ᗪIᐯEᖇGEᑎTᕼᗩᖇᗰOᑎIᑕᔕ

Caller in the desert.
My alternative account @carbon_based@sh.itjust.works moderates https://sh.itjust.works/c/neurodivergent.

  • 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: June 5th, 2023

help-circle
  • Via is indeed a wrapper for WebView, and i used it on an old device for its small memory footprint. Then kept using it for some features which the non-Chromium alternatives (Firefox but also Mull) have dumbed away.
    That’s mainly navigation buttons in the address bar, drop-down tab switcher, the ability to export settings and bookmarks (never liked to have yet another “cloud” account that tracks my usage…), and saving webpages for offline use. Among other features such as code and resource-file viewer, network log. – It’s just a a lean and convenient UI.

    Lately, i started to run it together with DuckDuckGo-browser’s tracking protection. That does take care of Via’s own built-in trackers.


  • Privacy means that you can talk/act safely in your own closed-off space while no-one knows what you do. The opposite of private is public.
    Anonymity means that you can safely talk/act in public space while no-one knows who does it. The opposite of anonymous is … identified.

    If you want your talk be private while doing it in public or via an untrusted service, you can use obfuscation/encryption of the content/payload data of your talk (still anyone could receive it and know it’s from you and if they have the key they can decipher it).

    If you want to be anonymous in public space, you have to obfuscate the metadata of your talk (so that no-one knows who said it but anyone can still receive it).

    *And here is a bit of an overlap depending on where we want to draw the boundary of our privacy realm. In some cases, the knowledge about metadata like location and time of a message can be breach privacy while in other cases this is irrelevant.

    You could also do both, meaning you’d have an anonymous appearance in a public/untrusted space, having a conversation with only those people who have the key to your messages. That’s a stunt which is not easily accomplished, as obviously you’ll need a way to let others know how to reach you, and exchange keys (in other words, you’ll have to first make an appointment in private and in a trusted space).

    [wanted to write two sentences, no so much text :-D]



  • All the power that an advertisement network can buy. Especially youtube since it’s owned by google. And advertisers will be happy to have a way of forcing site visitors to run ads/malware or else they will not get served the content.
    It’s similar to certain bank apps refusing to function on Android devices with an unlocked bootloader: you want the convenience of an e-banking application (/ad-driven corporate website)? – Your device (/web browser) “security” must be verified by the “authority” who actually owns your operating system, else you won’t. Everyone* will “be loving” their secure devices, because they “just work”.

    *who is a potential customer buyer and therefore relevant

    Google is trying to use their dominance to actually own the www. The comment/issue section of the github site of the proposal is quite enlightening, if you have the time … especially their reactions on the general dismissal and condemnation of the proposal as unethical.







  • This is true for practically every online service ever.

    Sorry i have to correct this statement. Unless all encryption can be broken one day (which is a different discussion), end-to-end encryption can be seen as private … if both parties can trust each other to keep it so.
    One can see if a service/app does e2ee if they (best) ask you to enter your public key (and only that) which will be shared to others to enable them to encrypt messages to you (such PMs can only get decrypted with your private key which is stored nowhere but on your own devices), and verify signatures done using your privkey. In the second-best case, an application will generate a key pair on your device and instruct you to store away the private key it just generated somewhere safe and protected by a long passphrase because if you lose it your PMs can not be recovered.

    Interestingly, the ActivityPub protocol and IIRC also the Lemmy database have a “public key” field which could be used for e2ee purposes but the functionality is just not implemented.