By default, yes. It is possible to create a so-called secret chat, which is standard for signal and similar, but that's something you have to manually do. Furthermore, it's not even possible to make secret chats for groups. When it was initially released, I was cautiously optimistic that it could turn into a good, secure application, but knowing it's been this long and it hasn't, I wouldn't consider that likely.
spinning_disk_engineer
joined 7 months ago
HID means a human interface device, so most commonly a keyboard, but remote controls can and do use the same protocol just fine.
It's easy to find a TV with USB-C input, though not universal. That still uses the DP protocol, and cables with different connectors on opposite ends are both cheaper and more common than those with HDMI as a result. Also, this is only even an issue if HDMI 2.0 isn't fast enough for you, so old devices aren't a concern.
I've never actually used CEC, but everything I've seen says it's just like a USB HID, correct? According to wikipedia, there already exist USB to CEC adapters.
Yes, but that adds more cost. I don't have any hard data on this, but it feels like their current solution works fine, since anyone using more data than 2160p60, who also won't accept chroma subsampling, probably is already using DP. Maybe this is a direction to pressure the HDMI forum, since unlike AMD, valve's drivers are actually open source on the majority of their users' machines. And if things change in the future, external adapters or proprietary adapters are both solutions.
All of these supposed advantages are solved by USB-C though. Even the length is higher (5m, I believe). I'd be fine if the DisplayPort connector is gone, but the actual standard is just better for most purposes.
That's still a licensing issue: you're not allowed to license from the HDMI consortium and then freely sublicense to all your users, which is what open source requires. Hopefully this eventually concludes in the end of relevance for HDMI and we can have a freer, and just better ecosystem in general.
This exists in Canada, and it's called jmp.chat. They use jabber, rather than simpleX, but they will optionally provide a server, which you could then bridge to your own server without needing port forwarding or anything like that.
They do take payments in monero, but for some reason you can't create an account with only monero unless you contact support first…and they don't do support by email, only phone/sms and jabber. There are public jabber servers, so it should be entirely possible, just inconvenient. They also take payment by mail, which I think includes cash.
I'm not sure the logistics of using jmp.chat outside of Canada, but I know it is somewhat possible to do in the US. Of course, there's nothing forcing you to actually be in the same area as the service, but people who live in the same area as you might question the +1 phone number, and might get charged more by their provider.
The thing is, trusted computing as a security feature isn't useless. For the particular case of phones, people generally use relatively low entropy passwords, because it's impractical to do otherwise. The Titan chip uses trusted computing technologies to ensure that an attacker with physical access cannot bruteforce the password, which it does by forcing a timeout between successive attempts. It might do other things too, this isn't my area of expertise, but (I believe) it isn't needed for the general functioning of the device, as opposed to e.g. the intel ME.
Of course, a security chip that you have the power to control would be better, and no less secure, but that doesn't exist. However, neither the OS itself not the apps directly depend on trusted computing. Otherwise GrapheneOS couldn't exist in the first place.
Note that this problem doesn't exist on desktops or laptops: it is entirely possible to memorize a passphrase around 96 bits of entropy, which is high enough that it can't practically be bruteforced, especially if the algorithm to check if it is correct is computationally slow.
So, you lost a bit of sovereignty for your phone in the interest of security, but phones aren't private to begin with: the actual modem also uses trusted computing. The devs behind GrapheneOS considered this the best solution to the problem, after weighing the pros and cons. Personally, I'd be happy to have a flip phone which has no password, and then do everything of significance (possibly including call and SMS) on my laptop. That is to say, I'd rather I didn't have to use GrapheneOS, but it's compromises align well with my own for now.
First off, I would be careful around browser-based VPNs, especially free ones. If it's in the browser it's often just a proxy (as opposed to wireguard or openvpn), which is potentially bad for normal functionality or privacy. Also, if it's a free service then it almost certainly collects your data itself, and won't necessarily be allowed by sites either.
That being said, there are two ways to layer the two type of tunnels:
Connecting to the VPN first is relatively common. This means that your ISP can't see you connecting to Tor. Furthermore, VPNs are designed to tunnel your entire system, while Tor generally is not. Thus, you can have some traffic that is merely VPN protected and some that runs through the Tor network as well. In this situation my ISP knows which VPN provider I use, my VPN provider knows (1) my identity and (2) my network activity outside of Tor, and sites that I visit can only see that I use Tor.
The other direction is to connect first to Tor, and tunnel the VPN connection through there. This is very much not intended: Tor only tunnels TCP, while most VPN protocols use UDP (only, or more efficiently). The reason is that it's actually quite difficult to hide your identity from your VPN provider. If the VPN is the innermost tunnel, then that means that it has access to all your network traffic. I'll assume that all of it is encrypted with TLS (but be careful because a single error is bad). Then, the VPN only knows which domains you visit, how long, how much data, and at what times. This is still quite significant. Then there's the issue of payment. If you choose a free service, it almost certainly means it's selling your data. I will say that this is better than most other uses for free VPNs, but it's still pretty sketchy. If you're paying, then you need one which accepts payments in monero (or zcash or another private cryptocurrency) or cash by mail.
Overall, Tor over VPN is relatively normal. I use this configuration regularly. VPN over Tor is highly unusual, and you should consider if you need it. If you need a recommendation for a VPN though, Mullvad supports both monero and cash by mail (sweden), and is generally a good all around VPN (as long as you don't need port forwarding). One final thing to note: If for some reason you want to use a VPN on both sides, do not use the same VPN, even with separate accounts. Probably, they won't check, but at that point you might as well just use straight Mullvad VPN.
One thing that's worth keeping in mind: physical retailers may have cameras, but they (in general) rotate their recordings and don't provide an API for law enforcement. By contrast, any data that an online service gets is probably stored forever, possibly across multiple companies. If you do pick up the online package at a physical store, then you're losing most of the benefits, so you also need to provide an address.
That being said, much of China and some of the US have significant outdoor surveillance camera networks. These usually do provide law enforcement with real time, AI search, and may keep recordings for a very long
For me, as a Canadian, I'd consider physical stores more private, maybe putting on generic clothing and a mask if it's really important. If your city has its own surveillance system, that might be different for you. Though really, in that case, you should be more concerned about pushing for the cameras to be removed, or failing that looking into moving elsewhere: it is not sufficient to have privacy only online, only from major storefronts.
view more: next ›
I'm not entirely sure what you're trying to say here. To clarify, telegram uses a store-forward architecture, meaning that it deletes messages from the server once they have been received by everyone. Until that time, the messages are stored on the server in plaintext, unless you're using a secret chat. They do this to avoid having to exchange keys between different clients, but what that really means is that it isn't actually private most of the time.