Pidgin
Chat program which lets you log in to accounts on multiple chat networks simultaneously.
Pidgin runs on Windows, Linux, and other UNIX operating systems.
https://pidgin.im/about
macOS: http://adium.im
Telegram support:
https://github.com/majn/telegram-purple/blob/master/README.md
Usage
First Login
The username is your current phone number, including your full country prefix. For Germany, this would be '+49', resulting in a user name like '+49151123456'. Telegram will verify your phone number by sending you a code via SMS. You will be prompted for this code, once that happens.
Buddy List
Like in the official Telegram apps, the displayed buddy list consists of all active conversations.
Foreign Users
Foreign users, like for example people you only know through a group chat but never had any conversation with, will not be part of your buddy list by default. You can add those users to the buddy list by clicking on "Add contact..." in the users context menu.
Using secret chats
You can use Telegram secret chats with this plugin, they will show up as a new buddy with a '!' in front of the buddy name.
One caveat of secret chats in Telegram is that they can only have one endpoint, this is a limitation of the protocol. This means that if you create a secret chat in Pidgin you will not be able to use that chat on your phone. You will be asked whether to accept each secret chat, so you can always choose to accept the chat on a different device if you want. You can set a default behavior for dealing with secret chats (Accept or Decline) in the account settings, if you don't want that prompt to appear every time.
Self destructive messages will be ignored, since I don't know any way to delete them from the conversation and the history.
Confirming the key authenticity
Click on the buddy in the buddy list and click on "Show Info" to visualize the key fingerprint.
Initiate secret chats
To initiate a secret chat from Pidgin, click on a Buddy in the Buddy List and hit "Start Secret Chat"
Deleting secret chats
If you delete a secret chat from the buddy list, it will be terminated and no longer be usable.
Unicode Emojis for Pidgin
The Telegram phone applications for iOS and Android make use of standardized Unicode smileys (called Emojis). Pidgin does not display those smileys natively, but you can install a custom smiley theme like (https://github.com/stv0g/unicode-emoji) or (https://github.com/VxJasonxV/emoji-for-pidgin) and activate it under Settings > Themes > Smiley Theme.
π‘ @Libreware
#pidgin #im #messaging #telegram
Chat program which lets you log in to accounts on multiple chat networks simultaneously.
Pidgin runs on Windows, Linux, and other UNIX operating systems.
https://pidgin.im/about
macOS: http://adium.im
Telegram support:
https://github.com/majn/telegram-purple/blob/master/README.md
Usage
First Login
The username is your current phone number, including your full country prefix. For Germany, this would be '+49', resulting in a user name like '+49151123456'. Telegram will verify your phone number by sending you a code via SMS. You will be prompted for this code, once that happens.
Buddy List
Like in the official Telegram apps, the displayed buddy list consists of all active conversations.
Foreign Users
Foreign users, like for example people you only know through a group chat but never had any conversation with, will not be part of your buddy list by default. You can add those users to the buddy list by clicking on "Add contact..." in the users context menu.
Using secret chats
You can use Telegram secret chats with this plugin, they will show up as a new buddy with a '!' in front of the buddy name.
One caveat of secret chats in Telegram is that they can only have one endpoint, this is a limitation of the protocol. This means that if you create a secret chat in Pidgin you will not be able to use that chat on your phone. You will be asked whether to accept each secret chat, so you can always choose to accept the chat on a different device if you want. You can set a default behavior for dealing with secret chats (Accept or Decline) in the account settings, if you don't want that prompt to appear every time.
Self destructive messages will be ignored, since I don't know any way to delete them from the conversation and the history.
Confirming the key authenticity
Click on the buddy in the buddy list and click on "Show Info" to visualize the key fingerprint.
Initiate secret chats
To initiate a secret chat from Pidgin, click on a Buddy in the Buddy List and hit "Start Secret Chat"
Deleting secret chats
If you delete a secret chat from the buddy list, it will be terminated and no longer be usable.
Unicode Emojis for Pidgin
The Telegram phone applications for iOS and Android make use of standardized Unicode smileys (called Emojis). Pidgin does not display those smileys natively, but you can install a custom smiley theme like (https://github.com/stv0g/unicode-emoji) or (https://github.com/VxJasonxV/emoji-for-pidgin) and activate it under Settings > Themes > Smiley Theme.
π‘ @Libreware
#pidgin #im #messaging #telegram
www.pidgin.im
About
Pidgin is a universal chat client, allowing you to consolidate all your different messaging apps into a single tool.
Session
A Signal protocol fork with decentralized servers and no need for a phone number
Session is a cross-platform, anonymous and decentralized messaging application. You don't need a phone number or email address to make an account.
Session uses the Loki Service Node network to route the data, for which the nodes are rewarded with $LOKI. The Loki Network itself is made up of some ~1000 community operated Service Nodes where 44% of the supply is held in the SNs - about US$7.5 million at the moment.
I love Signal, but I don't love the attached phone numbers or central servers, but I know there's a challenge in allowing an altruistic intention over a financial incentive for the node operators - Sybil resistance. By using Loki's Service Node network, the crypto-economics is designed in a way that a bad actor would drive the price exponentially up while trying to accumulate enough Loki to be able to perform any traffic analysis on the routed data.
Think of it as a Signal fork meets a Monero fork meets an incentivized TOR network.
Web: getsession.org
FAQ: getsession.org/faq
Whitepaper:
https://getsession.org/wp-content/uploads/2020/02/Session-Whitepaper.pdf
Sources: github.com/Loki-project
Comments:
http://old.reddit.com/r/Android/comments/f4yt7z/session_a_signal_protocol_fork_with_decentralized/
π‘ @NoGoolag π‘ @Libreware
#session #signal #decentralized #im #instant #messaging #alternatives
A Signal protocol fork with decentralized servers and no need for a phone number
Session is a cross-platform, anonymous and decentralized messaging application. You don't need a phone number or email address to make an account.
Session uses the Loki Service Node network to route the data, for which the nodes are rewarded with $LOKI. The Loki Network itself is made up of some ~1000 community operated Service Nodes where 44% of the supply is held in the SNs - about US$7.5 million at the moment.
I love Signal, but I don't love the attached phone numbers or central servers, but I know there's a challenge in allowing an altruistic intention over a financial incentive for the node operators - Sybil resistance. By using Loki's Service Node network, the crypto-economics is designed in a way that a bad actor would drive the price exponentially up while trying to accumulate enough Loki to be able to perform any traffic analysis on the routed data.
Think of it as a Signal fork meets a Monero fork meets an incentivized TOR network.
Web: getsession.org
FAQ: getsession.org/faq
Whitepaper:
https://getsession.org/wp-content/uploads/2020/02/Session-Whitepaper.pdf
Sources: github.com/Loki-project
Comments:
http://old.reddit.com/r/Android/comments/f4yt7z/session_a_signal_protocol_fork_with_decentralized/
π‘ @NoGoolag π‘ @Libreware
#session #signal #decentralized #im #instant #messaging #alternatives
Briar can share data via Wi-Fi, Bluetooth and the Internet.
Briar provides private messaging, public forums and blogs that are protected against the following surveillance and censorship threats:
Internet blackouts.
Metadata surveillance.
Content surveillance.
Content filtering.
Takedown orders.
Denial of service attacks.
Download now!
https://briarproject.org
@AnarchoMemes
#briar #im #instant #messaging #alternatives #p2p #mesh
Briar provides private messaging, public forums and blogs that are protected against the following surveillance and censorship threats:
Internet blackouts.
Metadata surveillance.
Content surveillance.
Content filtering.
Takedown orders.
Denial of service attacks.
Download now!
https://briarproject.org
@AnarchoMemes
#briar #im #instant #messaging #alternatives #p2p #mesh
Forwarded from GJ `°÷°` π΅πΈπ (t ``~__/>_GJ06)
Forensic analysis of Matrix protocol and Riot.im application - ScienceDirect β https://www.sciencedirect.com/science/article/pii/S2666281721000159
Instant messaging (#IM) has been around for decades now. Over the last few decades IM has become more and more popular with varied protocols, both open source and closed source. One of the new recent open source ones is the Matrix protocol with the first stable version released in 2019 and the IM application based on this protocol is β#Riot.imβ. . However, because the #Matrix protocol and the Riot.im application are very new, there is a knowledge gap when it comes to investigators in relation to the forensic acquisition and analysis of Riot.im application and the Matrix protocol. Yet, there is very little research in literature on the Matrix protocol forensics. The goal of this paper is to fill this gap by presenting a forensic approach to analyze forensic artifacts of Riot.im and the Matrix protocol..Off the Grid Messenger
Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas. With a theoretical transmission range of 10 miles (16kms), OTG messenger can be used by groups of people to stay connected when they are in areas not serviced by mobile connectivity.
For portability and low power purposes, the device was created by re-purposing an old Nokia e63 phone I had laying around. The enclosure, LCD, keypad, backlighting and speaker have been re-used however the motherboard was re-designed from the ground up with low power components, a modern STM32 H7 microcontroller, an ISM LoRA radio and expanded flash memory.
https://github.com/TrevorAttema/OTGMessenger
Comments
https://news.ycombinator.com/item?id=27659105
https://hackaday.com/2021/06/26/lora-messenger-in-nokias-shell/
#otg #offthegrid #grid #im #messenger #alternatives #cellphone #mobile #nokia
Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas. With a theoretical transmission range of 10 miles (16kms), OTG messenger can be used by groups of people to stay connected when they are in areas not serviced by mobile connectivity.
For portability and low power purposes, the device was created by re-purposing an old Nokia e63 phone I had laying around. The enclosure, LCD, keypad, backlighting and speaker have been re-used however the motherboard was re-designed from the ground up with low power components, a modern STM32 H7 microcontroller, an ISM LoRA radio and expanded flash memory.
https://github.com/TrevorAttema/OTGMessenger
Comments
https://news.ycombinator.com/item?id=27659105
https://hackaday.com/2021/06/26/lora-messenger-in-nokias-shell/
#otg #offthegrid #grid #im #messenger #alternatives #cellphone #mobile #nokia
SplinterNet
Android app designed to create an unblockable Twitter like network that uses no cellular or Internet communications. All messages are transmitted over Bluetooth between users, creating a true peer-to-peer messaging system. All messages are anonymous to prevent retaliation by government authorities.
SplinterNet is a true peer-to-peer network in that it requires physical proximity to other people to transmit messages. In the current version this happens over a close range Bluetooth connection. To illustrate how SplinterNet works, here is an example scenario:
You take a picture of a protest happening near your home.
Fearing a spread of the protest the government shuts down cellular and Internet access to most citizens.
You write a short message about the protest in SplinterNet and attach the picture.
When you next meet with your friends, you sync SplinterNet with them. They now have your photo and will spread it to their friends.
You also now have all their messages, which includes photos taken of protests happening in other parts of the country.
Any person who can reach a working Internet connection can post all of these photos to any sharing service or send directly to journalists to publicize.
If you fear capture, you can press a single button and all the messages in your copy of SplinterNet are deleted.
Features
Create a post with text and an optional single image.
Mark posts as important to increase their spread within the network. These posts will be sent first during syncing and will be highlighted for the people you sync with.
Delete posts to stop their spread. The contents of the network reflect what users of the network think is important and appropriate. You don't have to spread anything you don't want to.
Project Status
This is an experimental project still in development. All of the features listed here should work, they just haven't been tested in large networks. Please let us know how it works!
https://raw.githubusercontent.com/megamattron/SplinterNet/master/other/splinterNet-infosheet.png
https://github.com/megamattron/SplinterNet
π‘ @nogoolag π‘ @libreware
#SplinterNet #im #messaging #p2p #bt #bluetooth
Android app designed to create an unblockable Twitter like network that uses no cellular or Internet communications. All messages are transmitted over Bluetooth between users, creating a true peer-to-peer messaging system. All messages are anonymous to prevent retaliation by government authorities.
SplinterNet is a true peer-to-peer network in that it requires physical proximity to other people to transmit messages. In the current version this happens over a close range Bluetooth connection. To illustrate how SplinterNet works, here is an example scenario:
You take a picture of a protest happening near your home.
Fearing a spread of the protest the government shuts down cellular and Internet access to most citizens.
You write a short message about the protest in SplinterNet and attach the picture.
When you next meet with your friends, you sync SplinterNet with them. They now have your photo and will spread it to their friends.
You also now have all their messages, which includes photos taken of protests happening in other parts of the country.
Any person who can reach a working Internet connection can post all of these photos to any sharing service or send directly to journalists to publicize.
If you fear capture, you can press a single button and all the messages in your copy of SplinterNet are deleted.
Features
Create a post with text and an optional single image.
Mark posts as important to increase their spread within the network. These posts will be sent first during syncing and will be highlighted for the people you sync with.
Delete posts to stop their spread. The contents of the network reflect what users of the network think is important and appropriate. You don't have to spread anything you don't want to.
Project Status
This is an experimental project still in development. All of the features listed here should work, they just haven't been tested in large networks. Please let us know how it works!
https://raw.githubusercontent.com/megamattron/SplinterNet/master/other/splinterNet-infosheet.png
https://github.com/megamattron/SplinterNet
π‘ @nogoolag π‘ @libreware
#SplinterNet #im #messaging #p2p #bt #bluetooth
Instant messaging apps review
I tested a lot & mulled on this for a while.
Our goal was something less centralized, more private & harder to take down or block.
BRIAR is good & p2p but you have to invite each user separately to a group which is a pain
XMPP is archaic & behaves like a traditional one to one messenger. Yes, groups are there but are more like texting groups & you can't tag or reply to anyone directly.
MATRIX is better but ends up being 3rd party centralized because hosting yourself is a hog, which means you're bound by that hosted server & all those rules, giving up your email credentials, getting possibly kicked off, etc. Matrix.org server started requiring email verification for instance.
Matrix doesn't encrypt metadata, your IP is visible to others in chats.
The last 2 require a hosted server somewhere for large groups to function properly, and so does SESSION since it too has no servers of it's own. But its way lighter than Matrix & can be hosted on a mediocre VPS (which I've done, I can pay, its cheap its fine). The added benefit of Session is everything is onion routed automatically, and there's zero identifying factors when creating an ID. No phone numbers, no emails, nothing. Restore that ID on a new device using a cryptic passphrase, or start a new one if you want.
Check out @Nogoolag room with SESSION:
http://chat.nogoolag.com/nogoolag?public_key=53b45de08520eb3af97933e9a4991e74e26972ee91cc94e6a05da03d956d4313
#im #session
I tested a lot & mulled on this for a while.
Our goal was something less centralized, more private & harder to take down or block.
BRIAR is good & p2p but you have to invite each user separately to a group which is a pain
XMPP is archaic & behaves like a traditional one to one messenger. Yes, groups are there but are more like texting groups & you can't tag or reply to anyone directly.
MATRIX is better but ends up being 3rd party centralized because hosting yourself is a hog, which means you're bound by that hosted server & all those rules, giving up your email credentials, getting possibly kicked off, etc. Matrix.org server started requiring email verification for instance.
Matrix doesn't encrypt metadata, your IP is visible to others in chats.
The last 2 require a hosted server somewhere for large groups to function properly, and so does SESSION since it too has no servers of it's own. But its way lighter than Matrix & can be hosted on a mediocre VPS (which I've done, I can pay, its cheap its fine). The added benefit of Session is everything is onion routed automatically, and there's zero identifying factors when creating an ID. No phone numbers, no emails, nothing. Restore that ID on a new device using a cryptic passphrase, or start a new one if you want.
Check out @Nogoolag room with SESSION:
http://chat.nogoolag.com/nogoolag?public_key=53b45de08520eb3af97933e9a4991e74e26972ee91cc94e6a05da03d956d4313
#im #session
Briar 1.3.8 release today
https://briarproject.org/news/2021-briar-1.3-released/
Official Briar fdroid repository:
https://briarproject.org/fdroid/repo/?fingerprint=1FB874BEE7276D28ECB2C9B06E8A122EC4BCB4008161436CE474C257CBF49BD6
#briar #im #p2p
https://briarproject.org/news/2021-briar-1.3-released/
Official Briar fdroid repository:
https://briarproject.org/fdroid/repo/?fingerprint=1FB874BEE7276D28ECB2C9B06E8A122EC4BCB4008161436CE474C257CBF49BD6
#briar #im #p2p
briarproject.org
Briar 1.3 released - image attachments, profile images and disappearing messages - Briar
Press release The Briar Project released version 1.3 of its Android app today. Thanks to support from eQualit.ie, this release adds several new features that have been requested by many users over the years.
With todayβs release, users can upload profileβ¦
With todayβs release, users can upload profileβ¦
As we continue to live under increasingly dystopian regimes, the need for secure communications is more vital than ever. Telegram has been a great resource and platform for disseminating information and content, but it certainly isn't perfect either.
Some research was done into which digital communication protocols are most ideal for our purposes:
https://telegra.ph/WEbHqRllMIfQa5YzpTSJBrNxfo6tu9-Digital-Communication-Protocols-09-08
The top picks are as follows and are in no particular order:
XMPP
NextCloud
Jami
Briar
Tox
Kontalk
Delta Chat
Bitmessage
Ricochet
Status
Scuttlebot
Session has not had an E2E audit completed yet, but not a bad choice
Θ±
Protocol for SYnchronous Conferencing (PSYC)
Matrix is not recommended: https://www.hackea.org/notas/matrix.html
CAUTION: peer-to-peer communications reveal one's IP address to each other, so using a reliable VPN, proxy, or TOR is advised. Briar is an exception to this rule, as it uses either Bluetooth range or the local network it's connected to; else all traffic goes through TOR. Ones without servers are ideal, such as: Jami, Tox, Ricochet, Status, Scuttlebot, Θ±, and PSYC-2. Some are still in development and may be prone to bugs.
Keep these options in mind when communicating with your clique. Many of us belong to private groups on Telegram which are presumably free from moderator surveillance (or at least interference), but ultimately we should transition to a more durable platform that will be unable to censor our messages. Try a few out and see what works for you and your crew.
#im
Some research was done into which digital communication protocols are most ideal for our purposes:
https://telegra.ph/WEbHqRllMIfQa5YzpTSJBrNxfo6tu9-Digital-Communication-Protocols-09-08
The top picks are as follows and are in no particular order:
XMPP
NextCloud
Jami
Briar
Tox
Kontalk
Delta Chat
Bitmessage
Ricochet
Status
Scuttlebot
Session has not had an E2E audit completed yet, but not a bad choice
Θ±
Protocol for SYnchronous Conferencing (PSYC)
Matrix is not recommended: https://www.hackea.org/notas/matrix.html
CAUTION: peer-to-peer communications reveal one's IP address to each other, so using a reliable VPN, proxy, or TOR is advised. Briar is an exception to this rule, as it uses either Bluetooth range or the local network it's connected to; else all traffic goes through TOR. Ones without servers are ideal, such as: Jami, Tox, Ricochet, Status, Scuttlebot, Θ±, and PSYC-2. Some are still in development and may be prone to bugs.
Keep these options in mind when communicating with your clique. Many of us belong to private groups on Telegram which are presumably free from moderator surveillance (or at least interference), but ultimately we should transition to a more durable platform that will be unable to censor our messages. Try a few out and see what works for you and your crew.
#im
Telegraph
WEbHqRllMIfQa5YzpTSJBrNxfo6tu9 Digital Communication Protocols.
Once upon a time I discovered a Google sheet link in a Telegram post with a table of digital communication protocols, listing 89 rows of software and 32 columns of their features or additional information. I saved a copy, but the table may yet be updated.
Instant messaging apps review
I tested a lot & mulled on this for a while.
Our goal was something less centralized, more private & harder to take down or block.
BRIAR is good & with p2p modes to be censorship resistant if internet is cut, but you have to invite each user separately to a group which is a pain
XMPP is archaic & behaves like a traditional one to one messenger. Yes, groups are there but are more like texting groups & you can't tag or reply to anyone directly.
MATRIX is better but ends up being 3rd party centralized because hosting yourself is a hog, which means you're bound by that hosted server & all those rules, giving up your email credentials, getting possibly kicked off, etc. Matrix.org server started requiring email verification for instance.
Matrix doesn't encrypt metadata, your IP is visible to others in chats.
The last 2 require a hosted server somewhere for large groups to function properly, and so does SESSION since it too has no servers of it's own. But its way lighter than Matrix & can be hosted on a mediocre VPS (which I've done, I can pay, its cheap its fine). The added benefit of Session is everything is onion routed automatically, and there's zero identifying factors when creating an ID. No phone numbers, no emails, nothing. Restore that ID on a new device using a cryptic passphrase, or start a new one if you want.
Check out @Nogoolag room with SESSION:
http://chat.nogoolag.com/nogoolag?public_key=53b45de08520eb3af97933e9a4991e74e26972ee91cc94e6a05da03d956d4313
#im #session
I tested a lot & mulled on this for a while.
Our goal was something less centralized, more private & harder to take down or block.
BRIAR is good & with p2p modes to be censorship resistant if internet is cut, but you have to invite each user separately to a group which is a pain
XMPP is archaic & behaves like a traditional one to one messenger. Yes, groups are there but are more like texting groups & you can't tag or reply to anyone directly.
MATRIX is better but ends up being 3rd party centralized because hosting yourself is a hog, which means you're bound by that hosted server & all those rules, giving up your email credentials, getting possibly kicked off, etc. Matrix.org server started requiring email verification for instance.
Matrix doesn't encrypt metadata, your IP is visible to others in chats.
The last 2 require a hosted server somewhere for large groups to function properly, and so does SESSION since it too has no servers of it's own. But its way lighter than Matrix & can be hosted on a mediocre VPS (which I've done, I can pay, its cheap its fine). The added benefit of Session is everything is onion routed automatically, and there's zero identifying factors when creating an ID. No phone numbers, no emails, nothing. Restore that ID on a new device using a cryptic passphrase, or start a new one if you want.
Check out @Nogoolag room with SESSION:
http://chat.nogoolag.com/nogoolag?public_key=53b45de08520eb3af97933e9a4991e74e26972ee91cc94e6a05da03d956d4313
#im #session
#FBI Document Shows How Popular Secure Messaging Apps Stack Up
https://www.pcmag.com/news/fbi-document-shows-how-popular-secure-messaging-apps-stack-up
#im
https://www.pcmag.com/news/fbi-document-shows-how-popular-secure-messaging-apps-stack-up
#im
PCMAG
FBI Document Shows How Popular Secure Messaging Apps Stack Up
An FBI document lays out the information various secure messaging apps can share with law enforcement.
Why disroot.org shutdown their Matrix server:
@takebackourtech | https://takebackourtech.org
Earlier in 2021, I started seeing red flags surrounding the recently popularized Matrix protocol, thanks to a series of papers done by LibreMonde. Although I shared the research, many Matrix users saw it as an unfounded attack. This lead me to find and champion alternatives like XMPP.
Now disroot, an organization who ran a Matrix server for quite some time has shut down their Matrix instance due to privacy concerns.
β translated from Spanish
the reasons we decided to close our matrix instance were two:
1. the amount of enormous information that data from the users that we were forced to store (initiation and closing of session, interactions, publications and addresses exposed of users in public rooms, etc.) indefinitely and with the aggravation that the information also remains in the participating servers. and also the growing number of bots that polished mapping the network.
2. the ridiculously large amount of resources it required and increased with its use. about closing the instance, less than 100 users were costing us 5 gb of ram (not counting the branch that consumed the database) and 170 gb of space on the users information disk.
summarizing, it seemed to us that the amount of data accumulated was dangerously large and the resources dismedied for what is basically a text chat software.
We never thought that these problems were deliberately planned, but inherent in the matrix structure. And for us, they became unacceptable above all in relation to the commitment we have to the care of the information of the users.
There are six documents confirming that it was the best decision. It is advisable to read them completely and you can find them here:
https://gitlab.com/libremonde-org/papers/research/privacy-matrix.org
in a part of them can be read:
"after a new research and analysis based on our first document, and despite the changes that have occurred since, we believe that new vector ltd and the Matrix.org foundation cic, which represent matrix.org and vector.im:
- they don't meet the gdpr of the eu
- do not follow the guidelines, best practices and explicit requirements described in the ico guide on gdpr for those who have daily responsibilities.
- fail to defend the fundamental principles of gdpr: legality, equity and transparency.
- are not able to process gdpr data requests correctly and in a timely manner.
- discriminate against non-tecnicxs in gdpr-related issues.
- they are trying to retain data and responses from individuals who are entitled to them, removing such data from their system before completing so requests for gdpr, being a lay crime of data protection for 2018.
- they are using misleading communications, capturing policies and terms of services hard to understand to limit the scope of data requests only to home server services, while providing several other independents.
This document includes disclosure of a personal data violation by Matrix.org.
if you currently have a #matrix account on any server, not only in matrix.org, we strongly recommend that you consider whether you need to file a complaint with the English authority of rgpd, regarding the processing of Matrix.org of your data so far. "
In particular, it seems to me that after several years things have not improved too much in the most important aspects: the care and protection of the data of the users.
#im
@takebackourtech | https://takebackourtech.org
Earlier in 2021, I started seeing red flags surrounding the recently popularized Matrix protocol, thanks to a series of papers done by LibreMonde. Although I shared the research, many Matrix users saw it as an unfounded attack. This lead me to find and champion alternatives like XMPP.
Now disroot, an organization who ran a Matrix server for quite some time has shut down their Matrix instance due to privacy concerns.
β translated from Spanish
the reasons we decided to close our matrix instance were two:
1. the amount of enormous information that data from the users that we were forced to store (initiation and closing of session, interactions, publications and addresses exposed of users in public rooms, etc.) indefinitely and with the aggravation that the information also remains in the participating servers. and also the growing number of bots that polished mapping the network.
2. the ridiculously large amount of resources it required and increased with its use. about closing the instance, less than 100 users were costing us 5 gb of ram (not counting the branch that consumed the database) and 170 gb of space on the users information disk.
summarizing, it seemed to us that the amount of data accumulated was dangerously large and the resources dismedied for what is basically a text chat software.
We never thought that these problems were deliberately planned, but inherent in the matrix structure. And for us, they became unacceptable above all in relation to the commitment we have to the care of the information of the users.
There are six documents confirming that it was the best decision. It is advisable to read them completely and you can find them here:
https://gitlab.com/libremonde-org/papers/research/privacy-matrix.org
in a part of them can be read:
"after a new research and analysis based on our first document, and despite the changes that have occurred since, we believe that new vector ltd and the Matrix.org foundation cic, which represent matrix.org and vector.im:
- they don't meet the gdpr of the eu
- do not follow the guidelines, best practices and explicit requirements described in the ico guide on gdpr for those who have daily responsibilities.
- fail to defend the fundamental principles of gdpr: legality, equity and transparency.
- are not able to process gdpr data requests correctly and in a timely manner.
- discriminate against non-tecnicxs in gdpr-related issues.
- they are trying to retain data and responses from individuals who are entitled to them, removing such data from their system before completing so requests for gdpr, being a lay crime of data protection for 2018.
- they are using misleading communications, capturing policies and terms of services hard to understand to limit the scope of data requests only to home server services, while providing several other independents.
This document includes disclosure of a personal data violation by Matrix.org.
if you currently have a #matrix account on any server, not only in matrix.org, we strongly recommend that you consider whether you need to file a complaint with the English authority of rgpd, regarding the processing of Matrix.org of your data so far. "
In particular, it seems to me that after several years things have not improved too much in the most important aspects: the care and protection of the data of the users.
#im
Take Back Our Tech
Let's use technology that doesn't use us. We publish regular in-depth series about friendly & effective technology, and how it could change our lives.
Konzept Notfunkneu_20211105.pdf
3.8 MB
In germany there is a group called FreieDeutscheGesellschaft.org
Experimenting with the LoRa technology.
https://t.me/FDG_Portal
loRa is super effective in Cities, but not in the countryside.
Therefore we switched to the Reticulum Protocol, which allows us to use litte computers like raspberrypi as Gateways, for connecting Lora, CB, Wifi and even more.
First we tried Meshtastic, but there Were many problems with messaging using many nodes.
Nodes not waking up after sleeping for some time.
And many problems with the APP, and interoperabilities.
So we decided to stop the complete Process, because we needed a strong base first, before expanding.
We found reticulum was better in many ways for this usecase, since then we are using it.
https://github.com/markqvist/Reticulum
#communications #im #lora
Experimenting with the LoRa technology.
https://t.me/FDG_Portal
loRa is super effective in Cities, but not in the countryside.
Therefore we switched to the Reticulum Protocol, which allows us to use litte computers like raspberrypi as Gateways, for connecting Lora, CB, Wifi and even more.
First we tried Meshtastic, but there Were many problems with messaging using many nodes.
Nodes not waking up after sleeping for some time.
And many problems with the APP, and interoperabilities.
So we decided to stop the complete Process, because we needed a strong base first, before expanding.
We found reticulum was better in many ways for this usecase, since then we are using it.
https://github.com/markqvist/Reticulum
#communications #im #lora
Dino 0.3:
Video calls and conferences β encrypted and peer-to-peer
https://dino.im/blog/2022/02/dino-0.3-release/
#dino #im #videocalls
Video calls and conferences β encrypted and peer-to-peer
https://dino.im/blog/2022/02/dino-0.3-release/
#dino #im #videocalls
kMeet
Free and secure videoconferencing solution
kMeet is a videoconferencing solution that respects your privacy for all your discussions.No e-mail address, no advertising and no registration are required. Your discussions are not analysed and are only transmitted through Infomaniak servers in Switzerland.
Features :
- Create online (audio and video) meetings with multiple people
- Excellent audio quality
- Unlimited number of participants (subject to resources)
- No apps required for desktop computers
- Join meetings hosted by Infomaniak Meet or Jitsi
- Protect access to your meetings with a password
- Discuss and share resources via the integrated chat function
- Invite your participants via a URL
Download - https://play.google.com/store/apps/details?id=com.infomaniak.meet
https://github.com/Infomaniak/android-infomaniak-meet
#im #Videocall
@foss_Android
Free and secure videoconferencing solution
kMeet is a videoconferencing solution that respects your privacy for all your discussions.No e-mail address, no advertising and no registration are required. Your discussions are not analysed and are only transmitted through Infomaniak servers in Switzerland.
Features :
- Create online (audio and video) meetings with multiple people
- Excellent audio quality
- Unlimited number of participants (subject to resources)
- No apps required for desktop computers
- Join meetings hosted by Infomaniak Meet or Jitsi
- Protect access to your meetings with a password
- Discuss and share resources via the integrated chat function
- Invite your participants via a URL
Download - https://play.google.com/store/apps/details?id=com.infomaniak.meet
https://github.com/Infomaniak/android-infomaniak-meet
#im #Videocall
@foss_Android
5 important vulnerabilities were patched in #Matrix
Four security researchers have identified five cryptographic vulnerabilities in code libraries that can be exploited to undermine Matrix encrypted chat clients. This includes impersonating users and sending messages as them.
https://www.theregister.com/2022/09/28/matrix_encryption_flaws/
#im
Four security researchers have identified five cryptographic vulnerabilities in code libraries that can be exploited to undermine Matrix encrypted chat clients. This includes impersonating users and sending messages as them.
https://www.theregister.com/2022/09/28/matrix_encryption_flaws/
#im
The Register
Matrix chat encryption sunk by five now-patched holes
You take the green pill, you'll spend six hours in a 'don't roll your own crypto' debate
British youth faces 100,000-euro bill for bomb threat joke that prompted Spain to scramble a fighter plane to escort easyJet flight
The accused was checking in for a flight at London Gatwick airport when he sent a message to friends via Snapchat. It was picked up by the UK security services when the plane was flying over French airspace
Source: https://www.surinenglish.com/spain/british-youth-faces-100000euro-bill-for-bomb-20240122151721-nt.html
>send a meme on snapchat
>get fined 120k
Would he have been saved by using any chat service with end-to-end encryption? Even Whatsapp? How can one avoid this happening to them?
β‘οΈhidden tech
#why #im #privacy
The accused was checking in for a flight at London Gatwick airport when he sent a message to friends via Snapchat. It was picked up by the UK security services when the plane was flying over French airspace
Source: https://www.surinenglish.com/spain/british-youth-faces-100000euro-bill-for-bomb-20240122151721-nt.html
>send a meme on snapchat
>get fined 120k
Would he have been saved by using any chat service with end-to-end encryption? Even Whatsapp? How can one avoid this happening to them?
β‘οΈhidden tech
#why #im #privacy