Generally need a reason to do something. Don’t see how signing this moves the needle. Protest and contact congressmen. Internet petitions won’t save you. Collective action irl, strikes, and raising hell might.

The problem will get worse until consumer protection and privacy are priorities. It will only get worse yet with the growth of identity verification enforcement across technologies.

Please drink verification can.

It also matters if you value organizations changing terms after attracting a community and changing to non-transparent solutions while claiming to be “open”. It matters if your values are different.

But you’re right too. If not logging in, your liability is probably not changing.

I suspect they draw a distinction between using their built binary and logged in services like collaboration from the editor code itself, but iinal.

Agreed and I have domicile in a country that provides improved, though not perfect, protections. But it still tempers my views of the organization.

Nice. This is one of a few promising forks. I think they’re on Codeberg too.

It is quite good and hopefully one of the privacy forks will rise victorious. But yeah, nothing will ever topple neovim and emacs.

I have found a few communities on Matrix that fit that bill to some extent. For some reason they don’t devolve to “general chat” as quickly as most software related Discord servers do, in my experience.

This is a really good article and refreshing to see this being recognized as the double edged sword it is (albeit with one edge much sharper than the other). It will be interesting to see how different organizations deal with this. The temporary interaction limitation will be a bandaid in some cases but the deluge will just keep coming.

I’ve been interested in Mitchell Hashimoto’s new trust tooling. I’m not sure it will become a standard, but is a very interesting attempt, and dead simple.

Ha. I still have an open PR on that.

Okay but your best masons are. Architects and developers are different.

It’s a mixed bag.

Maybe I came off as dismissive or just stupid, but I really did mean to be helpful. Of course you don’t want users experience bad interactions. I meant if those interactions were for an actual intended reason. So yeah, never mind.

Bummer you’ve had a hard time. I think they and the free software community are trying to put together a good solution.

What server are you using and with which client most recently? It sounds like your device is unverified so untrusted or the key isn’t present.

To expand, “unable to decrypt” would affect a lot of users. That’s a good thing and exactly what you want it to do when not correctly trusted.

I use it all the time. There are many mature clients, and matrix is a protocol, so I don’t know what you mean. Since the sliding sync implementations, I have found it really nice to use.

Yes, subpoena was poorly worded. NSL is more likely. But still it is a time-forward threat, which means there is value while the server is or was accepting sealed sender.

And I wasn’t suggesting timing attack is required to defeat sealed sender. I was, on the contrary, pointing out that was a threat even with sealed sender. Though that is non-trivial, especially with CGNAT.

So in summary. You’re right. Sealed sender is not a great solution. But it is a mitigation for the period where those messages are being accepted. A better solution is probably out there. I hope somebody implements it. In the meantime, for somebody who needs that level of metadata privacy, Signal isn’t the solution; maybe cwtch or briar.

Sure. If a state serves a subpoena to gather logs for metadata analysis, sealed sender will prevent associating senders to receivers, making this task very difficult.

On the other hand, what it doesn’t address is if the host itself is compromised where sealed sender can be disabled allowing such analysis (not posthoc though). This is also probably sensitive to strong actors with sufficient resources via a timing attack.

But still, as long as the server is accepting sealed sender messages the mitigation is useful.

Don’t mistake me for saying you’re wrong. I agree with you, mostly. But sealed sender isn’t theater, in my view. It is a best effort attempt to mitigate one potential threat. I think everybody would like that solved but actually solving it isn’t easy as I understand it. Maybe not intractable, but if you have a solution, you can implement it. That is one of the things I like about free software.

In any case, I’m only saying Signal is good for a subset of privacy concerns. Certainly not that it is the best solution in all cases.