Matrix very recently has had e2ee calling since at least last april

I don’t host a server currently, so I can’t fully recommend it without knowledge of the backend, but i’m liking the experience as a user

Just looked at Session, and holy shit is that a massive downside…

From their own whitepaper:

Through the integration of a blockchain network, Session adds a financial requirement for anyone wishing to host a server on the network, and thus participate in Session’s message storage and routing architecture.

So you have to pay to self-host, and that’s somehow an upside???

This staking system provides a defence against Sybil attacks by limiting attackers based on the amount of financial resources they have available.

Which is a fine explanation in a world where everyone has a relatively equal amount of wealth. This is the epitome of dunning-kruger economics: a little knowledge is a dangerous thing.

Firstly, the need for attackers to buy or control Session Tokens to run Session Nodes creates a market feedback loop which increases the cost of acquiring sufficient tokens to run large portions of the network. That is, as the attacker buys or acquires more tokens and stakes them, removing them from the circulating supply, the supply of the Session Token is decreased while the demand from the attacker must be sustained. This causes the price of any remaining Session Tokens to increase, creating an increasing price feedback loop which correlates with the scale of the attack

So the more nodes a single entity holds, the harder it becomes for other entities to buy nodes and break the monopoly? Did you take 3 seconds to think this through???

Secondly, the staking system binds an attacker to their stake, meaning if they are found to be performing active attacks, the underlying value of their stake is likely to decline as users lose trust in the protocol, or could be slashed by the network, increasing the sunk cost for the attacker.

“Assuming every user is a perfectly rational actor, malicious actors would be shunned. This is somehow due to the economic incentive, and not just how humans operate when they’re assumed to be perfectly rational.”

Also: malicious actors when they find out they might lose their money if they get caught: “welp, I better not do that then. Thanks laissez-faire capitalism!”

Jesus christ fucked on a pike, these dipshits really drank the crypto kool-aid, huh?

I did do the 5 minute search, and found his write-up. I said I wouldn’t be surprised to find out it was fabricated, not that it was.

Nobody wants to point out that Alexey Grigorev changes to being named Gregory after 2 paragraphs?

Slop journalism at its sloppiest. I wouldn’t be surprised to find out that this story was entorely fabricated.

Time and again, across years and product categories, Amazon has reached out to its vendors and instructed them to increase retail prices on competitors’ websites, threatening dire consequences if vendors do not comply.

Yes, buying from alternative websites is the bare minimum and the bar is so low it’s underground. But that’s beside the point: Amazon is price fixing across the internet.

Stoat and it’s been mostly fine, but they’re already implementing age verification.

Can you elaborate on this? I can’t find anything about it online

What white paper?

Because privacy is a spectrum, and it makes a good stepping off point for the people that still use text messages and social media chat clients to stay in touch. I can’t convince half of my nerd friends to leave Discord for literally anything less shit, but I can convince even my tech-averse mother to use Signal instead of FaceTime.

A few answers say “they aren’t private by design,” but don’t really go into the “why.” There’s the obvious “it’s an electronic tracking device, duh” reason, but there’s also a more nuanced reason:

Airtags are able to be picked up almost anywhere because they connect to the nearest bluetooth-enabled Apple device, and then send location info across the internet to you. Without this functionality (the ability of any and every Apple device to locate it), they wouldn’t have any way to send their location back to the owner.

Your best “privacy respecting” alternatives are something that uses meshtastic (and hoping there’s enough repeaters near you), something that uses cellular data and GPS (which is about as privacy-respecting as Airtags are), or just a key finder/beeper (which only works within a small radius)

This article was more constructive (suggesting alternatives) than destructive (leveraging critiques), but it did link to several critiques/vulnerabilities with OpenPGP.

Unfortunately, half are about implementation issues (granted, it’s made more difficult to implement something correctly when it’s as convoluted and all-encompassing as PGP)—which are hopefully not applicable to Delta due to their 3rd party, applied cryptography audit—and the rest are obsolesced by the 2024 updates to the standard—RFC 9580, the so-called “crypto-refresh.”

Do you have any critiques that address the current state of the PGP protocol’s security?

The worse the product is, the more desperate they get to shove it in your face. Good products don’t need to pay others to pretend it’s good, you just find out via word-of-mouth or free trials

I couldn’t find any criticiques of OpenPGP aside from LibrePGP’s. Do you have sources I could look into?