That doesn’t guarantee 100% privacy on a densely populated area anymore. Nowadays you’ve stuff like Amazon Sidewalk and who knows who’s partner and what devices are in it.
That doesn’t guarantee 100% privacy on a densely populated area anymore. Nowadays you’ve stuff like Amazon Sidewalk and who knows who’s partner and what devices are in it.
That doesn’t guarantee 100% privacy on a densely populated area anymore. Nowadays you’ve stuff like Amazon Sidewalk and who knows who’s partner and what devices are in it.
Okay, but then the TV is still running all the same spyware.
Update: just disabling wifi doesn’t guarantee 100% privacy anymore on a densely populated area. Nowadays you’ve stuff like Amazon Sidewalk and who knows who’s partner and what devices are in it.
There’s comments in the specs and a bunch of parsers that actually inore //
Yeah but at the same time you’ve ISPs that deploy routers that can initiate GRE tunnels between your network and their side for “support”.
you have to comply with police orders to moderate your platform…
Your points are fair however, where does it stop? If the police says “make it all plaintext” then what happens? It is a police request after all.
This thing where chat platforms and others “need” to comply with police / govt orders and remove content is very tricky… should platforms really censor everything the govts ask for? What if it is a group chat about a corrupt political party in power (with proof)? The govt will say it is CSAM, them Signal will shut it down and our democracies are gone.
To make it really clear: I’m not for breaking the law, and I don’t think that content should be on such platforms. The problem is that once you start removing that content the precedent will be abused to remove other actually important stuff because “it is CSAM” and the E2EE doesn’t have ways to check if is is really CSAM nor should it be the judge of the content.
And what about signal? If some gov founds a group chat they don’t like, will they take it down? How will they even know if all the contente is encrypted?
CSAM? More like copyright infringement. CSAM is the usual cheap excuse to shut down everything because of the obvious social implications.
While I don’t disagree with you, I don’t believe that if MTProto 2 was breakable govts would be putting the shit show they’re putting right now.
Maybe this will help you: https://linuxcontainers.org/incus/docs/main/backup/
How are snapshots with ZFS on Incus?
What do you mean? They work, described here, the WebUI can also make snapshots for you.
You should consider replacing Proxmox with LXD/Incus because, depending in your needs, you might be able to replace your Proxmox instances with Incus and avoid a few headaches in the future.
While being free and open-source software, Proxmox requires a payed license for the stable version and updates. Furthermore the Proxmox guys have been found to withhold important security updates from non-stable (not paying) users for weeks.
Incus / LXD is an alternative that offers most of the Proxmox’s functionality while being fully open-source – 100% free and it can be installed on most Linux systems. You can create clusters, download, manage and create OS images, run backups and restores, bootstrap things with cloud-init, move containers and VMs between servers (even live sometimes).
Incus also provides a unified experience to deal with both LXC containers and VMs, no need to learn two different tools / APIs as the same commands and options will be used to manage both. Even profiles defining storage, network resources and other policies can be shared and applied across both containers and VMs. The same thing can’t be said about Proxmox, while it tries to make things smoother there are a few inconsistencies and incompatibilities there.
Incus is free can be installed on any clean Debian system with little to no overhead and on the release of Debian 13 it will be included on the repositories.
Another interesting advantage of Incus is that you can move containers and VMs between hosts with different base kernels and Linux distros. If you’ve bought into the immutable distro movement you can also have your hosts run an immutable with Incus on top.
Incus Under Debian 12
If you’re on stable Debian 12 then you’ve a couple of options:
In the first option you’ll get a Debian 12 stable system with a stable LXD 5.0.2 LTS, it works really well however it doesn’t provide a WebUI. The second and third options will give you the latest Incus but they might not be as stable. Personally I was running LXD from Snap since Debian 10, and moved to LXD 5.0.2 LTS repository under Debian 12 because I don’t care about the WebUI. I can see how some people, particularly those coming from Proxmox, would like the WebUI so getting the latest Incus might be a good option.
I believe most people running Proxmox today will, eventually, move to Incus and never look back, I just hope they do before Proxmox GmbH changes their licensing schemes or something fails. If you don’t require all features of Proxmox then Incus works way better with less overhead, is true open-source, requires no subscriptions, and doesn’t delay important security updates.
Note that modern versions of Proxmox already use LXC containers so why not move to Incus that is made by the same people? Why keep dragging all of the Proxmox overhead and potencial issues?
Every encryption is secure until someone breaks it. Like we saw on Wifi (WPA2 and WPS) or the push notification issue it may not even be a direct attack to the cryptography of something, may be a way around it.
Telegram doesn’t use encryption. Everything is in clear text. Nobody needs a back door to get access. Not even governments. It’s all just out in the open
This isn’t even true, Telegram isn’t IRC. Like any modern application, uses SSL (encapsulated in MTProto) to protect connections. Govts will only have access if they manage to compromise those certificates, like your bank’s website.
Telegram are the ones making a promise. I’m not saying they’ve broken their promise (as evidenced by the arrest).
The fact that govts go after them kinda validates the promise. Unlike Signal.
This has nothing to do with the ability for the company to see what users do, but with the fact that govts can order Signal and others to hand user data, ban chats and whatnot while Telegram simply ignores requests like those.
Govts aren’t pissed about the fact that Telegram might be an accessory to a crime, they’re pissed because they can’t compromise it. Do you remember the FBI vs Apple situation, they wanted backdoors / access to E2EE stuff and Apple was refusing to provide and they went against one of the largest tech companies out there. Do you really believe that the US govt just went after Apple but wouldn’t go after a small company like Signal? This looks shady - almost like there’s a security vulnerability / backdoor in Signal they can use whenever they want.
I agree with you, but just think about this:
signal, a truly secure messenger, will comply with data requests and will send the authorities everything they have about a user, which is really not that much to begin with.
A govt asks Signal for info on a user, then Signal hands over a bunch of IP logs, metadata and a few encrypted messages that are still pending delivery or something on their servers.
Do you remember the FBI vs Apple situation, they wanted backdoors / access to E2EE stuff and Apple was refusing to provide and they went against one of the largest tech companies out there. Do you really believe that the US govt just went after Apple but wouldn’t go after a small company like Signal? This looks shady - almost like there’s a security vulnerability / backdoor in Signal they can use whenever they want.
Why would they go after the “not E2EE” chat but not after the “unbreakable and private” one? Telegram delivers trust, users trust that they won’t share any info to govts. Signal only delivers a promise that their E2EE will be enough to make the information govts get useless.
This whole Telegram story is absolutely unrelated to chat control
Chat control is exactly about baking backdoors and providing govts full access to chat logs etc. something that Telegram would never be okay with. They don’t even reply to govts requests most of the time, let alone be compromised at that level.
the answer from my perspective is quite simple. Noncompliance. If telegram had complied to local laws, like the others have and continue to do, he would not have gotten in trouble.
Exactly you’re getting there. Now let me ask something, if Facebook/Apple/Signal/Matrix comply with such laws how private are they? Those companies will happily censor chats and hand records to the govt, Telegram won’t.
Now you can argue that they do hand info the the govts but it is all encrypted and whatnot… do you really trust there aren’t backdoors there? Or cleaver ways to get around it like what we saw with push notifications or macOS analytics?
Govts are only after Telegram because they can’t infiltrate the company, ask for data etc. If Signal was really as secure and private like everyone says it is then their executives would already be in jail and whatnot for “enabling criminal activities”.
Telegram isn’t E2E encrypted and the telegram company can access all your messages, however, just think about the bigger picture there. How come that the E2E encrypted WhatsApp, Signal and whatnot never had their CEOs arrested for not moderating content / enabling criminal activity? Think about that.
First they obliterate telegram (most likely the only ones that would not comply and still offer service in Europe, Facebook and Apple would just comply, Signal would drop Europe) and a few days later they restart talks on this.
Not specifically for amazon devices, they’ve opened up the network to “selected partners”, I believe Samsung isn’t on the list but that may happen at any point and to be fair did you read the ToS to know if they don’t have something similar already? What are their plans?