There are no known security issues with "Siacs OMEMO" / OMEMO v0.3¹ despite of what some very loud Signal fans would like you to believe. It has been audited by a third party² who took a longer look at it than all of the Signal fans combined.
Yes, #OMEMO v0.7+ (or TWOMEMO 😜) is a cleaner spec with more features (most notably Stanza Content Encryption). That’s why we wrote it. I’m a co-author. That doesn’t mean v0.3 is insecure.
¹: https://xmpp.org/extensions/attic/xep-0384-0.3.0.html
²: https://conversations.im/omemo/audit.pdf
The Chance for Peace
Increased defence spending in the free world seems forced by circumstances, but is not a thing to celebrate. From The Chance for Peace
Every gun that is made, every warship launched, every rocket fired signifies, in the final sense, a theft from those who hunger and are not fed, those who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. The cost of one modern heavy bomber is this: a modern brick school in more than 30 cities. It is two electric power plants, each serving a town of 60,000 population. It is two fine, fully equipped hospitals. It is some fifty miles of concrete pavement. We pay for a single fighter plane with a half million bushels of wheat. We pay for a single destroyer with new homes that could have housed more than 8,000 people. This is, I repeat, the best way of life to be found on the road the world has been taking. This is not a way of life at all, in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron. … Is there no other way the world may live?
In #archaeology we love *analytical* machine learning applications, like the ones that can search through aerial photographs for something we're interested in, or make a charred scroll legible.
But we mostly hate *generative* applications, like LLMs and prompt-based image generators. Because they debase scientific knowledge with their hallucinations, and undermine skilled writing and painting.
@ireneista @contrapunctus @grimalkina @Lunaphied Clicking on the ellipsis at the bottom right of Daniel's post and selecting 'Expand this post' show other replies, but the one from @winfriedtilanus is the most useful.
@adamhotep @snopes rather than using Signal, I suggest self hosting an #XMPP server with accounts for key people. Create a group for sharing MFA keys and keep this sensitive information under your control. If your xmpp server was, say chat.snopes.com, then you can leverage DNS security to have confidential discussions with external people too. See [It is good to be a tree}(https://wordpress.debian.social/jlines/2021/01/12/it-is-good-to-be-a-tree/)
@ireneista @contrapunctus @grimalkina @Lunaphied There is an interesting thread here on Federated Metadata privacy
@thevril @contrapunctus @snikket_im @grimalkina I do like that list too, and use Conversations (via #fdroid and donate via @mastadon.xyz@liberapay). My aim is to inform people that alternatives to monolithic Instant Messengers exist, and encourage more mainstream use.
“The fundamental weakness of Western civilization is empathy, the empathy exploit,” Musk said. “There it’s they’re exploiting a bug in Western civilization, which is the empathy response.”
-Elon Musk, March 6, 2025
“In my work with the defendants (at the Nuremberg Trials 1945-1949) I was searching for the nature of evil and I now think I have come close to defining it. A lack of empathy. It’s the one characteristic that connects all the defendants, a genuine incapacity to feel with their fellow men. Evil, I think, is the absence of empathy.”
-Captain G. M. Gilbert, the Army psychologist assigned to watching the defendants at the Nuremberg trials
https://www.cnn.com/2025/03/05/politics/elon-musk-rogan-interview-empathy-doge/index.html
@ireneista @contrapunctus @grimalkina @Lunaphied I am concerned about the risks associated with metadata for some time, specifically in the context of Who pays for WhatsApp, but any centralised system, e.g. Signal, or Telegram - even if well intentioned, will be vulnerable to insiders being bribed of coerced. Federation limits the insider information scope.
@bun @GossiTheDog Bring Your Own Device. An acknowledgement by businesses that many people have, for example a personal mobile phone which is more recent than the one they issue, and that it is very inconvenient to operate with two devices. They benefit from the intermingling of work and personal life, with people taking work home, for example, but this introduces complex security issues.
Umm... hey, Canadians, why don't you also look for Canadian social media instead of discussing "Buy Canadian" on Facebook?
You know, the company that won't let you read Canadian news?
