chebra

joined 6 years ago
[–] chebra@mstdn.io 1 points 1 week ago

@peregus You're welcome, stay curious!

[–] chebra@mstdn.io 2 points 1 week ago (2 children)

@peregus yes, well the javascript on the site is minified, but I found this place even in the minified code. At this level it would be easier to take the source code and compile your own, host your own instance, then you know exactly what code is running there. And their minified code could be directly compared with your minified code... the beauty of open-source software.

[–] chebra@mstdn.io 1 points 1 week ago (6 children)

@peregus No that would be created by javascript in the sender's browser.

[–] chebra@mstdn.io 0 points 1 week ago (8 children)

@peregus It's explained in other threads here. The key is in the url but behind # and that part is invisible to the server. protocol://host:port/path?query#fragment, server will only see ..?query, so both participants can decrypt, but server can't => E2EE

[–] chebra@mstdn.io 0 points 1 week ago (10 children)

@peregus Apparently some of your assumptions must be incorrect

[–] chebra@mstdn.io 0 points 1 week ago (1 children)

@jwmgregory I think you misunderstand some of the technical terms, it would be quite clear how it works and why it's ok, so let's just keep an open mind. Nobody will be justifying their existence in front of a random internet user. So feel free to be sus, but keep an open mind about terms like E2EE, there is much to learn.

[–] chebra@mstdn.io 6 points 1 week ago (15 children)

@peregus @dl007

Wiki End-to-end encryption:
> The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves. Because no third parties can decipher the data being communicated or stored, for example, companies that provide end-to-end encryption are unable to hand over texts of their customers' messages to the authorities.

You don't have to trust the server.

[–] chebra@mstdn.io 2 points 1 week ago

@birdcat they do this to all new accounts now, especially the mostly inactive ones. I think one way to get around the phone requirement is to use a proton email and setup 2FA immediately after creating the account. Then again, proton is flagging new accounts with signup confirmation emails too, so... yeah... leave github asap

[–] chebra@mstdn.io 2 points 2 weeks ago (1 children)

@muntedcrocodile "Fair use" are exceptions from copyright licenses. I won't pretend I know how this all works in detail, I just know this is the loophole they are using.

[–] chebra@mstdn.io 4 points 2 weeks ago (3 children)

@muntedcrocodile @JRepin they say it's fair use to take any copyrighted content for training and data-mining. https://www.science.org/doi/10.1126/science.add6124

[–] chebra@mstdn.io 0 points 2 weeks ago (1 children)

@Dymonika do --list-subs first, different videos offer different subs with different names

 

The federation between mastodon and lemmy is strange. If a M account wants to follow a L community, they need to follow an automated M account which represents the L community. But if any M post mentions that L community, the post will get boosted by the community's M account, so everybody who follows will get a notification. And I'm not sure if this can be moderated from the L side, because it seems like it never goes through L. Such as - do you see this @opensource ? Does a L mod see this?

view more: next ›