deleted by creator

They have to know who the message needs to go to, granted. But they don’t have to know who the message comes from, hence why the sealed sender technique works. The recipient verifies the message via the keys that are exchanged if they have been communicating with that correspondent before or else it is a new message request.

So I don’t see how they can build social graphs if they don’t know who the sender if all messages are, they can only plot recipients which is not enough.

1. You need to identify yourself to receive your messages, and you send and receive messages from the same IP address, and there are typically not many if any other Signal users sharing the same IP address. So, the cryptography of “sealed sender” is just for show - the metadata privacy remains dependent on them keeping their promise not to correlate your receiving identity with the identities of the people you’re sending to. If you assume that they’ll keep that promise, then the sealed sender cryptography provides no benefit; if they don’t keep the promise, sealed sender doesn’t really help. They outsource the keeping of their promises to Amazon, btw (a major intelligence contractor).

2. Just in case sealed sender was actually making it inconvenient for the server to know who is talking to who… Signal silently falls back to “unsealed sender” messages if server returns 401 when trying to send “sealed sender” messages, which the server actually does sometimes. As the current lead dev of Signal-for-Android explains: “Sealed sender is not a guarantee, but rather a best-effort sort of thing” so “I don’t think notifying the user of a unsealed send fallback is necessary”.

Given the above, don’t you think the fact that they’ve actually gone to the trouble of building sealed sender at all, which causes many people to espouse the belief you just did (that their cryptographic design renders them incapable of learning the social graph, not to mention learning which edges in the graph are most active, and when) puts them rather squarely in doth protest too much territory? 🤔

Oh, no, I was talking purely about the second post, about FUTO itself

Oh. Well, that post I sort of figured I should just delete altogether (because it is also offtopic there, and bad publicity is still benefiting futo) but I left it locked in hopes that it would discourage more of the same.

there is a thread about the moderation of this thread here.

removing the comments to leave only the remnant of it that is “truth” is often not the best way to handle it

i totally agree that it is often preferable to allow misinformed comments to remain so that they can be refuted.

in the case of futo, though, i feel like there are often actually some bad-faith actors who just want to keep the discussion going, and will continue to repeat their misinformed arguments in the face of any and all evidence.

and, in this particular case, it is even a thread in the Open Source community so any discussion of Futo is inherently offtopic. (and all of which is also effectively promotion for them; again see succès de scandale.)

The way the conversation looks right now is just confusing

the thread as it is now has lots of comments about open source keyboards, and a link to this thread for anyone who wants more information about all the deleted comments than they can find in the modlog. if you think it would be better if that thread was still mostly people arguing about Futo… well… i’m glad you’re not a mod there.

Rossmann’s billionaire patron is Eron Jokipii (aka Eron Wolf). As you can see here he comes off as a bit of a bumbling rube; it’s possible that he sincerely doesn’t understand the harm in what he is doing since he’s one of those people who became unfathomably rich by selling a company to Yahoo in the late 90s and has probably been surrounded ever since by yes men who can’t afford to contradict him.

Thanks for editing, but I deleted your comment anyway because it was still just recommending something that is not open source.

fyi there is a thread here discussing the moderation of this thread.

nice.

(although that is just the subset of my posts and comments which are visible on your instance; on mine i have more than twice as many…)

That was me. I’m tired of FUTO fans derailing discussions about FLOSS with advocacy for their obviously-not-open-source software and insisting that it is open source.

Every time Futo comes up, someone will insist it is open source, others will correct them, and soon more than 50% of a thread that is supposed to be about open source is people arguing about them.

I’m pretty sure that Futo’s (now recanted) position that they were open source (despite the term having a clear definition which is very internationally recognized and which Futo’s license obviously does not meet) was an intentional marketing gimmick - “there is no such thing as bad publicity” and every time a bunch of people are arguing about them there is a chance they’ll get more customers (some of whom might even believe it is open source).

I’ve counted 19 messages moderated

Probably more than that even; more than I want to count. The modlog is public.

and the post has been locked.

The What’s the best open source keyboard for android? post where you commented has not been locked, but most of the futo-related comments in it are deleted. Note that while your comment was not advocating for futo per se, it was (successfully) encouraging others to continue the offtopic discussion. You could have answered your question by reading the modlog.

I did lock another post in the same community (the topic of which is, again, Open Source), which was What are your thoughts on FUTO? (and I left a comment there explaining why).

I generally try to assume good faith but I’m pretty sure some Futo proponents are actually just trolling at this point.

I hope this answers your questions.

i bet you’re going to love to hate this wikipedia article https://en.wikipedia.org/wiki/Monochrome_painting 😂

because it’s stupid.

you were bamboozled

presumably you find value in some things that some other people think are stupid too; it’s OK

deleted by creator

The good news is that (sometime last year, long after you posted this) futo finally agreed to stop calling their license “open source”; unfortunately there are still some vocal fans of theirs arguing in various forums that it is.

Futo is not open source, as they (now, finally) even admit themselves: https://www.futo.org/about/futo-statement-on-opensource/

See also https://opensource.org/osd and https://opensource.org/authority and compare it to Futo’s licenses; there are (at least) three reasons it doesn’t qualify, can you spot them all? (rhetorical question; don’t @ me)

I am locking this thread to avoid needing to remove misinformation and advocacy from Futo fans who think they should be allowed to redefine a term which there has been consensus about the definition of since before they were born.

even if it’s from its own repository, it is still on F-droid

There is nothing to stop anyone from running their own f-droid repo and distributing non-free software through it, which is what futo is doing.

seems open source enough

This is the definition. Compare it with Futo’s license; it fails to meet both the Open Source Definition and Free Software Definition in several ways. After insisting they could redefine the term for a while (despite the definition’s wide acceptance) and inspiring some of their very vocal fans to promulgate their dishonest argument on their behalf, Futo themselves finally came around and agreed to stop calling their software open source.

you just can’t understand what open-source means

FYI, nearly everyone (including Futo themselves), except for some Futo fans like yourself who haven’t gotten the memo, agrees that this is the definition of “open source” (and Futo’s license obviously does not qualify).

Other comments in this thread suggesting that Futo keyboard is open source have been deleted as offtopic.

What is xz attack thingy?

https://en.wikipedia.org/wiki/XZ_Utils_backdoor

Organic Maps is great, but see also OsmAnd.

The former is faster and easier to use but the latter has a lot more features.

What the people here saying this “seems legit” are really saying is that, if the site is providing DRM content which you want to see, then it is indeed using this for its intended purpose (which is to prevent you from recording and/or retransmitting the stream). This is true, but, it doesn’t mean that the site isn’t also collecting your device identifiers and using them for some nefarious privacy-invasive purposes. And of course, they most likely are.

So if I were you I would look for a pirated streaming website instead of running this proprietary software to watch a DRM’d stream. (The pirated site will probably also be privacy-invasive, but they won’t get your device ID… and you’re more likely to be able to block its ads.)

aircraft for example

due to DO-178C requirements, Linux can’t be used there… yet.