RayJW

Better UX until you have to download or update a game… there is an open bug report where it just doesn’t progress but keeps starting new processes until you‘re OOM. Still no fix in months, I’ve had to boot into Windows for every single update. Really not that good of an UX.

Are you using GE-Proton? I had this issue when not using the stock Proton. Try switching to Proton 9 and try again.

As you said, if PFS can be disabled by enabling a feature on the receiving end it’s by security practices not enabled, in the industry that’s called a downgrade attack and considered very bad practice.

The blog post you linked, is the publicly revised version after they were called out by well known cryptographers for their handling. This was their original response to the researchers, again after the researchers disclosed the vulnerabilities to them and actively helped designing the new protocol, not just giving inspiration. This was their initial tweet: „There’s a new paper on Threema’s old communication protocol. Apparently, today’s academia forces researchers and even students to hopelessly oversell their findings“ which is long deleted, but I did read it while it was still up back then. I can’t find a screenshot or anything at the moment, so if you want to call me a liar, go ahead but if you search for that quote you will find many citations.

Also, they claimed „old protocol“ but Ibex was still months from being deployed widespread, so that’s another big downplay.

You mention Signals Desktop app issue, Threema claimed the attacks were unrealistic because they require significant computing power or social engineering, both things that are definitely a risk if you’re trying to protect yourself from bigger intelligence efforts. The issue with Signal Desktop however, required full file system access to your device at which point, there is nothing stopping the attacker from simply using a key logger, capturing your screen, etc.

This is why no big security researchers called out Signal but many shunned Threema. At the end I don’t have a horse in the race for either of them, but I think those are facts people need when making a decision with their private information.

If you’re seriously concerned about privacy and security I wouldn’t look at Threema. They severely mishandled vulnerabilities by insulting the security researchers, then introduced a new protocol they built with the advice given to them for free from the SAME researchers before that, and yet it still doesn’t support critical features like full forward secrecy. If all you want primarily is the best security out there Signal is and will be the best for a long time to come by the looks of it.

I’m not sure that Proton can fix your problem. However, I feel like this project would love your help with capturing the USB traffic to get it supported and hopefully upstreamed in the kernel some day :)

!helldivers2@lemmy.ca just dropping this here to help growing smaller communities :)

I’d definitely recommend Anki over Quizlet. Among many things it is very versatile, doesn’t cost a subscription, and has a better retention algorithm in my experience. Can’t comment on the rest although Photomath definitely helped me a few times :)

Just know that sites like this are useless if you don’t understand the results. There are anti-fingerprinting techniques that add random noise to your fingerprint. This might result in these kind of tests claiming you have a completely unique fingerprint, even though the anti-fingerprinting mechanisms randomise the fingerprint for every site, browser session, etc. (depending on the config). This would mean that you are relatively „safe“ from fingerprinting because you never have the same print twice but tests think you are very vulnerable because it’s still a random “unique“ fingerprint.

Yea but many of them were involved. The Audi CEO at the time was on the board making the decision and the first to be convicted.

Don’t worry, I don’t think you are. I just think there’s a reason they admitted so easily. Probably just another calculated fallout to save all their other brands from their own mini backlash which would ultimately cause more damage.

But yes, the whole industry is a dumpster fire when it comes to regulations and also lobbying.

I mean they also own like half the industry. So, I don’t feel particularly bad for them to be honest.

I mean if they’d use the backdoor no one would know. It’s not like they would declare ah ye we used our secret Signal backdoor.

That’s not how it works. All metadata is also E2EE with the same protocol. Even if they control all servers it wouldn’t change much.

I think we can be pretty damn sure that the encryption is not backdoored since the Signal Protocol is the gold standard in encryption nowadays and thousands if not more highly skilled cryptographers without tied to the US govt looked at it thoroughly. Also Snowden calls Signal the best messenger on the grounds on him using it daily and still being alive so that’s also a pretty good sign.

Also, do you have a source about them being mainly funded by the US govt? In their blog they talked about mainly being funded by small donors and a few initial loans from people who care about privacy.

Just leaving this here for everyone! This browser extension saved me a lot of hassle so many times. We need to stop paying where possible and this is the convenient legal way for a lot of papers out there: https://unpaywall.org/

Yes, BUT the first CAMM was proprietary to DELL. This is what came from them giving the standard to JEDEC. So not all hope is lost!

Revolt is self-hostable. It isn’t E2EE but if you’re controlling the users anyways transport encryption should be enough since you have control over the data anyway.

I don’t see how downloading Signal is directly making this a scam? It might just be that the company cares about security and privacy and isn’t comfortable sharing confidential company data over something like LinkedIn?

If the offer seems legit and you applied for it there is no way you can get scammed just by texting them on Signal.

Pop!_OS, Fedora, and I think Ubuntu as well have already done this change long ago in this sequence. So no need to switch to Arch. Also, you can edit this manually, it’s just about changing the default.

Sure you can delete your Grub or whatever, but generally I don’t think it ever was the goal of Linux to give the user the ability to destroy hardware instead of just having to reinstall.