• 0 Posts
  • 14 Comments
Joined 5 months ago
cake
Cake day: June 10th, 2024

help-circle



  • “NixOS project” did not call anyone nazis, there was no “purge”, this article is clickbait and ragebait. What one contributor, however prolific, says, doesn’t represent the entire project (even though I somewhat agree with him here - there are sadly some bigots in the community).

    Nobody forced Eelco (the founder of Nix) to “abdicate”, but there was indeed pressure to step down as the de-facto BDFL put on him by various people. He’s respected as an engineer, architect, maintainer and mentor, but his community management skills were perceived to be lacking, and there were other perceived issues in the community - which boiled down to the fact that a lot of contributors didn’t feel like they could influence the direction of the project. Note that he’s not expelled from the project in any way, he’s still a maintainer of Nix itself, which AFAIU from my interactions with him is what interests him the most, and he’s more or less happy to leave administrative/community stuff to other people.

    Then began a process to establish a new governance structure. Currently, we’re up to a stage where there’s now formal community values and a new constitution for the project. There’s an election happening right now, with all active contributors able to become candidates or vote (although the deadline for candidate nominations has passed, so now we can only vote).



  • UNIX was kinda designed to be an IDE (of its time) by itself. Desktop/Server Linux (whether GNU or non-GNU) mostly continues this tradition; you are provided with some powerful tools for text manipulation, development, debugging and deployment out of the box in most distros. As such, any modern Linux distro is pretty good for development even out of the box. However, you must learn to use this power, and I’m not claiming it’s easy (I still regularly look up various manpages despite doing development on Linux for 10+ years in various forms).

    With that said, I myself prefer NixOS. It really feels more developer-oriented that other distros, as you get the power of Nix out of the box, and integrated into the system. With Nix you get easy access to the biggest software repository in the world. You get per-project development shells, so that you never have to worry about different toolchain versions for different projects, or your system being contaminated with bloat you no longer need. You get the power of reproducible packaging, to eliminate a lot of (but unfortunately not all of) “Works on my machine”-type of problems. It’s also got a hell of a learning curve, but I think it’s worth it.




  • balsoft@lemmy.mltoPrivacy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger.

    Most people are technically illiterate. On top of that, most criminals are idiots (otherwise they’d have calculated risk/reward ratio rather than only looking at the reward side of things). The reason it is used by drug dealers is (1) Telegram is convenient, (2) Telegram is not moderated so they accumulate there due to “moderation selection”, (3) Law enforcement didn’t care enough to do anything about that. Now that (3) has changed and (2) is on shaky grounds, I expect a lot of them will move elsewhere.


  • balsoft@lemmy.mltoPrivacy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    Signal chats can read messenger developers with basic hack (add one more person in chat and collect messages on disk)

    How exactly do you think that would work? To add a new recipient the client needs to explicitly encrypt messages with a key available to that recipient. What command in the Signal protocol would trigger that action without first establishing trust in the recipient? (FYI when adding a new device, there is a key-exchange and verification process, which requires access to some other device with keys already on it).


  • balsoft@lemmy.mltoPrivacy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    Tell me how Durov, or someone else get access to my one-to-one crypto chat, if I compile mtproto self from github?

    As a separate statement: they can’t (probably).

    In context of the discussion: they don’t need to, because secret chats are so inconvenient and fussy that they are seldom used. There is a lot of crime happening in public groups/channels, in “private” groups chats that can not be encrypted, or in 1-on-1’s that are not secret. Telegram has the ability to stop all of that with just some moderation, or turn messages over to the authorities, but they don’t. Which is precisely why Durov is in custody right now. If he actually made a messenger with good, convenient end-to-end encryption, he would be in the same situation with Signal authors, who have perfect deniability since they can’t read anything their users have sent up until this point.


  • balsoft@lemmy.mltoPrivacy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    Bullshit.

    If you want protect yourself for random network administrator on your network line, of course.

    Telegram and Signal both use TLS. They are identically secure from transport-level attacks.

    If you want protect from anyone (government for example), of course not.

    Of course yes. If you want a more private group chat, or an actually useful 1-on-1 encrypted chat that works across multiple devices, Signal is the only option (out of the two, there are way better alternatives like XMPP and Matrix). For 1 device-on-1 device E2E chats, Signal and Telegram are about the same level of security, except Telegram’s protocol sees less scrutiny from the crypto community.

    As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.

    LOL. I see drug ads on the street all the time. The one time I checked, it pointed to a publicly available Telegram bot.


  • balsoft@lemmy.mltoPrivacy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    3 months ago

    If Signal was to pull a MITM, it would have been noticeable as it requires active intervention in the protocol (it hasn’t been noticed yet), it would destroy all plausible deniability for them going forward, and it wouldn’t be possible on existing chats (once the key exchange between two parties happens, it’s impossible to do MITM). Telegram can just straight up read your messages, past, present and future, do whatever they want with them, with no way for anyone to check if that happens. It’s two different tiers of communication security.

    To quote another commenter,

    You clearly have no idea what you’re talking about.


  • Navalniy and his team openly supported the annexation of Crimea (and destruction of Ukrainian and Crimean Tartar culture).

    Not really: https://www.nytimes.com/2014/03/20/opinion/how-to-punish-putin.html ; this is just days after the annexation. I’m no fan of Navalny for various reasons (his nationalist views, xenophobic comments and narratives, etc), but he was very much against all Putin’s shenanigans in Ukraine, and vehemently anti-war.

    The recently exchanged “dissidents” also showed their true colours by supporting the annexation of currently occupied territories in Ukraine.

    What are you on about? Name one of them who supported the war. Most of them were jailed due to their anti-war positions.