resist1984 @resist1984@social.privacytools.io
Joined Mar 2019
@strypey @nwalfield @rysiek Indeed it was an absurd overreaction, which was clear to me as my toolchain was unaffected by it. Of course it's still sensible to stop using compromised components until they're patched. In the same vein, it's a good idea to selectively stop sending email to exclusive platforms that reject RFC-compliant msgs on the sole basis of IP address. Emailing them is supporting them.
resist1984
boosted
#Debian #Bullseye devs decided for everyone to remove SSL2 & SSL3 support from #openssl. Yes, they decided to play nanny to "protect" people from themselves, when actually they lack wisdom to know SSL isn't only for crypto-- it's also to verify ownership of #onion sites. I hate it when some pretentious self-proclaimed security expert imposes their "protection" on other admins.
@parisni @rysiek @dredmorbius @nwalfield @yunohost how is Jami blocking poor ppl?
@yunohost @nwalfield @dredmorbius @rysiek @parisni Poor people can "pay" by giving up privacy in both cases (either by relaying email through a privacy abuser, or by letting the CAPTCHA service collect data on them). But that's unfair b/c they don't have the luxery of buying higher levels of service. It's a break from #netneutrality principles.
@parisni @rysiek @dredmorbius @nwalfield @yunohost It's actually a #netneutrality problem for MS & Google to block on the basis of IP address, because that policy creates access inequality. It's comparable to what #Cloudflare is doing to Indians & Serbians, whereby they force users of cheap ISPs (which use CGNAT) to solve #CAPTCHA. Those users must pay a fee to get the privs of IPv4 or IPv6.
@yunohost @nwalfield @dredmorbius @rysiek @parisni The RFC's rules are fair because the RFC does not impose being able to afford a static IP address. The corporate rules of #Google & #Microsoft are unfair b/c they don't care about access equality, just profits, & they are happy to marginalize anyone not profitable to them.
@parisni @rysiek @dredmorbius @nwalfield @yunohost It's of course accurate to say #GAFAM is blocking email. They block connections discriminating solely on IP address & w/out cause. It's a destructive intentional practice of #GAFAM to do that & that's where the blame goes.
@parisni @rysiek @dredmorbius @nwalfield @yunohost the rules are written in an RFC, which exists for the purpose of interoperability. When Google & MS refuse to accept RFC-compliant email, they are breaking the rules & breaking email. They've made their own profit-driven rules that they force others to comply with. Playing by #GAFAM rules supports them.
@yunohost @nwalfield @rysiek @parisni I've not investigated this case in detail, but one question is whether CF sees the user's IP address. If not, then the privacy issue may be indirect (CF doesn't give gratis service for nothing; e.g. CF profits from every solved captcha)
@parisni @rysiek @nwalfield @yunohost there are a couple ways to promote privacy abuse. One way is to directly expose profitable data to the abuser. The other way is to use the services of some entity that has a privacy abuser in the supply chain.
@dredmorbius @nwalfield @yunohost @rysiek sometimes I send them a fax & add "this came by fax because your email provider is blocking". The fax likey still goes through gmail/outlook on their end, but I think it's less prone to mass snooping as MS & Google would have to OCR it, and even then the metadata is harder to parse.
@rysiek @yunohost @nwalfield @dredmorbius So in knowing that it's not really anti-spam (there are ways to counter spam without oppressing legit users), I choose not not email gmail & outlook users in order to avoid supporting the oppressor.
@dredmorbius @nwalfield @yunohost @rysiek sometimes i get away with sending email directly to a recipient if their ESP is not a #MACFANG one. This proves that it's viable, & that the tech giants have chosen to be anti-competitive under the false claim of anti-spam.
@parisni @rysiek @nwalfield @yunohost i heard about it from someone in #jami on freenode. BTW, there are (were?) matrix bridges to some freenode channels, and those bridges went through Cloudflare servers. IIRC the only way to avoid CF was to not use matrix and connect to freenode another way. i'm sure there are CF-free ways to use matrix but I was just put off by the fact that key organizers were using CF.
@parisni @rysiek @nwalfield @yunohost matrix uses #Cloudflare for some of their web stuff so i've not looked further into it. I should mention that Jami can be used asynchronously, but it's not straight forward.. someone at one end has to run their own server for it to work. So indeed it's still impractical for novice-to-novice async comms.
@parisni @rysiek @nwalfield @yunohost for asynchronous msgs, #Wire is better. It's centralized, but it's more inclusive and less exposing than email. It relies on email for registration, but you only need to be able to receive email so it avoids all the pitfalls of sending email.
@rysiek @nwalfield you two are addressing the 5th to the last bullet on that article (a good thing), but it's nowhere near enough to be able to consider email a common denominator.. it's more of something for cornercases or when dealing w/someone who is stuck in their ways (which I believe are the same as those who would resist PGP anyway)
@nwalfield @rysiek to get an idea of the severe availability/reliability problem with email, I suggest reading this email vs #Fax article => https://oasis.code-cat.com/posts/1833714
@rysiek @nwalfield Jami should be your first port of call because it's the most inclusive and also more secure than PGP mail (due to all the plaintext metadata). Sure failing that, PGP email may suit some circumstances but that's always a subset of what Jami can accomodate.
Joined Mar 2019
