Post AX5gMithzBLNLkhDZg by atomicpoet@calckey.social
 (DIR) More posts by atomicpoet@calckey.social
 (DIR) Post #AX4mQV31pFjg7ZHOSG by atomicpoet@calckey.social
       2023-06-26T04:31:06.467Z
       
       0 likes, 1 repeats
       
       My standpoint is that, not only should all social software support ActivityPub, it should be required by law. Further to that, all social software should have an account migration path towards and away from it. No, I’m not saying all servers should federate with each other. What I am saying is that it should be impossible for any one server software to monopolize the network effect.RE: https://cosocial.ca/users/evan/statuses/110606024253857339
       
 (DIR) Post #AX4sEu0pmVzLnV6enY by atomicpoet@calckey.social
       2023-06-26T04:46:05.142Z
       
       0 likes, 0 repeats
       
       Okay, I’ll make two exceptions: peer-to-peer social software and chat. Nostr is kind of a gray area for me too. But any social software that’s server-based should absolutely use ActivityPub.
       
 (DIR) Post #AX4sEuetNa1znjqeEi by atomicpoet@calckey.social
       2023-06-26T04:50:12.366Z
       
       0 likes, 0 repeats
       
       Speaking of chat, that should be federated too. A good many chat systems such as WhatsApp are still based on XMPP. It should be a requirement—by law no less—that WhatsApp federates.
       
 (DIR) Post #AX4sEvOycEtW6fPS4G by chetwisniewski@securitycafe.ca
       2023-06-26T04:55:26Z
       
       0 likes, 0 repeats
       
       @atomicpoet What? I'm quite sure that WhatsApp uses the Signal protocol these days.
       
 (DIR) Post #AX4sEwMt1Uoh6TRIRs by atomicpoet@calckey.social
       2023-06-26T05:01:03.459Z
       
       0 likes, 0 repeats
       
       @chetwisniewski@securitycafe.ca According to Wikipedia, it uses XMPP. Even if that changes, they should be forced to federate. https://en.m.wikipedia.org/wiki/WhatsApp
       
 (DIR) Post #AX4sEx9o5bwrYCKMhU by chetwisniewski@securitycafe.ca
       2023-06-26T05:03:45Z
       
       0 likes, 0 repeats
       
       @atomicpoet I don't think Federation is really possible with secure protocols like Signal. WhatsApp apparently completed the transition in 2016 https://signal.org/blog/whatsapp-complete/
       
 (DIR) Post #AX4sExubHdNXtKDjdY by erlend@writing.exchange
       2023-06-26T05:26:09Z
       
       0 likes, 2 repeats
       
       @chetwisniewski @atomicpoet The emerging Messaging Layer Security standard includes considerations for federated environments:https://datatracker.ietf.org/doc/html/draft-ietf-mls-federation-02“Different applications operated by different entities can use MLS to exchange end-to-end encrypted messages. For example, in a messaging application, clients of messaging1.tld can encrypt and decrypt end-to-end encrypted messages from messaging2.tld.”
       
 (DIR) Post #AX5gMe7hjiZIXiCpCC by atomicpoet@calckey.social
       2023-06-26T05:09:10.266Z
       
       0 likes, 0 repeats
       
       @chetwisniewski@securitycafe.ca Matrix is pretty damn secure and it federates.
       
 (DIR) Post #AX5gMf38ICVPPp4gi0 by iameli@iame.li
       2023-06-26T05:14:31Z
       
       0 likes, 0 repeats
       
       @atomicpoet @chetwisniewski Disagree. https://twitter.com/claucece/status/1575155649314697216?s=46&t=G_M8-tp7Eg4Xt7r1rIhzpwSignal is an order of magnitude more secure than Matrix by being substantially less ambitious - 1/1 deny able secure chat exclusively. I can imagine a lot of ways federation would cut down on security, especially around deniability.
       
 (DIR) Post #AX5gMg74L3FSiJvLU0 by atomicpoet@calckey.social
       2023-06-26T05:20:34.641Z
       
       0 likes, 0 repeats
       
       @iameli@iame.li @chetwisniewski@securitycafe.ca At a certain point, trade-offs must be made. If a monopoly persists in the name of security, work at making federation more secure. Either way, security is no excuse for abuse—especially considering that this is Meta-owned WhatsApp we’re talking about.
       
 (DIR) Post #AX5gMgvPJtVxERTXwe by chetwisniewski@securitycafe.ca
       2023-06-26T05:27:05Z
       
       0 likes, 0 repeats
       
       @atomicpoet @iameli Being a zealot helps no one. Understanding risks, benefits and politics are all  important factors. Spreading misinformation and then insisting that people should work harder to achieve likely impossible goals is not helping anyone.Is Meta evil? Absolutely. Is federation the answer to all problems? Absolutely not. Stick to what you know and work to help people make better choices.
       
 (DIR) Post #AX5gMhYkxazRCTsyHI by atomicpoet@calckey.social
       2023-06-26T05:32:32.565Z
       
       0 likes, 0 repeats
       
       @chetwisniewski@securitycafe.ca @iameli@iame.li The real zealotry is believing that monopolies should exist. Again, WhatsApp has billions of users. In certain places like Southeast Asia, you can’t even do business without a WhatsApp. That should not happen.
       
 (DIR) Post #AX5gMiGMLTrtNiHnF2 by chetwisniewski@securitycafe.ca
       2023-06-26T05:34:52Z
       
       0 likes, 0 repeats
       
       @atomicpoet @iameli I don't disagree, but you are making a decision for others. You are asking they sacrifice their safety and security to achieve some misinformed version of fairness. My 30 years of working in security and privacy tell me this is a very bad way to solve the problem you are trying to solve. You are trying to reinvent SMS, which we already have and is already terrible.
       
 (DIR) Post #AX5gMithzBLNLkhDZg by atomicpoet@calckey.social
       2023-06-26T05:37:41.561Z
       
       0 likes, 0 repeats
       
       @chetwisniewski@securitycafe.ca @iameli@iame.li Once monopolies exist, people are no longer making decisions regarding what they use. They’re forced into using it. That’s what makes a monopoly a monopoly.
       
 (DIR) Post #AX5gMjlEmAA61ljy0e by chetwisniewski@securitycafe.ca
       2023-06-26T05:39:42Z
       
       0 likes, 0 repeats
       
       @atomicpoet @iameli I'm sure the women and minorities who will be stalked and harassed when their privacy is impacted by your proposed solution will find solace in the world being a more just place.
       
 (DIR) Post #AX5gMmh5s1d77mpCT2 by atomicpoet@calckey.social
       2023-06-26T05:42:15.437Z
       
       0 likes, 0 repeats
       
       @chetwisniewski@securitycafe.ca @iameli@iame.li Who’s saying anything about decreasing security and privacy?No, security and privacy are absolutely essential—but that’s no excuse for maintaining a monopoly.
       
 (DIR) Post #AX5gMnHbgGpwx1uMNc by chetwisniewski@securitycafe.ca
       2023-06-26T05:59:22Z
       
       0 likes, 0 repeats
       
       @atomicpoet @iameli federation by definition will decrease security and privacy. We all want a pony, but it's just not possible. Side channel attacks, differential communication analysis, key distribution/generation and many other issues make federation a dangerous compromise. We would all like CSAM to be eliminated, but it isn't possible to have secure & private communication and yet still scan for it. Similarly federation requires compromises that would put many people at risk. (1/2)
       
 (DIR) Post #AX5gMny986rf4xoKga by chetwisniewski@securitycafe.ca
       2023-06-26T05:59:45Z
       
       0 likes, 0 repeats
       
       @atomicpoet @iameli It sounds good, but I don't see it being possible without compromising many people's safety. Suggesting it is safe without having studied the underlying risks is dangerous and irresponsible. (2/2)
       
 (DIR) Post #AX5gModycaKDAhNjt2 by atomicpoet@calckey.social
       2023-06-26T06:07:17.337Z
       
       1 likes, 0 repeats
       
       @chetwisniewski@securitycafe.ca @iameli@iame.li How to solve those problems specifically is for another conversation. Nevertheless, it is ludicrous to say that a monopoly should continue in the name of security.