31
submitted 2 months ago by Soatok@pawb.social to c/tech@pawb.social
top 6 comments
sorted by: hot top controversial new old
[-] Melody@lemmy.one 7 points 2 months ago

Wow.

Even more shocking was the absolutely toxic reaction you got from sycophants.

I love seeing your blogposts about cybersecurity; and I absolutely do appreciate that your blog isn't just about cybersecurity.

[-] savvywolf@pawb.social 4 points 2 months ago

meanwhile, it is very unclear that any sidechannel attack on a libolm based client is practical over the network (which is why we didn’t fix this years ago).

Wow... Uh, that's certainly a thing for a developer to let slip out, huh?

One thing I don't get about Signal/Telegram/etc is that they claim to be secure and private... Yet also require you to prove your identity via a phone number? I don't really get it.

That would be a massive deal breaker to some people I want to push off Discord and is one of the reasons I haven't tried Signal yet, but have tried Matrix.

[-] Bunny@pawb.social 2 points 2 months ago

signal no longer requires phone numbers as they have implemented a username system

[-] savvywolf@pawb.social 1 points 2 months ago

I figured, but my question is: Why did it take them so long, especially for something that prides itself on privacy?

[-] Bunny@pawb.social 1 points 2 months ago

i wish i knew

[-] ace@lemmy.ananace.dev 0 points 2 months ago

Well, this has certainly caused quite a bit of drama from all sides.

I'm curious about the earlier audit of libolm which happened many years back (and by a reputable company), it feels like it should've found any potentially exploitable issues after all - including timing attacks.

this post was submitted on 14 Aug 2024
31 points (100.0% liked)

Furry Technologists

1307 readers
1 users here now

Science, Technology, and pawbs

founded 1 year ago
MODERATORS