And E2EE is only available on phones, circa a couple of years ago anyways
Terminal stage of console
- 0 Posts
- 37 Comments
Joined 2 years ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Telegram’s servers are located in US, Singapore, Netherlands (and maybe some other countries) from what I’ve gathered. And all chats that are not E2EE’ed are stored there, encrypted at rest at best with keys in the same database, or somewhere else that can still be accessed in automated way. Maybe it is not even encrypted at rest.
The point is, all those countries are either in 5 eyes or have information sharing agreements with 5 eyes countries. So as far as I’m concerned, TLAs can still have their fingers in those pies, in addition to Telegram’s overall shadiness and Russian ties. So maybe you get KGB strongman keeping a watch over your chats too.
This is not something I’d have much confidence in to be honest.
Switch to Telegram
You know it’s not even E2EE by default, and when it is it uses a homegrown algo that is not exactly well spoken of? (at least V1)
1·1 year agoIt is reasonable yet subpar under a threat model where you do not trust any single provider, which is a model I find appropriate most of the time.
You should not assume your password manager is unhackable.
That’s my main point. Perfect is an enemy of good indeed, but I feel that doing things properly the first time is a good idea in general, especially when it as easy as using a different app for your TOTP tokens. It’s a low hanging fruit really.
Please don’t use your password manager for TOTP tokens. It is called two factor authentication for a reason.
Until next time they try to push through something similarly stupid. Now it’s EU’s turn to make their mind too.
Tbh I’d not be surprised if that’s the case. Last time I had enough time to spare to rice me some arches was all the way back when I was in uni :(
I barely have enough time to hotfix my dotfiles nowadays :/
And the cringe inducing lttstore and “no sponsored fragment” plugs. Like somehow it sounds like your typical
apology.jpegand “haha funny-funny jokesies” at the same time.
Mullvad is trusted. They are pretty open with their policies, exist for a long time already, not involved in any privacy scandals (to my best knowledge), charge flat and fair fee without 60% sales and other dubious marketing practices. It is one of the better VPN providers, not in 5/9 eyes (they are in 14 eyes though), you can buy a subscription with crypto, which (assuming crypto was acquired anonymously too) is a good start for some privacy guarantees.
Pretty much every cyber security professional I know uses Mullvad in one way or another, usually as part of a more complex solution.
But all in all, please bear in mind that VPN is not some magic silver bullet to preserve your privacy and anonymity. With VPNs you basically shift your trust from your ISP to the VPN provider. That trust you put into the provider, it is still a requirement. Not to mention that a good chunk of tracking is happening on a lower level nowadays, so if you use Mullvad on Windows / any Apple device etc. do not expect to become untraceable :)
0·1 year agoTexts are securely stored
Right, must be military grade encryption
11·1 year agoFiercely agree. I have Samsung “smart” TV that I use as a dumb screen for my Apple TV and PS5.
Samsung’s software manages to bug out even without using it. The TV remote would randomly disconnect, screen would respring, randomly adjust contrast etc. It’s like “the printer of TVs”.
32·1 year agoIndeed
Books, online courses. Education in depth, ideally.
Books, online courses. Education in depth, ideally.
Yeah but… Brilliant has… a trial period. Seven days is plenty to realise that there’s next to zero educational value in that platform no matter how hard it is shilled online.
They are pretty poor courses anyway, why would you want them?
lol