It’s not about being pixel specific. They built high security OS that uses HW components to deliver that high security. It can’t be delivered without them. These components are not google patented nor does GrapheneOS demands they use the exact pixel ones. GrapheneOS just refuses to lower security to support phones that lack these components, because manufacturers wanted to save maybe a $1 per phone by not including them at the expense of user security.

Then let us know when they are solved. Until then, I have a lot more hope in matrix than XMPP. They at least seems to be making progress in the right direction, although they are not there yet either.

Signal remains the best option for now.

So much cope you didn’t even notice no one mentioned matrix. We are comparing XMPP with Signal.

Your reasoning would hold up if 80% of xmpp wasn’t running on Conversations or forks of it

Also, you really think saying only 20% of your chats are insecure is somehow making it better?

The encryption being crap really does not depend on the threat model. Sure, in some threat models you may not need e2ee at all but in that case, what’s wrong with WhatsApp?

The issue with XMPP is that security really was an afterthought. Not only is e2ee an optional extension, but there are actually 2 incompatible extensions, each with multiple versions. Then you have some clients not implementing either, some clients implementing the older, less secure one. Some implement the newer one but older version of the spec with known issues. And of course, the few clients that implement it well become incompatible with other clients that don’t if you enable e2ee, so it is disabled by default.

That is all before you start looking into security audits or metadata harvesting.

Tell me you don’t know anything about security without telling me you don’t know anything about security.

There are: https://nimbusdata.com/products/exadrive/specifications/

They are just not listed in shops for poor people. (joking)

Not really. Sure, China is able to make unpopular decisions better then democracies, but that makes them inefficient in different directions. E.g. high speed rail in areas where it is not needed but greatly lacking freight trains. Or their housing bubble.

You’re defending him—intentionally or not—because you’re giving legitimacy to the idea that, somehow, the party that kicked him out is in the wrong.

Yeah, I am tired of this shit. My entire comment repeatedly spells out that criticizing one party does not mean supporting the other. Both FDO and Vaxry can be in the wrong. If you can’t even comprehend that, there is nothing else to talk about.

First off, I don’t know anything about Vaxry or the Hyperland community, so I am definitely not defending him or implying it is not bad or anything of the sorts. I am saying the public reasoning for the ban is manufactured BS, and I am pretty sure that is because it is hard to call yourself “free” anything if you want to police peoples behavior unrelated to your project.

If you think projects should do such policing, that’s fine. It even makes sense, if you ignore the potential for misuse. But they certainly shouldn’t advertise themselves as free. It’s the hypocrisy of trying to do both by manufacturing an excuse I am calling out.

As for the rest of what you write, I feel it all comes to the same unhinged idea that because someone is a bad person, everything they touch, create or any person engaging with them is also bad.

I dislike Brave, and it’s founder. Doesn’t mean everything Brave does is bad or can’t be promoted by me as good. If you choose to not do it for your personal beliefs, that is fine. But the idea that I am not allowed to praise Brave browser features or other actions because of something unrelated its founder did or said is ridiculous.

EDIT: Regarding your edit, yes. I criticize parts of DEI or stupid anti-Trump arguments. That’s the whole point. Stupid arguments are stupid even if a good person is making them and good arguments are good, even if evil person like Trump makes them. Parts of DEI can be bad, even though discrimination is also bad. The world is not black and white.

EDIT2: Here is my post on DEI if anyone wants to read it and decide for themselves whether it is reasonable criticism or not.

So it’s not just the PR, it is also him interacting with “the wrong people”. Because it is so unthinkable to post about another browser developer while developing a browser regardless of politics. Idk anything about Andreas Kling, maybe he is a bad person, but the reasoning in your comment seems unhinged to me.

PS: Maybe off topic, but FDO reasoning for banning Vaxry is also wild. FDO admits he never broke the CoC on their platforms, then the CoC enforcement sends him a threatening email demanding he moderates his community differently and when he pushes back and says he will ignore this person sending unsolicited threatening emails, that is a reason to ban him. Because somehow this unsolicited threatening email is somehow considered part of FDO. Literally manufacturing a cause…

“We don’t accept ideologically motivated changes” = White supremacist language… Yeah, sounds about like what I expected…

Yeah, we should just ditch email for sensitive communications.

Anyway, my point was that I lost trust in Proton back then over this and went to Tuta that has native clients. It makes no difference to my security since I don’t think I ever sent or received a single mail that was actually e2e encrypted. But Tuta’s more serious approach to e2ee made me slightly more confident in it as a company.

Now it kinda looks like it was the right choice.

doesn’t impact the security sufficiently to make a difference for the average user.

I think it is borderline. I am not advocating for PGP, I like the Signal model where you trust signal for introductions but have the ability to verify, even in retrospect. Trust but verify. Even a few advanced users verifying Signal keys forces Signal to remain honest or risk getting caught.

I think the lack of meaningful verification for proton is a significant security weakness, though average user probably has bigger things to worry about.

Bridge did not exist back then.

As for it being sophisticated attack, I think it is relative.

Regardless, if Proton said it did not matter to most people, I would respectfully disagree and move on. They did not. They claimed it is not at all less secure than a native app, which is BS.

It is nuanced, but having the ability to selectively serve malicious javascript stealing keys to specific people only on one access is considerable issue in practice, compared to distributing binary where you would generally have the same binary for everyone and you are able to archive and analyse it. Especially if you use third party distributions, like github releases or flatpaks.

Was it ever? I ditched them years ago when they tried to gaslight people that e2ee in javascript in browser is secure.

Why Ray Ray? Is it just weapon manufacturing or did they do something extra evil?

Perun for military stuff, especially Ukraine.

Exactly this. If it is just playing the game within the existing mechanics, then no thanks, I would rather remain mortal.

Honestly, if the app was open-source so we can check it does not leak data, I would probably have no issue with it.

Making it a separate app makes sense if google wants to allow other apps to re-use the code. No reason to have the same functionality bundled into each app separately.

And the feature, as long as it is configurable, seems useful.

The auto-install is bad but understandable. As far as I am aware, there is no easy way to mark an app as a dependency of another app so it gets automatically installed only when needed. This should be fixed, but auto-install for all is not terrible temporary solution. This does not apply when the app is closed source and may steal your data.