this post was submitted on 25 Nov 2024
1866 points (98.6% liked)

Microblog Memes

6037 readers
2346 users here now

A place to share screenshots of Microblog posts, whether from Mastodon, tumblr, ~~Twitter~~ X, KBin, Threads or elsewhere.

Created as an evolution of White People Twitter and other tweet-capture subreddits.

Rules:

  1. Please put at least one word relevant to the post in the post title.
  2. Be nice.
  3. No advertising, brand promotion or guerilla marketing.
  4. Posters are encouraged to link to the toot or tweet etc in the description of posts.

Related communities:

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] einlander@lemmy.world 172 points 1 month ago (5 children)

Don't forget with the Recall feature, you may be on Linux and are using a secure communication application, but if who you are talking to is on windows your conversation can be scraped.

[–] hellfire103@lemmy.ca 94 points 1 month ago (2 children)

Same thing with email. It's all well and good if you're using ProtonMail or Tuta or Posteo, but you're still cooked if the other side is using Gmail.

Old problems, new modi operandi.

[–] ASDraptor@lemmy.autism.place 24 points 1 month ago (2 children)

Afaik, with proton you can send messages that won't open through gmail if you protect them with a password. The other person receives a message with a link to open the mail in a browser after entering the password. It's not the easiest solution but if you want to avoid gmail from knowing the contents of a message, you can do that.

[–] einlander@lemmy.world 40 points 1 month ago (1 children)

But windows recall scrapes your screen, so even that wouldn't work.

[–] ASDraptor@lemmy.autism.place 22 points 1 month ago

"But they are stored locally! Certainly, Microsoft won't have access to those, right? Right???"

[–] Lumisal@lemmy.world 4 points 1 month ago (2 children)

You can send self destructing messages with Protonmail

[–] bitwolf@sh.itjust.works 14 points 1 month ago (2 children)

Do Proton remotely erase the message on the recipient's email server? Even if it's not a protonmail server?

[–] anton@lemmy.blahaj.zone 20 points 1 month ago

They burn down the datacenter if they are not deleted in time.

[–] Arcka@midwest.social 1 points 1 month ago

Someone correct me if I'm wrong because I don't know how proton works on this. These type of things usually don't send the protected content in the email to the recipient's server, they just send a link that the recipient opens and it's all still kept on the private service's server.

[–] Slovene@feddit.nl 2 points 1 month ago

Good morning, Mr. Phelps.

[–] jonne@infosec.pub 42 points 1 month ago (2 children)

It's not like companies that use Linux don't get breached either. Your personal data is in thousands of databases that have varying levels of security. Personal choices don't affect any of that, regulations like GDPR are what's needed.

[–] Rivalarrival@lemmy.today 6 points 1 month ago* (last edited 1 month ago) (1 children)

GDPR has much the same problem: it can only actually be enforced against entities with a presence in Europe. When Europeans do international business, the GDPR only protects them if that foreign site has a business presence within Europe. When they have no bank accounts or business assets inside the EU, they are not subject to the GDPR.

Even though the GDPR covers your side, it doesn't always cover the other side.

[–] jonne@infosec.pub 21 points 1 month ago* (last edited 1 month ago) (1 children)

That's why I said "regulations like the GDPR". The US and other blocs need similar regulations. Especially the US is important, as they've shown that they're willing to stretch the size of their jurisdiction to sometimes absurd lengths.

That's usually a bad thing, but in this case that might be good.

[–] Rivalarrival@lemmy.today 4 points 1 month ago* (last edited 1 month ago) (1 children)

I think you missed my point...

I am not subject to the GDPR. I don't have to abide by it. Even if my country adopted a GDPR-like regulation, that regulation would only apply to my privacy. Not yours.

Microsoft has proven themselves overtly hostile to privacy. Yours, mine, and everyone's. The available options are:

  1. Attempt to regulate them into behaving like decent human beings.

  2. Avoid their business.

When my therapist is using a system that is overtly hostile to their privacy and mine, the solution is not to ask the government to chastise their attacker. The solution is to eliminate their reliance on their attacker, and get them in a system the attacker doesn't control.

I'm not saying we should avoid GDPR-like regulation altogether. I'm saying that at the OS level, Linux is intrinsically compliant with the intent of such regulation but may not comply with the letter, if the letter requires some sort of affirmative confirmation or certification of compliance that would be complicated for the developer to implement.

Microsoft will be able to be technically compliant with the law, but will definitely subvert it's intent and purpose however it can.

Regulation will likely have chilling effects on the better option, while promoting the worse.

[–] Arcka@midwest.social 2 points 1 month ago

Even if my country adopted a GDPR-like regulation, that regulation would only apply to my privacy. Not yours.

That could depend on how the regulation is written, so we should push to have these new regulations cover all users of services hosted in our countries.

[–] umbrella@lemmy.ml 4 points 1 month ago

getting breached is different from using spyware.

[–] umbrella@lemmy.ml 7 points 1 month ago

this goes for pretty much every single chat app out there. most of the popular ones are proprietary and go through private servers.

privacy is important kids.

[–] absentbird@lemm.ee 6 points 1 month ago

So it's not enough to brag about being on Linux ourselves, we should be encouraging our friends to switch to Linux as well?

[–] nialv7@lemmy.world -1 points 1 month ago

How's this different from someone just record your call? The thing you are worrying about has been possible long before Recall is a thing.