Sure thing, never claimed to know if it violates the law. Thats for judges to decide.
I will copypaste, because this feature has been discussed a lot already.
The companies will get some general data if their ads work, without a profile about you being created. I am fine with that. Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this. If more privacy focused people don't like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable). It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.
Discussion about PPA from some time ago
This is hilarious and sad at the same time.
You continue to misunderstand the word “misinformation”. It is incorrect information spread without intent. A mistake made that leads to incorrect information spreading, falls into that category. Especially as it is in the starting point of the discussion, where sources should have been provided.
The need to feel victimized and a little bit of paranoia is strong in you, you should talk to someone about that. I am guessing that is caused by the lies and disinformation spread by your political party of choice. (I am only mentioning politics, because you brought it up with the feds conspiracy theory)
If you went and looked at my account history, you would see that there are a few comments in german and my account is registered on a german server and coincidentally I am German. So much for your fed theory.
My criticism has been nothing but constructive. I implore you for the future to do research using credible sources and to cite them, before making claims that could have a big impact. That goes for discussions on lemmy and as well in real life, when you are discussing or forming an opinion on an important topic.
I hope you get the help you need!
Misinformation is the inadvertent spread of false information without intent to harm, while disinformation is false information designed to mislead others and is deliberately spread with the intent to confuse fact and fiction. Source
This is more than a simple mistake and I am right to call it misinformation. I appreciate that you seem open to discussion about you being wrong. Nevertheless your post is still not edited to correct the proven wrong statements. You can use strikethrough so no context is lost, like I did in the comment you are replying to, where I was wrong.
You made a post with huge claims, basically saying that signal is unsecure and messages can be read by the goverment. This is such a big claim that it should have been researched by you beforehand and you should have provided sources. You don’t get to hide behind “discussions” because in a discussion you actually provide sources if you make claims. Especially if you are trying to start one, to give the readers a chance to read up on the topic.
You “getting a detail wrong“ has a huge impact. Some people will stumble upon this post, read that signal is supposedly insecure and might believe it and even spread that. It hurts the adoption of a secure encrypted messenger. It is not a small detail, but the foundation of your whole post.
And I am mostly right, I just seem to have been wrong on the detail about Signal push notifications. […] This comes from the DOJ senator Wyden saying these corporations can secretly share this data with governments and can include the unencrypted text which is displayed in the notification.
No, you are mostly wrong about the claims you make! Again your post made the connection to signal. Push notifications for Signal NEVER contain sensitive unencrypted data & do not reveal the contents of any Signal messages or calls–not to Apple, not to Google, not to anyone but you & the people you're talking to. Source
"spreading misinformation" is a phrase mostly used by feds when they see something they consider to be "wrong think" or not "politically correct". They use this anti-misinformation campaign to support their censorship and mass surveillance system.
I don‘t appreciate you, trying to frame my correction of your blatant misinformation as trying to censor you. Don‘t try to play the victim.
You are just spreading misinformation! Cite your sources!
There is a strategy used, which allows the government to find out who an account belongs to. They ask the push providers (Apple/Google) for data on the push token from e.g. a messaging app. This way they associate the account from an app with an identity.
Nothing there about message content. It is still safely E2EE.
~~I don’t know how it works in your country, but in mine, phone numbers are already associated with identities, so nothing gained as the gov can just ask signal for the phone number of an account, instead of having to ask signal and the push provider to get the identity.~~ (Edit: apparently it’s hashed, so there seems to be a use for this.) Signal isn’t about Anonymity but Privacy. There is a difference.
If you have another vulnerability cite it!
The dual root partitions we described in Deepin 20.5 are gone, but version 23 still sets up a moderately complex partitioning scheme, including an EFI system partition, a 1.5 GB
/boot
partition, a swap partition, and a 15 GB root partition, and the rest of the disk given to a partition labeled_dde_data
. All are in plain oldext4
format, but there's some magic being done with the data partition that we didn't have time to trace. It appears to be mounted at multiple places, including/home
,/var
,/opt
, and a mount point called/persistent
beneath them all. We're not sure exactly how it's been done, but the distro has some kind of atomic installation facility with rollback.
Lack of proper documentation by Deepins Devs is enough of a red flag for me to never consider trying it.
I will say it again: The way i read it, it sounds like the companies will get some general data if their ads work, without a profile about you being created. I am fine with that.
Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this.
If more privacy focused people don't like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable).
It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.
I haven’t looked into the technicals much further than the support page.
The way i read it, it sounds like the companies will get some general data if their ads work without a profile about you being created. I would be fine with that. What I don’t like is the lack of communication to users about it being enabled.
PPA does not involve websites tracking you. Instead, your browser is in control. This means strong privacy safeguards, including the option to not participate.
Privacy-preserving attribution works as follows:
- Websites that show you ads can ask Firefox to remember these ads. When this happens, Firefox stores an “impression” which contains a little bit of information about the ad, including a destination website.
- If you visit the destination website and do something that the website considers to be important enough to count (a “conversion”), that website can ask Firefox to generate a report. The destination website specifies what ads it is interested in.
- Firefox creates a report based on what the website asks, but does not give the result to the website. Instead, Firefox encrypts the report and anonymously submits it using the Distributed Aggregation Protocol (DAP) to an “aggregation service”.
- Your results are combined with many similar reports by the aggregation service. The destination website periodically receives a summary of the reports. The summary includes noise that provides differential privacy.
This approach has a lot of advantages over legacy attribution methods, which involve many companies learning a lot about what you do online.
PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.
This all gets very technical, but we have additional reading for anyone interested in the details about how this works, like our announcement from February 2022 and this technical explainer.
It‘s not only about using the tpm to unlock the FDE, you should be able to do that on every distro with systemd-cryptenroll. The part that is new, is the the measuring of the systems integrity. It’s a way to ensure that the firmware has not been tampered with, the boot loader is the one that was installed and has not been replaced, that the kernel is exactly the one that comes from the distribution, that the kernel command line is the one that we expect, and that the initrd that is used does not contain any extra binary that we do not control.
If you dont want to miss future announcements:
- With an Account on the forums you can get notifications if you turn them on for the “Announcement“ tag
- You can add https://universal-blue.discourse.group/tag/announcements.rss to your RSS reader
I find it rather repulsive, that people would label “being against gay marriage” as “only holding an opinion”. It makes it seem so harmless. It is depriving people of the same rights that heterosexuals have. And that is why it might matter to people. It’s not just “any” opinion, like a view on how the economy should be regulated, where one could definitely argue about. But a view, which would deprive people of the same rights that others have, is not a valid opinion to have. There is no way that it can be respected. It’s the paradox of tolerance
In a comment further down you write the following: (Edit: the comment has since been removed by a mod)
You have the right to have a liberal opinion so why not let people have their own? It's like discrimination of black people at this point.
Which is quite ironic. You try to defend holding an opinion, which would discriminate against a certain group by not giving them the same rights. You argue that it’s discrimination to not respect their discrimination. In essence you ask the tolerant to respect the views of intolerant.