I have used XMPP for some time now and I tried Matrix for a bit, but have stuck with XMPP until now.

I found it practically very easy to set up a prosody XMPP server in a raspberry pi. In XMPP you have the core standard that is kept quite minimal and then you can extended your implementation using XMPP extension protocols (XEPs) in a highly modular fashion. This approach of building on top of a light core using well-documented extensions I like very much.

With Matrix, JSON is used instead of XML. I think that JSON is a nice format when trying to look under the hood at how the message data is structured. XML is a bit of a pain to look at in my opinion. And I think JSON might be more efficient in how it moves the data around. So, that is a big positive for me. But I Matrix appears to be more focused on being feature rich than on having a flexible modular structure. While it does have extensions, successful extensions do have a chance of being eventually integrated into the core protocol. This makes the core feel bloated to me, because I have very minimal requirements.

In terms of security, in XMPP you start with the core and then you select the type of encryption that you like (OpenPGP, OMEMO, etc). OMEMO encryption has plausible deniability built into its design, and for me, plausible deniability is a property that I consider important for messaging. The modular approach to XMPP also means that these are choices that one gets to make in an active manner, and the protocols are open protocols that come from outside of XMPP. With Matrix you get their encryption protocol as part of the core - it is a protocol that they designed and that you need to accept to use their tool with encryption. It is probably a good protocol, but I don’t think it has plausible deniability built in, and that’s a choice you did not get to make.

As for moderation, I don’t know. Do they mean moderation tools, or the actual absence of moderators and unmoderated communities? Because the latter is more a property of the people using the tool that the tool itself. You can have your own private communities.

If someone asks me, I could recommend Matrix but would rather recommend XMPP, depending on what they are looking for specifically.

Someone needs to explain to Musk how to debug with the JSON so that the ipv6 GUI does not overflow into the git API front-end

There is a nice (even if by now already a bit outdated) analysis about the openness of different “open source” generative AI projects in the following article: Liesenfeld, Andreas, and Mark Dingemanse. “Rethinking open source generative AI: open washing and the EU AI Act.” The 2024 ACM Conference on Fairness, Accountability, and Transparency. 2024.

If they can send me over the second half of my thesis I would appreciate it enormously! 😀

The analytics tools that I am personally uncomfortable with involve dynamic, changing forms of data. I run GPSLogger on my phone (without a SIM card) and continuously log the GPS data to a text file. This data is then synced to my computer when WiFi is available. I can display this data on a map using gpx-viewer, and show very detailed tracking data of myself.

I have explored this map with some friends/family. They get to see a time-stamped movie of my life - my trips to work, to the shop, when I go out, if I go on a trip, etc. The data displayed in this manner is somewhat intimate, personal information. Anyone I have shown this to has said that they would not be so comfortable with such a map of their lives existing… Well, if they are carrying a active phone with a SIM card, it does.

To think that a company like Google can own such a map for a very large number of people makes me uncomfortable. On top of that, each of those map trajectories can be associated with an individual and their personality… They have the ability to pick out specific trajectories on the basis of the political ideologies or shopping behaviors of the personas behind them. This is extreme. I am of the opinion that the convenience afforded by a these technologies does not justify the allocation of that super-power to the companies that enable the technology.

A few years ago Facebook enabled a “Graph search” feature. This allowed users to create search queries such as"Friends of friends of X who like the page “X” and went to school near Z". That tool seemed super cool on the surface, but it quickly became obvious how something like that could be easily exploited. Later on in Snowden’s book I learned about XKeyscore from the NSA, which is like an extra-powerful no-consent-needed graph search that is available to some people. This is not just targeted ads.

I guess that what I am trying to convey is… For me, making the privacy-conscious choice is about not contributing to the ecosystem of very concrete tools that give super-powers to groups of people that may not have my best interest in mind. In my mind it is something very tangible and concrete, and I find many of those convenience tradeoffs to be clearly worth it.

I did not know of the term “open washing” before reading this article. Unfortunately it does seem like the pending EU legislation on AI has created a strong incentive for companies to do their best to dilute the term and benefit from the regulations.

There are some paragraphs in the article that illustrate the point nicely:

In 2024, the AI landscape will be shaken up by the EU’s AI Act, the world’s first comprehensive AI law, with a projected impact on science and society comparable to GDPR. Fostering open source driven innovation is one of the aims of this legislation. This means it will be putting legal weight on the term “open source”, creating only stronger incentives for lobbying operations driven by corporate interests to water down its definition.

[…] Under the latest version of the Act, providers of AI models “under a free and open licence” are exempted from the requirement to “draw up and keep up-to-date the technical documentation of the model, including its training and testing process and the results of its evaluation, which shall contain, at a minimum, the elements set out in Annex IXa” (Article 52c:1a). Instead, they would face a much vaguer requirement to “draw up and make publicly available a sufficiently detailed summary about the content used for training of the general-purpose AI model according to a template provided by the AI Office” (Article 52c:1d).

If this exemption or one like it stays in place, it will have two important effects: (i) attaining open source status becomes highly attractive to any generative AI provider, as it provides a way to escape some of the most onerous requirements of technical documentation and the attendant scientific and legal scrutiny; (ii) an as-yet unspecified template (and the AI Office managing it) will become the focus of intense lobbying efforts from multiple stakeholders (e.g., [12]). Figuring out what constitutes a “sufficiently detailed summary” will literally become a million dollar question.

Thank you for pointing out Grayjay, I had not heard of it. I will look into it.

Thank you being around, bringing this nice community here, and helping with the federation!! 😁

First of all, congratulations for bringing a baby girl into this world!! You must be really excited! I am very happy for you!

This looks very cool. I set up a wiki (https://ibis.mander.xyz/) and I will make an effort to populate it with some Lemmy lore and interesting science/tech 😄 Hopefully I can set some time aside and help with a tiny bit of code too.

Thank you for the positivity 💚 I wholeheartedly agree!

Drama and negativity drives engagement, and this form of engagement can easily trigger a feedback loop in which negativity keeps piling on and voices of support are practically muted.

We are participating in an open source project that has some very ambitious goals. Things can be messy, mistakes happen, there are risks, and people have many different opinions and moods. Heated discussions can be a healthy part of the process. But, once the dust is allowed to settle for a bit, it is good to remember that we are humans and that we are here because we have some shared goals.

I think the majority of people around here are kind and have a positive outlook, but perhaps it is more motivating to speak out when we have negative comments than positive ones. So, thank you for taking the time to write this positive message!

You can take a lot of control by using search commands. Here is a list of commands for Google, for example: https://www.lifewire.com/advanced-google-search-3482174

By using commands like these you can narrow down your searches to the point that the impact of SEO is small. You give a much greater weight to the conditions that you have chosen.

It can be a bit of work to write a good search query, but the database that search engines search through is massive, so it makes sense that it would take some work to do this right.

Search engines like google aggregate data from multiple sites. I may want to download a datasheet for an electronic component, find an answer to a technical question, find a language learning course site, or look for museums in my area.

Usually I make specific searches with very specific conditions, so I tend to get few and relevant results. I think search engines have their place.

Is the fact that I recognize this comment evidence that I use Lemmy a bit too much? 😅

I will also pay close attention and see if I can catch that happening.

I think we might see one or more “trusted fediverse” groups emerge in the next few years, with instance admins making commitments to security controls, moderation, code of conduct, etc.

There is now at least one system in place for admins to vouch for other instances being non-malicious, and to report suspected instances. It is called the fediseer: https://gui.fediseer.com/

Do you see a random nickname from a stranger, or a nickname of an account that was previously logged into using the same computer?

What is an open account sharing channel?

I have the Tianje MF903 (https://nl.aliexpress.com/item/32719535459.html), which I bought early 2022.

But just now I have done a search and I see many more pocket wifi routers now. Unfortunately I can’t tell you if they work well, or if it is also possible to change their IMEI easily. The one I have is functional, but it doesn’t have a very long battery life.

And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯

Not only that, but I believe that they actively try to prevent VoIP numbers from being used to create accounts.

Almost all countries require official authentication to activate a SIM card.

Fortunately not in the Netherlands. I don’t think that’s the case in the rest of the EU. I can use free sim cards as much as I want!

When communicating with cell towers, a phone will also broadcast its unique IMEI identifier. So, even if you swap the SIM card every day, your IMEI is still being broadcast the same.

Changing the IMEI of a phone in the EU is illegal, unless the manufacturer consents: https://www.legislation.gov.uk/ukpga/2002/31/section/1

So… I have a Chinese 4G mobile router, and the manufacturer gives me the permission to change the IMEI as it is an integrated feature of the device. I use that for my data. The data codes I purchase small quantities in bulk with cash, and I can access the router via its ip from my phone’s browser to send the SMS messages to activate the data codes as needed. Since WiFi connections are abundant around here I keep these codes for emergencies. I can go a few months some time without activating data codes. I mostly use them when traveling internationally.

I can tell you one benefit: Money. Most of my server’s costs come from storing federated content. Federating with threads would likely be expensive.

Ah, cool! I got my 4 devices today and I have managed to play with them a bit. They are pretty cool! I was able to walk over to a park near my house and spoke with people across the world with no data in my phone :D

I ordered four of the simpler devices this weekend (LilyGO T3-S3 LoRa 868MHz - SX1262) and I have been reading about antennas.

Since I live in a city I am not super optimistic about the range. But I am still very curious about the concept, and I would love to be surprised.

After doing some search about antennas, I have decided to test the following combination:

• 3dBi 868MHz ISM Band Dipole Terminal Antenna for the LoRa that stays at home:

• Sighunter 868 MHz to bring with me.

I also have a vector network analyzer (LiteVNA) that can be used for checking antennas, so I will also try to build some antennas myself. I doubt that my custom antennas will approach the performance of the professional ones… But I just find it such a cool concept.

Have you already gotten to play with it? What is your experience so far?