133
What will this mean for Lemmy instances? XMPP servers? Email servers?
What if a 15 year old runs their own personal Mastodon server? LoL this is gonna be yet another entertaining Australian government shitshow.
rcbrk
joined 3 years ago
I think a lot of comments have missed that ntfy.sh does not use UnifiedPush, the ntfy server is a UnifiedPush provider and the ntfy app is a UnifiedPush distributor.
Regarding encryption of the push message, from https://unifiedpush.org/developers/spec/android/ :
Push message: This is an array of bytes (ByteArray) sent by the application server to the push server. The distributor sends this message to the end user application. It MUST be the raw POST data received by the push server (or the rewrite proxy if present). The message MUST be an encrypted content that follows RFC8291. Its size is between 1 and 4096 bytes (inclusive).
^PSST, rumour is that paedophiles use HTTPS...^
That rules it out for me then. I like to use XMPP+OMEMO with about 4-5 clients which I can continue a conversation with at any time. Main mobile, tablet, desktop, other desktop, and backup mobile which is usually switched off. (Even if a device has been missing for too long and run out of OMEMO keys, the keys sync up again once I send a message with it.)
You have to trust the servers with your metadata, and that the servers have their inter-server communication locked down, but at least you can choose/operate servers.
Some clients are a bit flaky with their e2e encryption defaults or from a UI perspective it is easy to send an unencrypted message (in a new chat for example) before noticing that was how it was set.
There are a few XEPs the server needs which enable things like OMEMO, efficient mobile data/battery use, offline and multiple device deliverability, file transfers, etc. Audio/video calling has various requirements as I think xmpp only facilitates the setup of the call.
XMPP lacks good clients and suffers from fragmentation of protocol standards implementation
- For Android: Conversations is excellent, also on F-Droid if you don't want to use the Google store.
- For iOS/MacOS: Siskin or iOS/MacOS: Monal.
- For Linux/Windows: Gajim or Linux: Dino.
"Protocol fragmentation" is not a valid complaint about XMPP -- it's like complaining that ActivityPub is fragmented; but that's not a problem: you use the services (Mastodon, Lemmy, Kbin, etc) built with it which suit your needs, mostly interacting with that sector of the federation (eg, Lemmy+Kbin), but get a little interoperability with other sectors as a bonus (eg, Lemmy+Mastodon).
The HK company's ~~branding~~design/branding was licensed to a manufacturer nominally based in Europe.
Edit: many sources, but here's one: https://www.reuters.com/world/middle-east/trail-mystery-woman-whose-company-licensed-exploding-pagers-2024-09-20/
Most ~~people~~^1^, even in this very thread, clearly don't [...]
- Signal shill-bot personas.
Panquake have released some source code. Not for Panquake itself, but for a link shortening service. I suppose it's a brand-exposure exercise.
https://talkliberation.substack.com/p/panquake-early-release-pnqk-now-available
view more: next ›
Yes, this. It's important that your local DNS server does not even forward queries from the isolated subnet to external DNS, because these queries (and responses) can contain information. ("DNS tunneling").