This is a cool way to protect a belief, narrowing the scope so that the refuting data do not apply anymore. Perhaps I can write a fucking essay about it, but do you have data to support this narrowing move? There is like a ton of data that the West has been invasively spying of possible threats to the status quo (from Cointelpro to undercover UK cops like recently), not just people “acting on it”. Furthermore, actions can fall under protected free speech as well, like putting up a poster, demonstrating, and protesting. So your proposal is inherently undemocratic if you roll back freedom to only protect oral expression, quite similar to a “Don’t ask don’t tell” attitude towards gay people. What you just said is simply counter-factual. Blanket surveillance is a staple of Western societies in the 21st century, and it blows my mind that there are still people oblivious to what is more or less spelled out clearly in the Patriot Act and all laws modeled after it across the globe.

There is a conceptual distinction: Encryption in transit vs. encryption at rest. You may send the packets encrypted to the server, but if they are not encrypted on the server’s file system, anyone can read them.

The real question is, why do you think governments make such a big fuss about citizens having access to military grade encryption?

There have been audits of e2ee implementations, and the algorithms used also have some objective properties. I don’t think that I have ever heard in cryptography discussions that backdoors are so widespread that the discussion is moot. I have only heard, time and time again, the opposite.

Even Apple, in this very occasion, opted to ditch the service rather than backdoor it, and in fact takes the UK to court over this. I think that the opinion that this is all for show is a tad wild, and not very well supported in this occasion.

Like every cryptology book starts with the adage “There is cryptography that prevents your little sister from reading your mail, and cryptography that prevents the government from reading your mail, and we will talk about the latter.”

https://blog.cryptographyengineering.com/2025/02/23/three-questions-about-apple-encryption-and-the-u-k/

On the other hand, not all implementations are created equal. Telegram was recently under fire, and there is a lot of variance in e2ee implementations in XMPP clients, IIRC.

OK now that arstechnica has written about it, shills might stop nagging in the comments about my titling. LMAO

The basic way to do this is you respond to these three questions: What am I trying to protect? From whom? What are they able to do to get there?

Note just to be sure, Mull is a different thing than Mullvad. What you wrote makes sense for Mullvad, but I am not so sure if this is the case with Mull, the mobile app.

I don’t think we understand very well the threat model here. Are we talking about having a Mozilla account or the web engine itself. If you have an account they will probably start doing mining shit with it. What about activists researching certain topics then? The content browsed can be visible to Mozilla if they use their account for syncing bookmarks. That should be a dealbreaker right there. No different than Meta user-profiling the fuck out of your engagement behaviors. Now if this is NOT the case and you haven’t a Mozilla account, I assume that the version of the web engine available back at the time of the fork is exactly the same. So far so good.

The problem is that browsers are hard, and there is a ton of web protocols to be implemented, various fixes for security, support extensions and other QOL features. WORD ON THE STREET is that tasks like these cannot be undertaken as solo/hobby projects, that funding and an organization structure is essential. The teams behind LibreWolf, Waterfox, etc have a track record of already lagging behind Firefox’s version updates. Same goes with user-profile and configuration sets like Arkenfox (if I am not wrong). You may tweak the conf all you want, but if privacy and anonymity is compromised at the web engine level, these forks will be left with little to do about it. Then the only option will be to keep using an old version of the web engine (sacrificing security and quality of life extensions), or ditching the gecko web engine altogether.

That is why people are looking for genuine alternatives to the web engine.

I thought Mullvad was the best in anti-fingerprinting. Anyone can check their own configuration with EFF’s “cover your tracks” site.

Perhaps this explains why all these spook impostors are so vehemently against advanced privacy and anonymity. They are signaling they are the good ones!

You write a wall if text thinking you will shift the views of disgusted people turning their back to the product, a product at that which was iconic for their open source culture, and yet it somehow managed to alienate the niche that was more favorable to it. Good luck with that!

This is trolling. It is beyond self-evident that the Open Source fediverse has thoroughly criticized the latest Mozilla move. I myself point out device fingerprinting and third party vendors. You respond to neither approach. You want me to do homework and quantify the sentiment on the trending Mozillla hashtag? Sealioning. Diigressing the topic of conversation? Report and block you sad impotent spook troll.

Your mastodon feed might be different that mine, lmao

https://mastodon.social/tags/mozilla

This is some Gestapo/Stasi shit.

Like, all queer persons must go beyond Signal/Tor level.

This extends to the physical world: Plan ahead for escape routes and survival networks.

I will come back with this angle but, REMEMBER those mfers who always said “the NSA does not target you, so asking about anything more than Signal is paranoid/futile if ever the NSA targets you”?

REMEMBER that we said that some people have advanced threat models by default? Eg feminist activists, activists in third countries, queer people?

WHO is paranoid now, that being queer, pro-Palestine, and/or climate activists can have you on the watchlist?

This development only proves my previous points that the hordes of sock-puppets spamming the Privacy forum are fucking spooks. Pooping the conversation about advanced privacy and anonymity should qualify for permabans, IMHO.

They don’t even cite the datapoints, my friend. It is a trademark infringement cease-and-desist…

either Signal fans have to donate more or Signal has to start finding other monetization which if we look at other companies means selling private data.

Lo and behold, after RiseUp now Signal is accused of selling data. Well, it is well known (and audited) that Signal keeps so little metadata it is not even useful to the authorities that have subpoeana-ed it.

This is an extra-ordinary claim you have to back with extra-ordinary evidence, in order to save face.

Clean cut kids do not find Lemmy very palatable.

The alternatives were suggested briefly in the segment, not the site. Oliver pointed to the site those people who can’t ditch Meta right now.

it’s going to hurt Meta’s bottom line eventually

Just hurting Meta’s bottom is good enough for me

He only now was able to catch up with all the news with Meta moderation from a month ago. He is only a couple weeks back on air.

Remember “Our Lady of Perpetual Exemption”? You can’t get stuff like this in stores!

sentence I never thought I’d write

🤣 🤣