home tags events about login

petersanchez rss

Father, tattooed Python and Go geek, surfer, lover of *BSDs, Linux, heavy barbells, and Soccer nut! Owner of Netlandish.com, co-maker of AnyHowHQ.com and HelpYouFind.Me

petersanchez bonked 24 Jun 2022 20:28 +0000
original: thegibson@hackers.town



This week alone:

The U.S. Supreme Court made it easier to own a gun, gave cops the ability to not read Miranda Rights, gave religious schools public funding, and overturned Roe v Wade after 50 years of precedence.

petersanchez bonked 24 Jun 2022 20:26 +0000
original: paullammers@eldritch.cafe



Corporations funding anti-abortion campaigns:

Archer Daniels Midland
Bris­tol-Myers Squibb
Eli Lilly
United­Health Group
Amer­ican Elec­tric
South­w­est Airlines
Capital One Finan­cial


petersanchez honked back 21 Jun 2022 18:48 +0000
in reply to: https://hackers.town/users/voltur/statuses/108516803461854343

re: re: Hackers movie, htown, (mention racism/uspol-adjacent maybe?)

re: re: Hackers movie, htown, (mention racism/uspol-adjacent maybe?)

re: Hackers movie, htown, (mention racism/uspol-adjacent maybe?)

@voltur @thegibson@https://hackers.town @rgegriff Wow I can't remember that scene with the "Get a job!" call out. I guess it's been a few years since I last watched the flick. I guess I know what to do this week.

petersanchez honked 21 Jun 2022 17:55 +0000

I've been enjoying honk so much I forgot my Mastodon account was still active. Just setup my redirect there.

Full time honking now!


petersanchez honked 20 Jun 2022 23:14 +0000

I've only been in Genoa a few hours and already wishing I booked more time here and spent less in Venice. Gorgeous city!

Location: Genoa, Italy 44.41 8.93

Piazza Giacomo Matteotti, Genoa, Italy.

petersanchez honked back 20 Jun 2022 23:11 +0000
in reply to: https://mastodon.technology/users/rysiek/statuses/108511965216304000

@rysiek @darksky I'm not sure about that.

Remember TG started a years before Signal existed and before WA added e2ee to it's messaging. Also they're target user isn't security minded hackers/info sec, etc.

I think they're pretty honest about how the tool works. The homepage messaging is definitely marketing dribble but not inaccurate and I don't think anyone but a small subset of people (like you and I) would read that and think "Ah ok, so everything is e2ee by default".

There's nothing in the homepage messaging that to me means "They are clearly not 100% honest with their users about e2ee" - I think that's you reading it through your specific lens.

I also don't think it means they don't care about user privacy. I think they've overwhelmingly shown the opposite to be true.

Like I said before, I wouldn't use TG (or Signal, or <whatever>) to send truly sensitive information ever. I do still think TG is the best daily driver messaging platform and apps that is mostly open about all things and that my messages (as menial as they may be) are protected.

In the end, regardless which of these services we use, there's a level of trust that has to be given by the end users.

petersanchez honked back 20 Jun 2022 21:10 +0000
in reply to: https://honk.petersanchez.com/u/petersanchez/h/1TQZl21htD95dqDwKf

@rysiek @darksky

Oh and the Gronq article, there are good points. Especially about meta data. Most of them also apply to Signal and others.

That post was from 2015 and to date the encryption still stands unbroken. Sure, 300K is nothing to worry about for a nation state so if they broke it they surely would never announce it, but that's just us assuming.

And you know what they say when you assume... Makes an Ass out of U and Me ;)

petersanchez honked back 20 Jun 2022 18:09 +0000
in reply to: https://mastodon.technology/users/rysiek/statuses/108511062095636282

@rysiek @darksky The Telegram is a honeypot link is flat out dumb.

1. Telegram is very open that they are not end-to-end encrypted by default and never portray themselves as anything else. Secret chats are e2e and nothing more.
1. Cloud chats are encrypted in transit and in storage. Encryption keys are broken up into pieces and stored in various jurisdictions, making it virtually impossible to legally force giving up data to governments.
1. Whatsapp is never secure. As there have been countless exploits in it where you can gain full access to the remote device. No such exploit, or really any, has ever existed in Telegram.
1. TG accepts 3rd party clients to it's open API.
1. TG let's you validate that the mobile client you install on your phone is the same as the source code published in their public repos
1. The backend is closed source but I always thought that was a dumb thing to mention because you have no idea what's actually running on the servers in the end.
1. Signal has suspect funding (read Surveillance Valley)
1. Signal does not allow 3rd party clients to use it's open API (suspect!) and also no way to verify your clients
1. Afaik, no government has ever been successful in forcing TG to give up any data.
1. There is a still unclaimed 6 figure bounty for anyone that can break their encryption (for years now)
1. Finally (I could go all day) I think they are the most open about whatever is going on. That comes off as genuine to me.

Yes, obviously I do like to use Telegram but I wouldn't use it, or any similar service, to send anything that was truly sensitive. Also, does appear to collect more metadata than I'd like but it's still fairly minimal.

Just my $0.02