a UI for it (it is on the roadmap) but you can use it on a browser or on desktop use the cli flag --proxy-server and on Android use Orbot in VPN mode. It also depends on the homeserver whether they allow connecting through Tor or have a policy against that. Multiple accounts too are on the roadmap for Element: on browser you have to use containers or separate profiles; on desktop use the --profile flag.


Too bad DEs like GNOME still carry some xorg and xwayland dependencies; all the applications I use daily are native Wayland compatible … I’d love to use GNOME w/o any X packages. Things will improve a bit after 40 or 41.

If someone’s looking for an alternative to Alacritty check out Tilix - it is native Wayland compatible supports a bunch of features like password storage, keyboard shortcuts, advanced paste dialogues, a quake mode (only in X session) etc. and has themes available. Admittedly it is in maintenance mode since the lead developer stepped down, but it works and receives updates although infrequently.


And they will turn this on by default… …

23


Definitely to the post comments, imo. Sometimes links contain enough ads/trackers/analytics that I don’t even open them and the discussion around it helps to get a good overview and also prevents link rot.



TLDR: Brave sends referral header for crypto websites, they introduced Tor browsing inside the browser but that header was still being sent inside a Tor session along with the file created in config that keeps track of it. He reported, was assigned a CVE and brave fixed it. …





It should be noted that if enough people used Google VPN, it can potentially create the world largest corporate Intranet,

Good point. They are doing this exactly for that and to collect data. They already control 90% of the smartphone market; nothing is stopping them from pushing this VPN preinstalled and the default in all Android devices(*). And by experience most people wouldn’t notice or care the difference between a Google VPN and a non-Google one. This will effectively kill the existing VPN ‘business’. All this while Google can get the data of what people searches under ‘cover’(ie. VPN) and in plain eyes and I’m sure companies are after that kind of data.

(*)Note that they added Wireguard to the Android 12 kernel tree.




The link in the title is a temporary repository by one of the original maintainers dstftw …



Oh oops realised people already said those! :)