https://mkultra.monster/tech/2024/07/03/serenityos-and-ladybird

This was a little „write-up“ back when everything became more public.

I think the most common alternatives I see recommended are Mullvad and IVPN. Both have a great track record, but also both lack port forwarding if that is an essential feature for you.

A SOC that can’t handle more than 8GB of RAM?

Indeed, that’s the same upper limit Raspberry Pi had until a few weeks ago and not really that unheard of for SBC chips like this :)

Sorry but that seems worthless to me when there are already raspberries, smartphones, other SOCs with 8GB.

None of those are RISC-V nor laptops, so I don’t really see how the two compare? That’s a bit like saying there’s no use for family cars as we have planes now.

As for “recycled SBC”, well that’s expensive then.

Well, it does offer a lot more than just that. If you want an SBC, then great, get the SBC for cheaper. If you want a RISC-V laptop, well, good luck making one on your own with a cheap SBC for less. It’s certainly doable! Just not really something every developer who would like to advance RISC-V wants to do.

I just don’t see the value in this.

Great, then the product is exactly as advertised and serving the market it’s made for. I quote the blog post here:

This is very much a developer-focused board to help accelerate maturing the software ecosystem around RISC-V, so we recommend waiting for future RISC-V products if you’re looking for a consumer-ready experience.

This isn’t really a „just solder more of it“ situation. This is the absolute maximum amount this processor can support due to it’s bandwidth etc.

Remember, this is mostly about making a more or less recycled SBC more accessible for development work. If you want to do pretty much anything besides ensuring compatibility of your own software this is not for you.

I think at this point it should be pretty clear that Signal never had the goal of anonymity which is an orthogonal concept to privacy. While I would support sign-up without phone numbers, it doesn’t address the same threat-model and there are many alternatives if anonymity is your goal.

But I want near-perfect privacy with usability, which Signal provides for me and all my contacts. Who cares if my government knows I use Signal, as long as they don’t know who I talk to and what we talk about.

Edit: just saw your other response. What you want to achieve, is almost impossible. Even if Signal doesn’t log who you talk to, like you assume, there are still methods to unmask this info. There are PoCs for things like timing attacks for notifications etc. which combined can narrow down the list of contacts significantly. But it seems like your threat-model doesn’t align with Signal goals which means it’s probably best for you to search an alternative instead of hating on Signal for not catering to your needs.

deleted by creator

Are you using GE-Proton? I had this issue when not using the stock Proton. Try switching to Proton 9 and try again.

I’m copying my other response since you both had the same issue with my statements:

As you said, if PFS can be disabled by enabling a feature on the receiving end it’s by security practices not enabled, in the industry that’s called a downgrade attack and considered very bad practice.

The blog post you linked, is the publicly revised version after they were called out by well known cryptographers for their handling. This was their original response to the researchers, again after the researchers disclosed the vulnerabilities to them and actively helped designing the new protocol, not just giving inspiration. This was their initial tweet: „There’s a new paper on Threema’s old communication protocol. Apparently, today’s academia forces researchers and even students to hopelessly oversell their findings“ which is long deleted, but I did read it while it was still up back then. I can’t find a screenshot or anything at the moment, so if you want to call me a liar, go ahead but if you search for that quote you will find many citations.

Also, they claimed „old protocol“ but Ibex was still months from being deployed widespread, so that’s another big downplay.

You mention Signals Desktop app issue, Threema claimed the attacks were unrealistic because they require significant computing power or social engineering, both things that are definitely a risk if you’re trying to protect yourself from bigger intelligence efforts. The issue with Signal Desktop however, required full file system access to your device at which point, there is nothing stopping the attacker from simply using a key logger, capturing your screen, etc.

This is why no big security researchers called out Signal but many shunned Threema. At the end I don’t have a horse in the race for either of them, but I think those are facts people need when making a decision with their private information.

As you said, if PFS can be disabled by enabling a feature on the receiving end it’s by security practices not enabled, in the industry that’s called a downgrade attack and considered very bad practice.

The blog post you linked, is the publicly revised version after they were called out by well known cryptographers for their handling. This was their original response to the researchers, again after the researchers disclosed the vulnerabilities to them and actively helped designing the new protocol, not just giving inspiration. This was their initial tweet: „There’s a new paper on Threema’s old communication protocol. Apparently, today’s academia forces researchers and even students to hopelessly oversell their findings“ which is long deleted, but I did read it while it was still up back then. I can’t find a screenshot or anything at the moment, so if you want to call me a liar, go ahead but if you search for that quote you will find many citations.

Also, they claimed „old protocol“ but Ibex was still months from being deployed widespread, so that’s another big downplay.

You mention Signals Desktop app issue, Threema claimed the attacks were unrealistic because they require significant computing power or social engineering, both things that are definitely a risk if you’re trying to protect yourself from bigger intelligence efforts. The issue with Signal Desktop however, required full file system access to your device at which point, there is nothing stopping the attacker from simply using a key logger, capturing your screen, etc.

This is why no big security researchers called out Signal but many shunned Threema. At the end I don’t have a horse in the race for either of them, but I think those are facts people need when making a decision with their private information.

If you’re seriously concerned about privacy and security I wouldn’t look at Threema. They severely mishandled vulnerabilities by insulting the security researchers, then introduced a new protocol they built with the advice given to them for free from the SAME researchers before that, and yet it still doesn’t support critical features like full forward secrecy. If all you want primarily is the best security out there Signal is and will be the best for a long time to come by the looks of it.

Yea no, CarPlay is definitely supported and works fine on my end. Not sure, any iOS updates perhaps or anything of the sorts? The app shows fine in the customisation menu, but did you ever connect to the car since installing it? I have no idea if the apps maybe only show up once they were „initialised“ for that car.

My understanding is, that the 1.0 spec for the extension was basically finalized in 2021 and CPUs using it are already available. Now it’s just fully ratified. Also, while it might seem like RISC-V is “behind” compared to AVX-512 for x86_64 or SVE for ARM, this fundamentally differs from these SIMD Instructions. They talk more about it in this article SIMD Instructions Considered Harmful. So, this is not merely RISC-V playing catch-up, but also trying a “new” (the idea is actually old and how things used to be done) ways to make a more sustainable ISA.

I’m not sure that Proton can fix your problem. However, I feel like this project would love your help with capturing the USB traffic to get it supported and hopefully upstreamed in the kernel some day :)

That’s why Tenacity is here to save the day!

Great, that sounds amazing. Let’s hope it’s also used even if it means less excises for tracking.

Could the new CHIPS functionality help websites like Microsoft Teams working without you having to enable third-party cookies for their websites? If I understood it correctly this might be exactly the kinda use case but I couldn’t find anything specific online.

I looked at some info for reporting this to the kernel developers but the process is too complicated at the time. I’m currently a bit short on time but I did report it to libinput, maybe they can give pointers where exactly to report this.

On Mastodon they said there will be a blog post outlining the changes. That will probably be out tomorrow because that’s when alpha 2 officially launches.

Well, with NTFS, there isn’t. That’s why I said, BTRFS is definitely the better choice for games. Never had issues with two shared drives in over two years now with WinBTRFS.

I’ve been using WinBTRFS for quite some time without issues. It seems a lot of people recommend NTFS. But be aware, if you plan on using it for things like games, NTFS will absolutely break at some point. It is not compatible with Proton and will break things like updates for Steam. It always has for me up until very recently. Valve also says the same about using NTFS for games. I’m not sure this can be fixed with the NTFS driver unless they do workarounds like renaming things automatically because some things Proton does are not compatible with the filesystem spec.