Posts by deFractal@infosec.exchange
(DIR) Post #AoxkVyiMHoxjclKUwi by deFractal@infosec.exchange
0 likes, 0 repeats
@sybren @catsalad Indeed. It's all about aesthetics—of a certain fashion—over usefulness. If you've read "The Design of Everyday Things," the design language of much of today's web is the UI equivalent of Norman doors. And then there are the chatbots. Several clients have paid me to help them block and bypass chatbots. And some sites have stripped out perfectly functional forms, which had been refined for clarity and ease of use for over 20 years, in place of having the only way to do something even so simple as registering for shipping notifications being a forced and stilted interaction with a chatbot.
(DIR) Post #ApkcDp5y26WTgsEzjs by deFractal@infosec.exchange
0 likes, 0 repeats
@eff The only work-around I can think of, with too many politicians having their heads misplaced, is pushing to implement and proliferate zero-knowledge credentials. Creating the possibility to prove that one is known to a mutually trusted third party to be a unique individual (or in the case of age restrictions, a unique individual of at least a certain age), while allow the possibility of inferring nothing else, would be a first step towards solving a great deal of problems endemic online (especially as relate to social media moderation), while also providing a means to bypass the vulnerability imposition by right wing puritans.
(DIR) Post #Aq3nEHyDT1BGkBHKqm by deFractal@infosec.exchange
0 likes, 0 repeats
@dansup Just out of curiosity: despite the name, will there be an option to prevent video looping, or will an analogue of this be necessary? www․tiktok․com##video:remove-attr(/autoplay|loop/)Or this?www․facebook․com##+js(aeld, ended)(NB: "One dot leader" characters substituted for periods to break links in content blocking filters above.)
(DIR) Post #AroaPVRZ0BLIZXifjc by deFractal@infosec.exchange
0 likes, 0 repeats
@eff Find somewhere better to migrate than 1938 Germany, world.
(DIR) Post #AroaPWYKsUM00ptavg by deFractal@infosec.exchange
0 likes, 0 repeats
Great point from @jessebrown on #CanadaLand about the trade war and the upcoming federal election in #Canada: regardless of whether you're a #LPC, #NDP, #CPC, or #BlocQuebecois candidate, we don't want to see you spending a dime on electoral ads on Meta platforms or Elon's Nazi Xesspool, or, I would add, on any form of Google ad. Additionally, I for one will be looking for Amazon packages outside candidates' riding offices; I hope to see none. Canada before candidate; Canada before party. Put your money where your mouth is, all of you, and don't give those fascist oligarchs another dime. #cdnpoli
(DIR) Post #AsP4v35fwexGDdznWK by deFractal@infosec.exchange
0 likes, 0 repeats
@Tutanota Any chance of developing bridge software to access Tuta using mail (SMTP+IMAP), contacts (CardDAV), and calendar (CalDAV) apps? (Comparative example: Proton Mail Bridge.)Email, contacts, and calendars are all more useful when all accounts (e.g., work and personal) can be accessed in one place.
(DIR) Post #AtWQsCusYp8OiuENP6 by deFractal@infosec.exchange
0 likes, 0 repeats
@Tutanota Any progress towards an SMTP+IMAP bridge to run on localhost? How about a CalDAV+CardDAV bridge? And any progress towards E2EE cross-compatibility with @protonprivacy? If not, please work on that. It’s the biggest improvement you could make in your competitiveness against Google and Microsoft.
(DIR) Post #Avb3mcj2yDQnk4vcMS by deFractal@infosec.exchange
0 likes, 0 repeats
@Tutanota The main selling features I'm looking for are #E2EE interoperability with such competitors as @protonprivacy and @mailbox_org, and a shared non-proprietary API to locally bridge Tuta and competitors with common desktop mail, contacts, and calendar apps. No one should need to maintain multiple subscriptions or break end-to-end encryption to carry on a three-party email exchange with subscribers to one of the three services each, nor to invite the other two to an event in the calendar. Anyone should be able to view their work email and their private email in the same UI. And many customers will want to bulk drag and drop or cut and paste mail and events from their old Google or Microsoft accounts into their new Tuta, Protoon, or Mailbox accounts. Make E2EE mail and calendars federated (i.e., protocol-compatible across competing services) and compatible with desktop clients (via a single cross-compatible locally client-hosted bridging server), and you'll remove one the main barriers to customer adoption. A non-profit trade association (like the W3C, but for E2EE mail, contacts, and calendars) would be the best place for the copyright etc. in the bridging software, and the best employer for the lead maintainers of it. Eliminate the trade-off between vendor lock-in and privacy. Other features are nice, but till no one needs multiple concurrent competing subscriptions, or multiple mail, contact, or calendar apps, other features are practically irrelevant. What uses is an overview of my personal calendar when I can only see my own schedule there, without the context of my work and university calendars in the same view?
(DIR) Post #Aw47RGR6gG19vsRfg8 by deFractal@infosec.exchange
0 likes, 0 repeats
@Tutanota Can customers use a locally hosted server to bridge Tuta Mail and Calendars to standard IMAP+SMTP and CalDAV apps yet? Clients (the human variety, not the software) and I need at least two capabilities: See our old Google- and Microsoft-hosted personal accounts, our work accounts, and our new Tuta-, Mailbox-, or Proton-hosted accounts in a single app UI (or perhaps one mail app and one calendar app) for all accounts. Using that app—say, Thunderbird—drag and drop all our old mail from the Google or Microsoft mailbox hosting it to the new mailbox. Similarly, for some (myself included), bulk moving many calendar events would be essential. #1 Is necessary for anyone whose work or life depends on coordinating multiple calendars. #2 Is the a necessary initial step before closing the old Google- or Microsoft-hosted accounts.