futt

joined 2 years ago
MODERATOR OF
[–] futt@lemmy.toot.pt 3 points 1 year ago (1 children)

I’m not really tech savvy

That's how they get you ;) There is a trade-off between privacy and security on one end, and convenience and ease of use on the other. Microsoft, Google and all the others profiting off of your data know this and offer you convenience and ease of use in exchange for you giving them all your data. So be prepared to give up a little of that convenience and getting a little more tech savvy.

I recommend you take a look at https://nextcloud.com/ - it's a self-hosted cloud service solution that offers file storage, calendar, notes, and a lot more. If you don't feel comfortable hosting your own just yet, there are providers out there that will host one for you for a few $ a month.

 

cross-posted from: https://lemmy.toot.pt/post/346

"Cwtch is decentralized and focused on metadata-privacy in addition to communications privacy. Unlike other communication platforms, none of your messages are routed through a centralized server that has access to metadata such as your social network of friends, or who sent and received a particular message."

Looks like it's based on the onion-routed protocol used in Ricochet, so should be fairly robust (but not yet audited).

[–] futt@lemmy.toot.pt 10 points 2 years ago

If this crap actually goes through (which it looks like it will, the maintainer seems hellbent on pushing it and completely unwilling to listen to criticism) I absolutely expect one or more forks to appear with all the google surveillance completely stripped out.

I'm not a Go developer myself, but I get the impression that trust in the project was already wearing thin after the whole GOPROXY debacle; this just might push enough people over the edge to get the needed momentum behind a new fork.

Also, I really hope package maintainers with the larger distributions start shipping with all this nonsense disabled by default. Apparently Fedora already ships Go with goproxy disabled.

 

Are you a Go developer? Are you worried that Google is not collecting enough data about you? Well fear not, it appears that opt-out telemetry is about to be added to the Go toolchain!

[–] futt@lemmy.toot.pt 5 points 2 years ago

Small team of 3 according to git; but yeah it's a risk.

[–] futt@lemmy.toot.pt 6 points 2 years ago (1 children)

Yes I did some testing, looks really good (polished, responsive UI) and works great as an instant messenger. Also tried setting up a group server, works fine too - although the group functionality is a bit immature yet. There are some challenges; offline messages are a no-go due to the peer-to-peer nature of the protocol, and by design it has no presence indication or stuff like that (which is fine by me). It can also be a bit sluggish, depending on your route and who's DDOSing TOR nodes at any given time...

I love the multiple (ephemeral) identities feature; you can make as many identities as you need and keep them around as long as you need them, and switching between them is painless. Only thing missing is all my contacts switching over I guess.

 

"Cwtch is decentralized and focused on metadata-privacy in addition to communications privacy. Unlike other communication platforms, none of your messages are routed through a centralized server that has access to metadata such as your social network of friends, or who sent and received a particular message."

Looks like it's based on the onion-routed protocol used in Ricochet, so should be fairly robust (but not yet audited).

[–] futt@lemmy.toot.pt 5 points 2 years ago

Interesting read, freedom of association is a double-edged sword though. Yes it means private social media platforms are free to exclude and censor, but it also means bakers are free to refuse baking cakes for gay weddings and all that.

There's also the issue of Section 230 protection. Once you start curating content, there is an argument to be made that you can no longer claim to be a "common carrier", and so you will be liable for the content that is published on your platform.

Then there are utilities such as payment providers. Should they also have freedom of association? PayPal is notorious for refusing service to individuals and organizations based on political or religious beliefs. In an increasingly cashless society, is this OK? And what about other online utilities such as domain registrars, DNS, ICANN etc?

And lastly - where does freedom of association end? The civil rights act put an end to businesses discriminating by race, so there are some limits.

[–] futt@lemmy.toot.pt 4 points 2 years ago

If used correctly, I'd say it's probably as secure as you're going to get short of airgapping. It's not a replacement for good OpSec, and as with all security, there is a trade-off in terms of usability.