Wasn’t this the blog who also got a response from session asking for a PoC and then they replied with (paraphrasing) “well it’s not my job to provide one”?

So everything in that blog post is theoretical at best?

Got proof for that last claim?

I thought their sealed sender feature was meant to prevent exactly this scenario.

They haven’t dropped the requirement, but you have to manually go in and disable that check yourself on the windows 11 installer if you want to install it on a non-tpm 2.0 machine

Basically, it’s a faff that only the techie people will realistically do. Everyone else will just go out and buy new hardware.

Ah yes. I missed that bit. Thanks :)

So if an iPhone gets stolen, would having Find My completely disabled actually be a bad thing if we’re trying to improve device security? I see that’s listed in the article.

Would this affect the ability to use the remote lock & wipe functionality?

What happened afterwards? Did you go off on a self searching quest and come to learn the real you?

No, I don’t think I will

I’ll trust what the cyber security and privacy experts say.

Facebook might know who you’re messaging but that’s also true for Signal.

Signal’s sealed sender does a good job at knowing you’re sending a message, but not who to. All it’ll know on the receiving end is that a message was sent to it.

Of course people have found other methods of identifying this but sealed sender does cover most of the low hanging fruit.

Signal does also purposefully attempt to find ways to not collect any metadata, whilst also making it more difficult for anyone attacking to the servers to find anything. (e.g. ORAM for Secure Enclave operations)

My understanding is that meta used E2EE on your messages themselves, but everything else is up for grabs.

As others have mentioned, the main caveat here is that anti cheat games can work if the developers enable the support.

I’ve been playing dead by daylight very happily for a good few months now on Linux. Apex legends has also got official support for Linux as well.

They watch the horny pokemon things, probably. Rule 34 and all that.

Pulseaudio has been replaced by PipeWire for quite some time in fedora. Since Fedora 34, released in April 2021, apparently.

According to the wiki page, PipeWire originally came about trying to improve video handling on Linux, the same way that pulseaudio improved audio handling.

They then wanted to try and handle audio streams, with the idea of converging use cases for both consumer and professional audio users. Namely, they wanted a single audio system that supported both pulseaudio and JACK, whilst remaining as low latency as possible.

On top of this, because it was a modern reimplementation of audio and video handling in Linux, they designed it to work with Flatpak, and to provide secure methods for screenshotting and screencasting in wayland via the compositors.

(All my info here I just took from the wiki)

It’ll be used by a lot of Linux distributions.

It’s a drop-in replacement to the Pulseaudio and JACK audio systems, with the hopes of making audio handling decent within Linux with as low latency as they can.

Eh, WSL is still enough like Linux that it could be the best option for a lot of people. No risk to the computer being unable to boot whilst still giving you the ability to play with Linux tooling.

And credit where credit’s due: Microsoft details how to do a bare metal install, which is the most likely option to wipe Windows from your machine in the first place.

It wouldn’t surprise me if WhatsApp’s model on this is what the UK government were thinking of with the Online Safety Bill when they tried to enforce a back door in encrypted messengers.

It’s incredible just how much more interesting metadata can be than the actual message contents.

Explaining this to people when they ask why I don’t use WhatsApp is pretty difficult though.

I wouldn’t feel comfortable if I found out that what I thought was just a casual walk down the street mindlessly chatting with a friend turned out to also involve a third party neither of us were aware of tracking all of our movements.

I’ve not seen this before. This is really neat! Thanks for sharing ❤️

I believe this is down to what they define as being end to end encrypted.

It’s no secret that WhatsApp adopted Signal’s encryption protocol just before Meta acquired them, but since it’s all closed source we don’t know if they’ve changed anything since the announcement in 2016 that all forms of communications on WhatsApp are now encrypted and rolled out.

Within WhatsApp’s privacy policy, it’s important to note that they only mention end to end encryption when it comes to your messages. Everything else is apparently “fair game” for collection. Of note, the Usage and Log information point details all the metadata they collect on you automatically, including how you use the service; how long you use the service; your profile info; the groups you’re in; whether you’re online; and the last time you were online, to name a few things.

I guess what I’m trying to say is that technically they are end to end encrypted by definition, and whilst they’ve gone ahead and implemented things such as encrypted backups (that you must enable) to make it harder for them to read your message contents, they can still collect a lot of metadata on every user.

I guess this game just doesn’t exist, but remember that tweet of the guy who had a dream about an open world pirate exploration game with Waluigi in it?

That game.

It’s an email alias service that generates a gibberish albeit unique email which then forwards on any received emails to your specified email inbox.

As far as I can tell there’s no way to link the two together unless you can see where the emails are being forwarded to.

DuckDuckGo offers a similar service (but free), also Proton (simple login) and addy.io (formerly AnonAddy).

Unsure about firefox relay specifically, but I’ve used DuckDuckGo and simple login (after it was acquired by proton) and both have to process the email first before it forwards it onto you. In the case of DDG, they also helpfully strip out any trackers in the email they pick up too.

That’s more point in time location sharing rather than real time.

I see “real time” I think it updates where I am on a map for as long as I’ve specified, similar to what WhatsApp and telegram do.

It’s a feature I’d really like in signal, though.

The one anti-spam module in the server code and… what else is proprietary?

FCM? The thing they need to give android users (with Google play services installed) notifications?