• 44 Posts
  • 1.83K Comments
Joined 2 年前
Cake day: 2023年11月8日
  • LWD@lemm.eetoTechnology@lemmy.worldDelta Chat: Delta Chat, decentralized secure messengerEnglish
    1·
    21 天前

    A few observations from others about why Delta Chat is neat but not remotely close to a replacement for Signal (or probably much else):

    It hasn’t achieved the bare minimum for serious encrypted messaging

    “No, Delta Chat doesn’t support Perfect Forward Secrecy (PFS). This means that if your Delta Chat private decryption key is leaked, and someone has collected your prior in-transit messages, they will be able to decrypt and read them using the leaked decryption key.”

    https://delta.chat/en/help#pfs

    It’s great they’re being open about the implications. But given that there’s better protocols out there (Signal protocol for example), it makes no sense to use inferior apps.

    Forward secrecy and metadata privacy are table stakes in any modern secure messaging design, and Delta Chat has neither.

    If Keybase hasn’t managed to “fix” the same base encryption Delta Chat is using, there’s no reason to assume this small project will have better luck.

    PGP isn’t architecturally well-equipped to provide forward secrecy. In the mean time, I think it’s borderline negligent to put this in the category of secure messaging; the world’s expectations for security baselines have moved on beyond the mid-2000s.

    (My reference point here is Keybase, which built a very user-friendly and misuse-resistant encrypted chat on top of PGP in the mid-2010s. They couldn’t get to forward secrecy either with PGP as their substrate.)

    Delta Chat treats encryption as optional and requires extra steps to avoid accidentally exposing more data

    No forward secrecy and will automatically switch to unencrypted messages if you receive an unencrypted message from a contact.

    The way to have guaranteed encryped is creating two user encrypted group chat.

  • LWD@lemm.eetoTechnology@lemmy.worldDo you remember Windows 95? How about Windows 96?English
    4·
    23 天前

    Based on your descriptions of the integration between Windows 96 and Office, I did get the feeling you might run into even more issues if more software wasn’t installed alongside Windows as well.

    I’m all Mac and Virtual Box doesn’t run on M-series hardware.

    I had no idea!

    And hopefully my comment didn’t come across as a dig against your article - it just promises to be a potentially fascinating follow-up. Especially when, even today, Windows Explorer feels like it added previews of files as little more than an afterthought (and occasionally as a PowerToy).

    BTW I enjoyed 100% of your article, I think it’s a good sign when it leaves the reader wanting more!

  • LWD@lemm.eetoTechnology@lemmy.worldDo you remember Windows 95? How about Windows 96?English
    22·
    23 天前

    This is a very good article, but this part peeved me on a petty level (as well as explaining why there’s precious little in the way of screenshots):

    While I can’t find any uploads that are set to run on their website in a virtual computing session, the files are available to download if you felt like spinning up a piece of computing history.

    The opportunity to do a little investigative journalism is right there, and the blog author didn’t take it

  • LWD@lemm.eetoprivacy@lemmy.caDeepSeek Review: A Middling Chatbot With Profound Privacy Issues
    62·
    23 天前

    Your article cites the Trump administration (which clears your bar for what constitutes state propaganda) and additionally when we compare it to their own review for ChatGPT:

    PCMag describes DeepSeek data collection as “fairly standard for chatbot data collection,” but then claims “other serious privacy concerns” before linking that [Trump admin] report.

    Meanwhile “OpenAI collects a significant amount of data,” it “was not forthcoming” with data breaches, and the author doesn’t “recommend sharing anything too sensitive with ChatGPT.”

    Strange DeepSeek gets the “not secure” label and ChatGPT does not.