kbal

If I’m not mistaken you were talking about how things work “on my phone” but I suppose you had in mind that the principle would apply to desktop as well.

In practice it does somewhat come down to how well containerized and locked-down the environment is, so I think the difference does matter. Android for instance sucks in very many ways, but it’s somewhat reliable in usually keeping apps from interfering with each other. There are a few desktops that try to do that, but they’re still not too popular I think. Desktop users are used to having full control of everything. Seems to me the pervasive compartmentalization of everything (it wouldn’t be sufficient for the purposes we’re talking about to put only Signal in a secure container) is accepted as necessary on mobile devices mostly because so many of the apps are terrible.

If you have root, intercepting all the user’s keystrokes is trivial.

You did but it says “desktop” right in the page title.

Huh. I would’ve thought most desktop users just leave it running all day long like I do. Obviously there is the disk encryption passphrase at boot, adding another one for signal would in my case be redundant.

But the point is not only how easy it is to enter a passphrase, but also how much security that actually gains you. I don’t think it does much on the typical desktop, be it windows or linux, where there are so many ways to escalate or persist privilege for anyone that has user-level access.

Needing to enter a secure passphrase each time you want to use signal in exchange for one more fragile layer of defence for that one part of your data in a scenario that would normally mean you’ve already lost unless you’re running a super-secure compartmentalized operating system like qubes or something is probably not worth it for most people.

Alternative headline: Someone has a feature request for Signal which would be of interest to a few people with very specific security needs.

I think about that sort of thing every time I upload any image at all, just out of inherent paranoia. A profile pic would most likely be one of the first things people check if for some reason they wanted to find other accounts you might have.

I don’t think “data brokers” are quite at the level of sophistication where they’re automatically doing that to everyone, but with AI they’ll probably get there soon.

Spain is officially hoping that their system will serve as a model for the rest of Europe, and then the rest of the world, so that everyone can work together to enforce the rules. Otherwise their citizens might just evade it by, for example, going to web sites that are not in Spain.

That is why they give it such a grand name as “digital wallet.” It’s meant to become the basis for that European digital id you refer to, and used for much more than is happening with this initial trial balloon.

This ensures traceability through the public key as content providers will consistently receive the same public key when the credential is presented

What a ridiculous system. For some reason I expected that their efforts to offer an illusion of privacy would be better than the obfuscatory bullshit they’ve leaned on here in order to enable “traceability.”

I hope it goes down so badly in Spain that the rest of Europe is once and for all convinced that such schemes to restrict and monitor the web browsing habits of every citizen are ineffective for their stated purpose, needlessly invasive of privacy and freedom, destructive of democracy, and can serve only as a prelude to totalitarianism.

Site is down right now but I imagine it is yet another contribution in the genre of leaping to the worst possible conclusions about matrix from very shaky ground. I don’t know what motivates that sort of thing, but there sure seems to be a lot of it around.

Too old (it’s from 2019) and too tendetious in tone; didn’t read. For both reasons it seems certain that it does not tell the whole story.

Science is a religion in the same way that golf is a religion. It’s not, but it’s easy to see how one might get the wrong idea by listening to the rhetoric of its most enthusiastic admirers and not looking too closely at the actual thing they’re talking about.

Recognizing that those goals are simply wrong should be one of those “basic digital skills” they talk about. I mean use cloud services and AI if you really need them, but it should not be encouraged.

El Mundo according to google translate:

The problem is that the Agency only has powers for companies and internet providers with their main establishment in Spain and that is why it seeks to extend its project worldwide.

For this reason, in addition to explaining it in the US and before the EC, it has been presented to the Plenary of the European Data Protection Committee, where work is being done under age verification criteria and it is expected that some criteria will be approved before the summer based on the Spanish proposal.

No need to resort to using tor. I’m sure there will be plenty of clearnet websites around the world that provide what people are looking for without much caring about what the government of Spain has to say about things. Increasingly many, I expect, as it becomes impossible to comply with every one of these ridiculous laws around the world.

deleted by creator

Suddenly I’m worried about AI’s energy draw. “6 percent of global electricity” is not a small amount of electricity.

deleted by creator

deleted by creator

Me? I’m not so anarchist that I personally have a problem with pledging allegiance to a flag or whatevs, just anarchist enough that I find it somewhat odd when people assume that everyone is part of “you” and “us” groups of that kind.

I guess it’s just that having to acknowledge the sovereign powers of some country other than the one you’re applying for citizenship in is unusual enough to make this sort of weird power to define our views of the world that the modern state has achieved stand out a little more than usual.