Unlurker

Signal knows who you're talking to (sanesecurityguy.com)

The Molly fork of Signal solves some of these problems. https://molly.im/ How does Signal make money to be able to afford their AWS subscription? Do corporate clients pay for it or something? That MySudo service he mentions in the article sounds quite interesting as well. Has anyone given it a try?

I don't claim that the problem does not exists, but I haven't really felt it during my daily usage with relatives.

I do notice it but then again my phone is quite old at this point.

To curb abuse.

And to curb privacy / anonimity.

Any ultra-secure messaging app will inevitably attract the drug dealers which will inevitably attract the police trying to infiltrate it. You are much more secure blending in the vast masses using WhatsApp than on a ultra-targeted ultra-small app like SimpleX.

There are already drug dealers on whatsapp

i don’t think that’s the right take black markets and opposition members i’ve used / talked with focus on disposability not security the premise of their communications is always “the platform is bugged” and in case of opposition members “the government can always just beat you and trick you into unlocking your phone” deals happen on messenger all the time and burning messages / rotating phones and accounts is very common. for opposition members, messaging apps are purely for benign communication and actual discussion happens in person or in truly destructible formats or it’s not recorded at all periodically anon burner message apps appear on app stores and rotate out pretty fast once they start getting too much attention the idea of a perfectly secure app for communication is currently mostly a fantasy; if a malicious actor wants to get your info and communication they will. this doesn’t mean give up completely and be insecure but instead just be in a position to ditch the app when it becomes necessary, if you need that level of security it’s better people be trained to understand the reality of what can be done with the communication methods they use and how they can be punked so they can make informed decisions — i’m fine with signal’s goals and efforts but i’m not a fan of signal advocates treating security and privacy like another round of the OS wars, that teaches people the wrong lesson and makes it harder to convince ppl privacy and security are a problem we need to take seriously not just for criminals but for everyone. privacy and security benefit us all or it benefits no one

And the appropriate basis of trust in the technology world would be source code audits, not scraping some individual's Twitter posts. If the users' communications are encrypted — which they are — there is no way for the creator to "reflect his world view", whatever it might be, in the form of undermining the security or privacy for some part of the user base.

I like your point that if a developer is a vocal neo nazi then only people capable of regularly conducting their own thorough code reviews should rely on the products that they make. I agree with you that regular folks that can’t do code audits should not trust neo nazis with their private communications. It is good to know that we’re on the same page about not implicitly trusting the simplex code

This is not my point. Trusting someone else's code audit is infinitely more valuable than trusting any "vibe check", since it touches the actual subject matter.

I'll try from another angle: If I wanted to make a honeypot that undermines users' privacy and anonymity, I would make sure to be as nice to everyone as possible. The "vibe check" is irrelevant, the false positives are far too common.

Yes, the vibe check can fail too, but that's no argument to ignore crazy. You do you. As I said, we all should be able to make informed choices as we please.

Holding and openly expressing these abhorrent views probably encourages him to focus on security and privacy more than others. But it does risk his app being associated with that and therefore discouraging everyday users. I wouldn't be surprised if it ends up as the next EncroChat.

You can self-host SimpleX and it is open source, otherwise I have no idea what you mean by associated with his views. If the project is as promised, then why would you care about the views of the developer?

I saw your comment and just finished listening to it, to those that can't be bothered to, he boils it down to: they don't want you to lose all of your social network if you lose your device. Imagine having to re-discover every user you've communicated with because you no longer have their identifiers, which I think is a fair argument to make. Also, now that we know the timestamp, we know this user spread two pieces of misinformation in 28 words: Iran was never mentioned and it was not the first question in the QA. I think some snark is well justified here.

> they don't want you to lose all of your social network if you lose your device. Imagine having to re-discover every user you've communicated with because you no longer have their identifiers, which I think is a fair argument to make. Other networks solved this by not blocking backup.

After my dad died, we found the love letters (jenn.site)

Homophobia sucks massive dick. It doesn't take being gay to despise people who's collective "wisdom" subjects millions to lifelong suffering like that.

Ouch. This hits incredibly hard. I’ve been this dad who sits frozen at the TV every evening. I had the affairs with the emotionally unavailable men, and became one myself. Before you judge the man in this story too harshly — and there’s certainly much to judge, especially given the follow-up post — consider the environment he and I grew up in. Being gay as a young teenager in the early 1990s could feel literally like a death sentence. AIDS panic was everywhere. Gay men in movies were comedy sidekicks or dying wrecks (“Philadelphia”). There was a real threat of violence from other kids. If you could pass as straight, why wouldn’t you give it your best shot? The alternative was to be a laughing stock and die alone in a hospital where nurses don’t dare touch you. (This is literally how I imagined gay life at age 13.) I still feel like I’m barely getting started on the therapy journey to recover from those decades. Seems like the man in the story never had the chance for professional help (or didn’t seek it). The compartmentalization can be extremely taxing. He disappointed many people, but that doesn’t mean he was a bad person.

I have heard this play out too many times. Most recently here, a college junior's wife revealed four months after marriage that she is actually a lesbian (she didn't share it – he caught her in their bedroom with a colleague of hers when he returned home early from the office), and he would be free to do what he wants; she should be too. Hit him hard, but he said they should go for an annulment— out of question; a divorce— out of question. Her point was if she had to do all this, why would she have agreed to a marriage in the first place! It was to get society off her back and her parents. Well, he filed for divorce, and it resulted in false dowry cases (yes, it's that part of the world), cruelty.. a long list. He was in lock-up for almost a month and a half, his almost 80 father and 70 mother was in a case of beating her up - (they met her exactly once – two days after marriage for a day when they went to his native village and after that they barely even talked to her on phone when they came back to they city they worked in), he lost almost everything he had, and finally, he just broke down in court and, against his lawyer's advice, just told the judge to give her whatever the judge wanted and just grant him a divorce. This was after almost three or four years of struggle. This guy is damaged now. We were in two sports team together in the college. One of the gentlest people I know. He had a minor stroke recently. He has sleeping issues. He is still fighting to just stay alive. It's difficult for him to get jobs because there's police record against him. He worked for a major MNC bank and he was fired summarily. No, this is not an isolated cruel example of extreme and from the hinterland of the world - this is an example of people fucking others over, mercilessly. No, this is not fighting to stay afloat in the water. It's like kicking someone off the boat because they were closer to the life jacket on the boat by few feet of another available lifeboat that the person could have taken instead. No, it's actually worse! I am sorry for how the world treated you and him, but no, fuck no! Life fucked him – or could have fucked him, so he gets to fuck others, right? Awesome! > but that doesn’t mean he was a bad person. No, he is a bad person! Ffs.

At least he hid a part of his nature because of social pressure. Nowadays people live in disguise at will.

Man… the battle between cultural expectations and our true selves is humanity’s oldest conflict. A few people get lucky. Most of us survive in the cracks. No capitalization was as surprising as the narration itself… not sure how to feel about it! Counter culture?

honestly ive had it with the shift key myself. just a nuisance. besides, the text looks much nicer and 'even' when every letter is broadly the same height, but that is ofcourse subjective. it would be good to track down the 'etymology' of capital letters.

Capital letters came first.

SIC·EST

Did it ever occur to her that he wanted a child with his wife? That he loved his wife - even though not romantically? And still had a happy life as a father of her? The author seems to have many misconceptions about gay people..

The author mentions in the follow-up that she is gay herself.

I'm a dad too, and I'm in a somewhat similar situation. My son is under five, and it feels like I'm still at the very beginning of his story. I've known I was gay since high school, probably even earlier, but I kept choosing whatever seemed like the easiest path. It felt easier to stay closeted. Easier to date a woman. Easier to move in together, propose, get married, and even have a child than to face my truth. I love my wife and my son, and I feel loved by them in return, but I'm also painfully aware that the version of me they love is someone I constructed. I lie constantly: about why I don't want sex, about my affairs, about my feelings, about my motivations. No one really knows me, and I don't get to be myself, not even in the relationships where I should feel safest. I've read The Courage to Be Disliked by Ichiro Kishimi and other similar books, and I'm trying to build the courage to finally do something about all of this. It's incredibly difficult. But I refuse to use my son as an excuse to keep postponing coming out. This blog has pushed me even further in that direction. They'll be angry (well at least my wife). Their lives will be upended. But at least they'll have the chance to ask questions, to understand. They'll see me taking responsibility for the consequences of my choices, and maybe just maybe, in some way, that clarity will be a relief for all of us.

I'm pretty certain that children are quite perceptive, and will sense an unease that something is not quite right at home. It would be a service to them to put something concrete to that unease.

Do what’s best for your son. There’s nothing that will overcome that guilt. Not saying what’s best for your son is for you to reveal the truth now or later. That’s entirely situational and only you know.

I'm straight and love my wife of 44 years. But I long ago made the thought experiment of what would happen if she were in the same kind of situation you were in: what if she decided I was a mistake, or that being in a relation with a man was a mistake, and that she needed to do something else. I decided that would require I support her in that. How can you love someone and not want what is best for them, even if that has a cost? I don't know your wife, and I don't know if she would feel the same way. Maybe she would?

From reading both posts, there's a few things that come to my mind: - It seems this is how the author is processing her father's passing, and it's not really up to us to make moral calls on the content of the posts. They are thoughts with gaps of missing context against a real life of highs and lows which is not readily condensed into a blog post. - I'm peering into the life of a private person, that feels like a violation. Even though they have passed, the people around them are very much alive. - We can't makes guesses at what a person truly values, neither positively nor negatively. What can be seen as promiscuity can also be seen as seeking validation, human motives and emotions exist in the grey area. - This is a person who was deprived of the sort of genuine sexual and emotional attention that we take for granted from puberty age. They lived as a type of outsider in school, work, and their daily norms. The integrity of their actions shouldn't be evaluated against our own values which were likely built from a different life experience. - It's ok not knowing or judging. One has to practice a type of "radical acceptance" when reviewing these sorts of life matters.

> One has to practice a type of "radical acceptance" when reviewing these sorts of life matters. Thanks for writing this. The author is working back to define some context from which those discovered artifacts came out, and that is fraught with danger. And what she discovered might be a randomly selected sample of what he really was. The article almost seems like it was written to seek attention. It's a troubling transgression.

She has a right to seek attention? And you are right. The truth untold and the moments that never were cannot be recounted. They can be grieved and part of grief is anger. I re-learned by my tears when reading this that the only thing that counts in life is love and connection. Connections not made are missed opportunities. I lost a parent in my early twenties. Alas, anger was a very large part of my emotional arsenal then. Writer could have had a role model in her father. If only the truth would have been there between father and daughter. Layers upon layers of difficult interactions. Thinking about your parents death and the period of time they made you, cared for you, formed you, hindered you, burdened you with emotional baggage, is different with each passing of a few springs.

[dead]

war on the four olds: - capitalisation - signatures (already dead, but go check any vintage mailing list archive!) - private messages (good riddance bulletin boards and forums) - emojis (sadly resurrected in unicode after being defeated on forums)

I don't know, personally I enjoyed the general aesthetic the choice created.

I'm now feeling slightly odd that I read all three posts without even noticing the capitalisation.

This is a sad story but I don’t like that the onus is entirely on the father to have ended things and lived his best life. He also was under pressure. He also had a family and was trying to juggle things the best way he knew how. It is tragic to live this way but I cannot consider him a villain of any sort.

It's mind-boggling to me how many commenters are here to defend the honor of a serial adulterer who broke the hearts of the people most related to and dependent upon him. Truly can't understand where this sympathy comes from...

There's a follow up linked a few times in the thread, and unfortunately he looks to be pretty villanous

People are rarely anything less than complicated.

The person who ends up making decisions which underpin what actually happens, almost always does. It’s easy to throw them under the bus, but the followers generally always know what’s going on - when they aren’t actively avoiding it anyway.

Is the capitalization of the quote your own doing or was it displayed like it for you? There isn't a single uppercase letter when I open the article, it's impossible to me to read it because it feel like a single sentence and I can't breathe

The author obviously has this as an acquired habit or affectation, possibly for stylistic reasons. It's interesting that some people can read this just as well as normal prose, but to others it feels as if someone is pouring sand all over their well-oiled gears. I gave up after a paragraph as well. I fully support people writing in whatever way pleases them, but for broadly accessible article length text capitalisation is a must in English. Not because it is 'correct', but because many readers rely on capitalisation.

Many readers rely on articles being written in a specific language, does that mean every writer is obligated to publish every piece in every language? Has it occurred to anyone who sees capitalization as a must-have for legibility, that an opportunity is being presented to train oneself to read text without traditional capitalization? Maybe it's because I studied poetry, or because I was a voracious reader of experimental writing when I was younger, but I've probably worked my way through thousands of pages of uncapitalized or unconventionally capitalized writing; I can empathize if it's more difficult for you to read (personally I would consider an absence of paragraph breaks a nearly-unforgivable travesty), and I wouldn't even deny you the opportunity to complain about it. But I think calling it "a must" for accessibility is perhaps overstating it a bit.

The lower case "I" stands out very much in reading it as a self-annihilating affectation. However, the sentences are well formed. If you really want to lose your breath, try "The Autumn of the Patriarch" by Marquez. You really won't be able to put it down.

Or Finnegan's Wake, for that matter.

I think it's become a bit of a cliche/clique'y thing amongst a certain population. I don't know its origins (tumblr emo crowd??) but I first encountered it in Silicon Valley. The Collison brothers used to love doing it, as did Altman. I feel it projects a kind of stream-of-thought with an aloofness, like "i dont care enough for correct form. language bends to my unique thoughts. read this if you like, i dont care lol". All-lowercase comes accross as the text equivalent of a hoodie and jeans: comfortable, a bit defensive against being seen as trying too hard, and now so common it barely reads as rebellion.

> I don't know its origins (tumblr emo crowd??) You're almost a century off :) https://www.bauhaus-bookshelf.org/bauhaus_writing_in_small_letters_lower_case_only.html

I don't know the age of the author, but interestingly, Gen-Z doesn't seem to use that key

This is not really anything new, back in AIM and SMS messaging days, people would type "wuu2" or "whats up" to a friend, but to express the same idea in an email, you would probably be sending some variant of "What are you up to?" There is massively different subtext between the two. Autocapitalization and autocorrect represents a limit on the subtextual bandwidth you can communicate along with a message. Restrictions on subtextual bandwith are not ideal when your generation relies on text-based communication for evermore intimate interactions - that "whats up" message might be the start of you asking someone out on a date, I don't want it formatted the same way as a message I would send my boss.

It’s ironic because you have to go to additional effort to turn autocorrect off, which contradicts the “i dont even care” effect they’re going for

It's a lot less effort than changing every nth word because of an aggressive autocorrect.

Google Revisits JPEG XL in Chromium After Earlier Removal (windowsreport.com)

While being a big supporter of JPEG-XL on HN, I just want to note AV2 is coming out soon. Which should further improve the image compression. But JPEG-XL is being quite widely used now, from PDF, medical images, camera lossless, as well as being evaluated in different stage of cinema / artist workflow production. Hopefully the rust decoder will be ready soon.

It is absolutely insane that google has not implemented this yet. They implement all sort of unimportant stuff but not the most critical image format of this decade, what a joke

2026 is nearly upon us, and Google, Microsoft, and Apple remain steadfast in the refusal to ever allow anyone to share wide-gamut or HDR images. Every year, I go on a rant about how my camera can take HDR images natively, but the only way to share these with a wider audience is to convert them to a slideshow and make a Rec.2020 HDR movie that I upload to YouTube. It's absolutely bonkers to me that we've all collectively figured out how to stream a Hollywood movie to a pocket device over radio with a quality exceeding that of a typical cinema theatre, but these multi-trillion market cap corporations have all utterly failed to allow users to reliably send a still image with the same quality to each other! Any year now, maybe in 2030s, someone will get around to a ticket that is currently at position 11,372 down the list below thousands of internal bullshit that nobody needed done, rearranging a dashboard nobody has ever opened, or whatever, and get around to letting computers be used for images. You know, utilising the screen , the only part billions of users ever look at , with their human eyes . I can't politely express my disgust at the ineptitude, the sloth, the foot dragging, the uncaring unprofessionalism of people that get paid more annually then I get in a decade who are all too distracted making Clippy 2.0 instead of getting right the most utterly fundamental aspect of consumer computing. If I could wave a magic wand, I would force a dev team from each of these companies to remain locked in a room until this was sorted out.

Just use PNG: https://www.w3.org/TR/png-3/

I wish I could upvote this multiple times. Spot on, the situation is completely batshit bonkers insane.

> I can share HDR images via phones Sure, me too! I can take a HDR P3 gamut picture with my iPhone and share it with all my friends and relatives... that have iPhones. What I cannot do is take a picture with a $4000 Nikon DSLR and share it in the same way... unless I also buy a Mac so I can encode it in the magic Apple-only format[1] that works... for Mac and IOS users. I have a Windows PC. Linux users are similarly out in the cold. This situation so incredibly bad that I can pop the SD card of my camera into an reader plugged into my iPhone, process the RAW image on the iPhone with the Lightroom iPhone app in full, glorious HDR... and then be unable to export the HDR image onto the same device for viewing because oh-my-fucking-god-why!? [1] They claim it is a standards-compliant HEIF file. No, it isn't. That's a filthy lie. My camera produces a HDR HEIF file natively , in-body. Everything opens it just fine, except all Apple ecosystem devices. I suspect the only way to get Apple to budge is to sue them for false advertising. But... sigh... they'll just change their marketing to remove "HEIF" and move on.

Not that I disagree, but HEIF is a container format. What is inside that container is essential. HEIC in HEIF, AVIF in HEIF, etc.

Sure, but Apple doesn't fully support HEIC either. They support only a very specific subset of it, in a particular combination. Some Apple apps can open third-party HEIC-in-HEIF files, and even display the image correctly, but if you try anything more "complex", it'll start failing. Simply forwarding the image to someone else will result in thumbnails looking weirdly corrupted, brightness shifting, etc... I've even seen outright crashes, hangs, visible memory corruption, etc... I bet there's at least one exploitable security vulnerability in this code!