Skip Navigation

Soatok Dreamseeker
Soatok Dreamseeker @ Soatok @pawb.social
Posts
32
Comments
25
Joined
2 yr. ago

  • Which is more toxic?

    The one that contains the most aggression.

    Aggression isn't toxicity. The logical consequence of your stance is negative peace, and broken stairs.

    Do most of those strangers know that you are receiving hundreds of requests? They’re strangers, so I’m betting on no.

    Sure they do, because I tell them. The screenshot you posted is proof that I inform them.

    The rest of this is needless language policing.

  • You say you're arguing in favor of less toxicity, but your example was a screenshot of a comment where I asserted my own healthy boundaries (after being needled by hundreds of demands in the form of "what about

    <other app>

    ?" from strangers over the course of months).

    Which is more toxic?

  • Furry @pawb.social

    The Authenticity Drought - Dhole Moments

    Cryptography @ Infosec.pub @infosec.pub

    The Practical Limitations of End-to-End Encryption - Dhole Moments

    Cryptography @ Infosec.pub @infosec.pub

    Post-Quantum Cryptography Is About The Keys You Don’t Play - Dhole Moments

    Furry Technologists @pawb.social

    Opsec and you: how to navigate having things to hide

    cybersecurity @infosec.pub

    On The Insecurity of Telecom Stacks in the Wake of Salt Typhoon - Dhole Moments

    Furry Technologists @pawb.social

    Reviewing the Cryptography Used by Signal - Dhole Moments

    Technology @lemmy.world

    Reviewing the Cryptography Used by Signal - Dhole Moments

  • You're the one that chose to comment on my post lol

  • Hell, even Mullvad uses WireGuard. Your argument is the most confidently incorrect I've seen on Lemmy ever since that one furry shouted over me to recommend Matrix instead of Signal.

  • Wireguard is not a vpn, there is no usable vpns built on wireguard,

    Tailscale

  • Cryptography @ Infosec.pub @infosec.pub

    Reviewing the Cryptography Used by Signal - Dhole Moments

    Furry Technologists @pawb.social

    Hell Is Overconfident Developers Writing Encryption Code - Dhole Moments

    Furry Technologists @pawb.social

    Session Round 2 - Dhole Moments

  • TL;DR from oss-security:

    At a glance, what I found is the following:

    1. Session only uses 128 bits of entropy for Ed25519 keys. This means their ECDLP is at most 64 bits, which is pretty reasonably in the realm of possibility for nation state attackers to exploit.
    2. Session has an Ed25519 verification algorithm that verifies a signature for a message against a public key provided by the message. This is amateur hour.
    3. Session uses an X25519 public key as the symmetric key for AES-GCM as part of their encryption for onion routing.

    Additional gripes about their source code were also included in the blog post.

  • Permanently Deleted

    Jump
  • That's a reasonable thing to dislike about it.

    I dislike that I can't reply to another message with a sticker.

    I also dislike that, despite having admin access, I can't delete abusive messages left in groups for anyone but myself. That makes it unsuitable for building communities.

  • Furry Technologists @pawb.social

    Don’t Use Session (Signal Fork) - Dhole Moments

  • How much can you control the conversation if the entity you are discussing only wants their name published?

    It's not about what they want published. It's about what they don't want published.

    Sure there will be a few GDPR letters and maybe an inquiry by some regulatory body. Satisfyingly annoying to them, but compared to the cost of an advertising campaign; would this not be just a drop in the bucket.

    Advertising campaigns generally don't include OSINT on the people behind it and evidence of their crimes. How does what I published help them increase their revenue or reduce their costs? Everything is ruled by incentives.

  • That sort of comment might be true if I had responded with a shallow, emotional response. Something like "how dare these outrageous motherfuckers claim to 'roast' my hand-crafted artisanal open source beauty with their AI slop!!".

    I didn't do that. I sifted through the public information, assembled a profile of the people behind it, discarded the irrelevant details, and used it to describe their conduct as illegal in the country their business is incorporated in, with enough receipts for anyone else who finds their AI grift to leverage to give them immense amounts of legal and compliance pain. And then I released this all on my furry blog with the keywords that other open source developers would likely to try in a search engine if confronted with their same outrageous behavior.

    Rather than let my outrage make me a useful idiot, I've surveyed the landscape and made sure that I'm controlling the conversation. I'm also keeping the evidence preserved, and not giving them any SEO backlink juice. This all dovetails into how bad their AI is at what it even claimed to be doing.

    If any of this plays into their hands, then they're playing chess on a dimension that the void cannot comprehend, let alone my mortal ass. But I'm willing to wager that the amount of legal anguish my blog post will create for their grift will significantly outweigh any benefit they get from the possible name recognition my blog creates.

  • Yeah, business children is an apt description.

  • Technology @lemmy.world

    Roasted Christmas Spam from Muhu.ai

    Furry Technologists @pawb.social

    The Better Daemons Of Our Profession - Dhole Moments

    Furry @pawb.social

    Furry, Queer, and Lonely - Dhole Moments

  • I honestly don’t see the reason to hope for bluesky to win…

    It was explained in detail in the other post, which was linked to in the section that said what you're referencing.

  • Technology @lemmy.world

    Imagining Private Airspaces for Bluesky

    Furry Technologists @pawb.social

    Beyond Bcrypt - Dhole Moments

    Technology @lemmy.world

    Key Transparency and the Right to be Forgotten - Dhole Moments

    Furry Technologists @pawb.social

    What To Use Instead of PGP - Dhole Moments

    Furry @pawb.social

    Why are furry conventions offering HIV testing to attendees? - Dhole Moments

    Furry Technologists @pawb.social

    The Continued Trajectory of Idiocy in the Tech Industry - Dhole Moments

  • If they actually read the whole thing, including the addendum, there should no longer be any confusion.

    As a rule, I never change titles after pressing Publish.

  • Anyone incapable of reading past the title is not worth listening to

  • The framing is as follows:

    Matrix, OMEMO, whatever.

    If it doesn't have all these properties, it's not a Signal competitor. It's disqualified and everyone should shut the fuck up about it when I'm talking about Signal.

    That's the entire point of this post. That's the entire framing of this post.

    If that's not personally useful, move on to other things.

  • This is a very technology focused view. In any user system, the users themselves have to be a consideration too.

    As I wrote here: https://furry.engineer/@soatok/112883040405408545

    My whole thing is applied cryptography! When I'm discussing what the bar is to qualify as a real competitor to a private messaging app renowned for its security, I'm ONLY TALKING ABOUT CRYPTOGRAPHIC SECURITY.

    This isn't a more broad discussion. This isn't about product or UX decisions, or the Network Effect.

    Those are valid discussions to have, but NOT in reply to this specific post, which was very narrowly scoped to outlining the specific minimum technical requirements other products need to have to even deserve a seat at the table.