resist1984 @resist1984@social.privacytools.io

@Br0m3x when you say “trip”, that means people passing through Poland, correct? I don't see an issue there. The system can sustain X number of unvaccinated untested people. It makes sense that they would prioritize short-term travelers above locals. Business travelers tend not to have a kitchen w/stocked fridge. They *need* restaurants & meeting places (bars) more than locals do.

@NatCor @ilyess Wire does not require a phone number, but you must give either a phone number OR an email address. If you choose to give a phone number, or you give Wire an email address that is tied to your identity, then that metadata could then perhaps be aggregated with the Tor exit node that you might be using. But OTOH every app gets a different Tor circuit anyway.

@ilyess @NatCor But i have to say this statement is a bit alarming: “some features like calling might not work or lower the anonymity of Tor or I2P”. I think what drives that comment is the latency inherent in Tor (which harm voice quality substantially), but I've not had signficant issues with that.

@NatCor @ilyess I see nothing written that claims Wireapp auto connects to Tor, only that it is Tor-capable. See https://github.com/wireapp/wire-webapp/issues/1882 and https://support.wire.com/hc/en-us/articles/115005697189-How-I-can-connect-through-a-proxy-server-on-desktop- I think it was a forum or blog that told me Wire connects to Tor automatically, and I confirmed it w/tests.

@NatCor @ilyess Apart from that, I don't recall if or where this is documented. I just know from my own tests.

@ilyess @NatCor But I still don't like relying on that auto detection (I don't know the nuts and bolts of how it detects a Tor installation), so I passed this CLI parameter => --proxy-server='socks5://127.0.0.1:9050'

@NatCor @ilyess This differs between the desktop & mobile versions. The mobile version seems Tor-unaware when I look at the settings, but a transparent proxy (#Netguard + #Orbot) will force it over Tor (and it works). The desktop app is based on #Electron. It's broken the recent #Debian #Bullseye but when I ran it on past OSs I noticed that it detected and utilized Tor automatically.

Robots have a bad rap, unjustly so - due to popular misconceptions, and this has enabled #Cloudflare to grow and oppress /humans/.

If you deploy a website/publication that's fed by a bot, plz consider putting a statement on your page saying something like “the useful data on this page was made possible by a beneficial bot that Cloudflare claims is 'malicious'”. Rationale: #Cloudflare deems all bots other than search engine crawlers as “malicious” & it would help to show the ppl the extent of the perversion.

@Dwalrus @kevin @csepp I doubt guix is the problem. When you use a browser other than Tor Browser over Tor, that triggers Cloudflare's blockade.

@dianoetic @kzimmermann #Hushmail solved the key exchange problem.. it's a shame #Protonmail is a regression in that regard, so novice users are tasked with handling pubkeys of their expert correspondants.

@kzimmermann @dianoetic We could really use a #Hydroxide for #Tutanota.

@kzimmermann @dianoetic And for expert users there is #Hydroxide which is leaner & also benefits from static js (as #Electronmail does)... right up until #Protonmail pushes a CAPTCHA, at which point Hydroxide falls over & (bloated) #Electronmail becomes essential. The use case for hydroxide is that sometimes experts need to talk to normies & doing a key exchange is enough to alienate normies.

@dianoetic @kzimmermann #Protonmail has the same vulnerability to subpoena power that #Hushmail has: the server can push malicious javascript that grabs whatever the server admin wants, including but not limited to the private key. There is a defense that's possibly in reach for normies-- running #ElectronMail over Tor, which uses static (potentially reviewed) javascript that's anonymously downloadable.

@dublinux @kevin Comparison of forges => https://git.sdf.org/humanacollaborator/humanacollabora/src/branch/master/forge_comparison.md

@csepp @kevin I do not suggest #gitlab.com. See https://git.sdf.org/humanacollaborator/humanacollabora/src/branch/master/gitlab-dot-com.md

@Br0m3x I think you meant to say “there was /no/ other option”, in which case I would fight that. Some DPA′s are dead beats & some will take steps. Perhaps the dead beat ones need many complaints before they act, but in any case you should add a written complaint to the pile. It's the only way to get visibility on the problem.

@Br0m3x Well there's always the chance that you had asymptomatic covid19 without knowing it, in which case you would pass the antibody test even if you've not received the vaccine. So it might be worth it to apply for the passport. When they demand a mobile phone number, you should refuse. And if they insist, then you should report the incident to the DPA.

@Br0m3x @ilyess Do you plan to report that to the DPA? I would be quite interested in hearing what their response is.

@Br0m3x @ilyess Is the covid test you mentioned (which required a mobile phone number) a requirement to get the covid passport? Can't the health system just look up in their records whether you were vaccinated & give a covid passport based on those records alone?