unhrpetby
@unhrpetby@sh.itjust.works
- Comment on matrix is cooked 1 week ago:
…that proved that the algorithms/protocols work.
You can use a perfect algorithm and still be insecure because the implementation was bad. You are trusting the SimpleX Chat devs to a degree.
- Comment on matrix is cooked 1 week ago:
I wouldn’t trust encryption made by anti-vaxer more than…
Important to note: SimpleX Chat has gone through two security audits.
- Comment on matrix is cooked 1 week ago:
The SimpleX Chat is AGPL. If the founder is problematic, one could fork it and avoid reinventing what has already been made.
- Comment on matrix is cooked 1 week ago:
It is forkable if necessary. I do think SimpleX is a great piece of software that shouldn’t be reinvented because of the founder.
- Comment on Bonfire & Guix, a love story -- fishinthecalculator 2 weeks ago:
There was this recent attack to XZ utils, which shows that more attention is needed on the code being merged and compiled.
XZ was made possible largely because there was unaudited binary data. One part as test data in the repo, and the other part within the pre-built releases. Bootstrapping everything from source would have required that these binaries had an auditable source, thus allowing public eyes to review the code and likely stopping the attack.
Pulled from here:
Every unauditable binary also leaves us vulnerable to compiler backdoors as described by Ken Thompson in the 1984 paper Reflections on Trusting Trust and beautifully explained by Carl Dong in his Bitcoin Build System Security talk.
It is therefore equally important that we continue towards our final goal: A Full Source bootstrap; removing all unauditable binary seeds.
- Comment on Sure thing, website, my name is Gabe Newell 5 weeks ago:
…including to minors.
I haven’t seen evidence of this.
Only that Valve doesn’t require an ID to open cases in counterstrike, which makes it easier for a minor to open cases (Which I would consider a massive violation of privacy for them to do, as well as a possible target for data leaks).
- Comment on Elder Scrolls 4 Oblivion's level scaling was a "mistake", says designer, so why is it in the remaster? 1 month ago:
- Comment on No, a pardon does not make the crime legal 2 months ago:
You can’t be pardoned for something you didn’t do.
Sure you can.
Even ignoring stuff like preemptive pardons, a pardon relinquishes you from the Justice System’s punishment. Conviction doesn’t mean you did it.. So there exists the potential for a pardon to be issued for someone that was wrongly convicted.
- Comment on The consequences (of my actions) have been extreme 2 months ago:
Disappearing messages people!
- Comment on What if we called instances providers? 3 months ago:
Discord servers are just groups. Lemmy “instances” are actual separate instances of Lemmy communicating.
- Comment on If r/conservative ever wonders how astroturfing becomes a thing in their highly curated community just look at the quality of stuff that gets elevated. Anyone can write this tripe shit. 3 months ago:
An echo chamber is an echo chamber no matter what color paint you put on the walls.
Echo chambers have varying degrees of harm. They are merely a group of like-minded individuals. This says little of the objective truth of their ideas.
- Comment on [deleted] 3 months ago:
They have also had this issue open for 20 years.
And this amounts to just allowing the user to specify a different directory for Firefox on Linux (~/.mozilla is terrible).
Frankly unacceptable.