Pup Biru

australia’s notes all have tiny signatures of the governor of the reserve bank, and the secretary to the treasury and have for at least as long as i can remember… i don’t think it’s a vanity thing in that case

alternatively, i say mac because its quicker than laptop/computer/pc and macbook because it provides more context with the same amount of effort… without that context, people will assume windows, which is fine - it’s not a status thing (for me) - but when discussing how to get things done, it avoids the minor annoyance of mismatched expectations for no extra effort

idk i was pretty upset when i accidentally threw my $6000 macbook at the very corner of a concrete surface and it got scuffed up but id have been far more worried about a non-macbook… the gash in the aluminium would have been completely fucked plastic and internals

well it’s because of activist judges of course

certainly nothing to do with voting to allow it

yeah i completely agree with that part… just i think in terms of costs i wanted to know for real if its a good argument, and figured id document it

yall have some of the highest per capita healthcare costs in the world, and some of the worst health outcomes among peer economies. “too expensive” and “better quality” are both terrible arguments based on the reality of the situation (lol reality… because that matters)

… but it’s also interesting to put into perspective: that $2b/day doesn’t even come close to healthcare costs (although… it’s not an order of magnitude off, so there’s that i guess)

quick estimate because i’ve seen this a few times:

australia spends ~$279b/y on health (~$190b usd)

australia is roughly the population of texas at 27.6m

us population is 340m

so all things being equal that’s $2.2t usd for the us population

so after 6y at war you could have had 1y of healthcare

ngl i was really hoping it’d be closer :(

(but of course this is bullshit anyway because yall already pay for healthcare, and lives extinguished vs lives saved etc etc… thus the “all things being equal” like circular cow in a vacuum)

% is % is %… absolutes are completely irrelevant… 1m people uninstalling facebook is less relevant than 100 people uninstalling <insert your favourite indie game>

a large % change is always relevant no matter the company size. that’s the whole point

it’s enough to be indicative

ENS runs on Etherium which no longer uses POW, thus doesn’t waste power in the same way as eg bitcoin

also I2P and onion don’t have name systems per se, so that doesn’t actually address the problem… AA could just use an IP address or something, but they require (for human usability) well known domain names

I2P and onion still require systems for discovery. they solve different problems to name systems

BUT ITS CHILLA TIME

agreed!

you can’t, and shouldn’t… lemmy never claimed to be, nor has the architecture to enable it to be a private service. lemmy instances are run by arbitrary people on the internet, and some of them do run forked versions of the codebase (eg blahaj)… we have no way of verifying what’s running on the server

but interaction on lemmy doesn’t require trust. i don’t think anyone is expecting lemmy to be private

It’s not really a partial solution

disagree, and that’s fine… STEM is full of partial solutions that become complete solutions as additional pieces are added (and as i said with the proxy, imo the proxy makes it a complete solution)

The complete and obvious solution to the problem is to not collect personally identifying information in the first place.

but that creates other problems… for example, with spam and usability

it’s all trade-offs, and signal has done a lot of global privacy when compared to alternatives exactly because of the compromises they’ve made

You have a very charitable view of Signal making the base assumption that people running it are good actors

i don’t consider it charity… they’re making a lot of right moves, and are explaining their compromises. they’ve given me no reason not to trust them, and plenty of reasons to say they’re a good compromise that will have the greatest impact to global privacy

are there better privacy solutions? sure… will they ever take off? personally, i doubt it… not letting perfect be the enemy of better or good enough is important: a solution that keeps people who don’t care about privacy relatively safe is important, including for the privacy of people who do care about their privacy because it allows everyone to blend in with the crowd

Yet, given that it has direct ties to the US government, that it’s operated in the US on a central server, and the team won’t even release the app outside proprietary platforms

imo the fact that it’s hosted in the US is pretty irrelevant… as you’ve pointed out: it shouldn’t be a matter of trust… validation of the client is the only thing you can rely on, so even if the NSA hosted the servers you should still theoretically be able to “trust” the platform (outside of the fact that you couldn’t ever trust that they’re using encryption that they don’t have a secret back door in or something)

I do not trust the people operating this service, and I think it’s a very dangerous assumption to think that they have your best interests in mind.

i trust them as much as i trust anyone running any other privacy service

i think it’s a very clever partial solution, but when combined with signals other ethos (making privacy simple so that more people use privacy-centric options), that means people aren’t going to change IPs between temp token and message to solve the last part of the puzzle: thanks for explaining your line of reasoning

i also think that there’s a way forward where messages are sent or tokens are retrieved via a 3rd party proxy to hide IPs (i thought i read something about signal contracting a 3rd party to provide some of those services but i can’t find the reference to that, and also it’s not verifiable so limited in usefulness), which is a complete solution to the problem, as long as said proxies aren’t controlled by signal (thinking about it now, you could also simply route signal traffic through a proxy so many people share an IP, and they do provide proxy functionality separate to the system proxy configuration)

i still think that signal has made a pretty reasonable set of trade-offs in order to balance privacy and usability in order to have a large impact on global privacy

*edit: actually, adding to the proxy point, turns out EFF run a public proxy

and there’s a big list of public proxies available (not a big list to avoid censorship, but still a good resource)

and they also have support for tapping a link to configure the proxy, so very quick and easy

yeah, bad choice of words on my part… and i think the verification doesn’t have to be identity-based… it just has to be some limited resource (which identity is, and guarantees fairness because it’s n per identity)

it’s all compromises, and i don’t think there’s a perfect solution… what we want is the largest impact on general privacy the world over, and options that allow verifiable perfect privacy when needed - but understanding that that requires compromise in things like usability simply because it’s more complex to set up things like trust networks than to … just not

they do, but that information is disconnected from your messages by sealed sender: that’s the point… your sender identity is cryptographically shielded from the signal servers

they know who you are, but they have no ability to connect that identity with who you message (which you can verify using only your client)

*edit: i will say, because i’m interested in conversation and understanding not just winning an internet argument, that my conversation with yogthos here has underscored i think a place where this could still be improved: your IP address across the entire sealed sender process can be used to tie things together, if it remains unchanged (but you can change your IP address between receiving your sender token and sending messages)

that comes down to a difference in philosophy i think… signal have detailed their reasoning for not making signals servers decentralised and self hostable, and i don’t disagree with some of them… i think everything is a trade-off, and decentralisation has scaling and usability issues

signal has done a pretty good job of creating a platform that’s much much better than alternatives in a package that’s consumable by the general public

i’m not sure that something that’s more like matrix, or xmpp, etc could do that

it might be theoretically and technically not quite as perfect, but its impact on increased privacy across the globe has been far larger because they’ve made some of those compromises

replied to your other msg, so i wont duplicate it here and we can continue there if you’d like

the whole point is you don’t need to trust them… you can never trust any server: your client is the only thing you can trust. you can verify using your message payloads that your sender information is not ever sent to the signal servers along with your messages