deleted by creator
deleted by creator
I had the same idea a while back and was wondering why no one has implemented something like this yet. This seems like an actual useful application for LLMs.
I am using Zotero (Citation Management Software) to collect scientific Articles I have read. Sometimes I forget in which Article I read about something specific. A search, where you could describe what you are looking for in a sentence, which then returns the Article with the relevant part, would be a gamechanger.
Seems like people in the comments are misunderstaning the point entirely. This protocol is about import and export from password managers and not about having them synced between devices. It would prevent a lock in effect. This is a great development!
FIDO Alliance’s draft specifications – Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) – define a standard format for transferring credentials in a credential manager including passwords, passkeys and more to another provider in a manner that ensures transfer are not made in the clear and are secure by default.
Your arguments don’t really make sense in the context of you asking for Threema instead, even if you acknowledge that it isn’t optimal.
[Signal] already showed that they’d like to keep the ecosystem locked down by not allowing 3rd party clients
Neither does Threema, it is a closed eco system? And in fact there is Molly, a hardened Signal fork for Android
At some point they will need a way to pay for their datacenters, […] i can see the pestering for donations getting much worse in the future.
Threema is a paid app though. So you consider an app asking for donations worse than a paid one? I agree though that their financials aren’t the best, since they seem to be living off a loan, but thats even more an argument to donate.
What does Ente mean?
In Malayalam, Vishnu’s native language, “ente” means “mine”. Thus “Ente Photos” has the literal meaning “my photos”.
This was a good name, but still Vishnu looked around for better ones. But one day, he discovered that “ente” means “duck” in German. This unexpected connection sealed the deal. We should ask him why he likes ducks so much, but apparently he does, so this dual meaning (“mine” / “duck”) led him to finalize the name, and also led to the adoption of “Ducky”, Ente’s mascot Source
Sure thing, never claimed to know if it violates the law. Thats for judges to decide.
I will copypaste, because this feature has been discussed a lot already.
The companies will get some general data if their ads work, without a profile about you being created. I am fine with that. Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this. If more privacy focused people don’t like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable). It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.
Discussion about PPA from some time ago
This is hilarious and sad at the same time.
You continue to misunderstand the word “misinformation”. It is incorrect information spread without intent. A mistake made that leads to incorrect information spreading, falls into that category. Especially as it is in the starting point of the discussion, where sources should have been provided.
The need to feel victimized and a little bit of paranoia is strong in you, you should talk to someone about that. I am guessing that is caused by the lies and disinformation spread by your political party of choice. (I am only mentioning politics, because you brought it up with the feds conspiracy theory)
If you went and looked at my account history, you would see that there are a few comments in german and my account is registered on a german server and coincidentally I am German. So much for your fed theory.
My criticism has been nothing but constructive. I implore you for the future to do research using credible sources and to cite them, before making claims that could have a big impact. That goes for discussions on lemmy and as well in real life, when you are discussing or forming an opinion on an important topic.
I hope you get the help you need!
Oh sorry about that! Somehow missed that. Still weird by OP to claim systems are insecure just because vulnerabilities are discovered. That‘s the case for every system out there. Vulnerabilities are discovered and fixed. And mobile operating systems typically have stricter security features and permission management than Desktop OS.
Misinformation is the inadvertent spread of false information without intent to harm, while disinformation is false information designed to mislead others and is deliberately spread with the intent to confuse fact and fiction. Source
This is more than a simple mistake and I am right to call it misinformation. I appreciate that you seem open to discussion about you being wrong. Nevertheless your post is still not edited to correct the proven wrong statements. You can use strikethrough so no context is lost, like I did in the comment you are replying to, where I was wrong.
You made a post with huge claims, basically saying that signal is unsecure and messages can be read by the goverment. This is such a big claim that it should have been researched by you beforehand and you should have provided sources. You don’t get to hide behind “discussions” because in a discussion you actually provide sources if you make claims. Especially if you are trying to start one, to give the readers a chance to read up on the topic.
You “getting a detail wrong“ has a huge impact. Some people will stumble upon this post, read that signal is supposedly insecure and might believe it and even spread that. It hurts the adoption of a secure encrypted messenger. It is not a small detail, but the foundation of your whole post.
And I am mostly right, I just seem to have been wrong on the detail about Signal push notifications. […] This comes from the DOJ senator Wyden saying these corporations can secretly share this data with governments and can include the unencrypted text which is displayed in the notification.
No, you are mostly wrong about the claims you make! Again your post made the connection to signal. Push notifications for Signal NEVER contain sensitive unencrypted data & do not reveal the contents of any Signal messages or calls–not to Apple, not to Google, not to anyone but you & the people you’re talking to. Source
“spreading misinformation” is a phrase mostly used by feds when they see something they consider to be “wrong think” or not “politically correct”. They use this anti-misinformation campaign to support their censorship and mass surveillance system.
I don‘t appreciate you, trying to frame my correction of your blatant misinformation as trying to censor you. Don‘t try to play the victim.
Thanks for pointing that out to me, I wasn‘t aware of that.
You are just spreading misinformation! Cite your sources!
There is a strategy used, which allows the government to find out who an account belongs to. They ask the push providers (Apple/Google) for data on the push token from e.g. a messaging app. This way they associate the account from an app with an identity.
Nothing there about message content. It is still safely E2EE.
I don’t know how it works in your country, but in mine, phone numbers are already associated with identities, so nothing gained as the gov can just ask signal for the phone number of an account, instead of having to ask signal and the push provider to get the identity. (Edit: apparently it’s hashed, so there seems to be a use for this.)
Signal isn’t about Anonymity but Privacy. There is a difference.
If you have another vulnerability cite it!
Cite your sources if you want to make claims like these! Until then you are just spreading FUD. There is nothing supporting your statement that i could find.
Wow, the whole argument of the article is basically: funded in part by US government = bad, and making a lot of assumptions, nothing more.
The fund is designated to: “support open technologies and communities that increase free expression, circumvent censorship, and obstruct repressive surveillance as a way to promote human rights and open societies."
One should question the commitment of a fund that dedicates itself to “obstructing surveillance”, while being created by a government who runs the most expansive surveillance system in world history. And how the US might define the terms “human rights”, and “open society” differently from those who know the US’s history in those areas.
How laughable, that is not an argument, it’s nothing more than a guessing game, ignoring that there are different parts of government and different objectives can be true.
Signal’s use luckily never caught on by the general public of China, whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows. (For example, India’s most popular social media apps, are Facebook and Youtube, meaning that US surveillance giants own and control the everyday communications of a country much larger than their own). Signal instead became used by US and western activists, and due to the contradictions of surveillance capitalism, also now its general populace.
You have to be kidding right? Championing china, which created a fucking surveillance state and is heavily monitoring the citizens, as an example?
why would any corporation choose to sideline their current advertisement model by creating an extra solution that doesn’t even tap 3% of the market
In its current form, I concur, you might be correct. But:
The current implementation of PPA in Firefox is a prototype, designed to validate the concept and inform ongoing standards work at the World Wide Web Consortium (W3C).Source
So the point is to create a system that other browsers could adopt. The other thing that could drive this, is the GDPR compliance. PPA is compliant, while a lot of the other technologies aren’t, and businesses are feeling more pressure. There is a reason that Meta participated in parts of the development.
All I can say is: Dont let perfect be the enemy of good. This is so far only a test.
Edit: I found the time to look at your source article, I had actually read it before when it was posted a month back. I will comment on their views, some right, others which can be debated, and on other details were they are just wrong. In general privacyguides is a great resource but I find this particular opinion piece to be lacking.
First off, for a healthy debate I will define two things for me. Tracking = creating a profile, ad measurement = measuring the ads effectiveness. If an Ad can be measured without a profile about me being created, I don’t consider it tracking.
This “Privacy-Preserving Attribution” (PPA) API adds another tool to the arsenal of tracking features that advertisers can use, which is thwarted by traditional content blocking extensions.
They assume that everyone uses a content blocker everywhere. Privacyguides and Mozilla have different target audiences. Privacyguides caters to people who are interested and have enough technical knowledge to try to prevent tracking. Mozilla is trying to cater to “normal”(in the sense of the majority) people who are not interested/ not knowledgable enough to do so. So there are two starting points. The “normal” who are already tracked by current advertising systems and privacy-focussed-people who try their best to prevent tracking. Privacy-focussed-people can just turn off PPA -> no more data gathered than before. But it is the “normal” people who have something to gain. If PPA replaces traditional ad tracking, less data and only anonymized data is gathered. The ads are measured, but users are not tracked. So it’s not a tool added but a tool improved to provide greater privacy.
Mozilla constantly fails to understand the basic concept of consent. Firefox developers seem to see their position as shepherds, herding the uninformed masses towards choices they interpret to be “good for them.” […] One Mozilla developer claimed that explaining PPA would be too challenging, so they had to opt users in by default.
While I agree, that the communications could have been handled better, Mozilla has a point. Firefox isn’t only meant for tech-enthusiast, but also for people who won’t take the time or aren’t able to grasp the concept of PPA without doing a lot of reading, and that’s the majority. So Firefox developers are absolutely right to make choices, that they deem right for users. And that PPA is a challenging concept is proven by the author not fully grasping it themselves, as I will point out later.
The way it works is that individual browsers report their behavior to a data aggregation server (operated by Mozilla), then that server reports the aggregated data to an advertiser’s server. The “advertising network” only receives aggregated data with differential privacy, but the aggregation server still knows the behavior of individual browsers! This is essentially a semantic trick Mozilla is trying to pull, by claiming the advertiser can’t infer the behavior of individual browsers by re-defining part of the advertising network to not be the advertiser. […]In this particular case, Mozilla and their partner behind this technology, the ISRG (responsible for Let’s Encrypt), could trivially collude to compromise your privacy.
The aggregation server is actually two different servers by two different parties (Mozilla and ISRG). Yes in theory they could collude and combine the data (they are transparent about that). But why would they, they are trying to create a system that’s better than before. I concur that trust has to be placed in them but you still have the option to turn it off and the alternatives is other ad tracking networks collecting the data with a profile about you being created.
Finally, there is no reason for this technology to exist in the first place, because tracking aggregate ad conversions like this can already be done by websites without cookies and without invading privacy, using basic web technology.
All an advertisement has to do is link to a unique URL
This is, were they are just plain wrong/dishonest. A Url would just be able to measure something if the add was clicked. PPA can measure ads that were seen but a purchase happened at a later time. This is what current tracking technology does but PPA can do it, without a profile about you being created, so a privacy gain.
Some people might say that Mozilla should just block ads outright to prevent any tracking. The problem is that the Internet is funded by ads. Mozilla themselves through their connection to Google is. Privacyguides is right to point out that there is a conflict of interest. But what Mozilla is trying to achieve is to prevent tracking (profile creation about you) and not ads. I am in favor of that. I like services to exist, because they fund themselves through ads, I just don’t want to be tracked.
Advertisement is not free. It’s a trick that looks free if you ignore the entire way it functions.
It doesn’t take an expert understanding of economics to see that any belief that advertisement allows for a free Internet is smoke and mirrors. The money comes from somewhere, notably from you.
I think thats kind of obvious that the money has to be coming from somewhere. The ads are what funds large parts of the internet. Someone is paying for it, either the people buying stuff because of the ads or the businesses buying the ads.
Whichever way it is, maybe both, it has the side effect of distributing the cost of the Internet. The alternative without ads would be everyone paying for every little thing on the internet, does anyone think, that that scenario is realistic? That would also mean the cost is solely on the people and nothing coming from corporations.
Companies get extra data through Firefox
You mean extra data compared to them using any other advertising model, like google advertising? Do you have a source for that?
Because that is what PPA has to be compared to, and not to no ad measurement at all. It‘s meant to be replacing other advertising measurement techniques.
The comparison chart looks like it‘s copied from somewhere, would you mind sharing? I wouldn‘t mind a deeper dive into the topic.
I will say it again: The way i read it, it sounds like the companies will get some general data if their ads work, without a profile about you being created. I am fine with that.
Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this.
If more privacy focused people don’t like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable).
It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.
Thanks for the link! Learned something new today.