Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)N
Posts
2
Comments
34
Joined
3 wk. ago

  • I feel you. Handoff was dodgy af. I've switched to BasicSync for this very reason. It's a minimal Frontend, handling only execution conditions on Android. All config is done through the webUI. It works great and avoids some, if not all of the trust issues.

  • It feels like nitpicking, but there's a relevant difference here. If you can only access the weights (and not the training data and the learning algorithms used), it's hard to get (say) a Chinese model to freely talk about Tiananmen Square Massacre. (Just tried it locally on Deepseek R1; it's doable, but takes some prompt hacking.) The models may be freely available, but there's bias and censorship baked into them.

  • You're a German with a working brain, meaning you've learned to loathe Springer from an early age on. I don't think it's as common knowledge on the international level what a flaming dumpster fire this company really is.

  • "First lesson: Geography with Mr Longdong. Second lesson: Physical education with Mrs D. D. Hooters. Third lesson:..."

  • If you set up a trough, expect to find pigs.

  • Well, they do have that fruit basket, so...

  • Immich is dead-easy to set up on its own. I'm a great fan and have been running it for >2 years now.

    That said, I don't think it'll work for you because:

    • I gather you have little experience in self-hosting services. Sure, one can learn all that, but if you're becoming a parent soon, your priorities will be elsewhere (as they should).
    • self-hosting stuff isn't a one-shot - it does come with maintenance costs. You need to keep your boxes up to date, swap out dead hardware, manage backups... You may not have time for that.
    • Running immich itself is relatively easy. But running it securely is a different can of worms. Immich is a young project, written by enthusiasts, but not vetted for security like professionally-deployed software is. Thus, it's not advisable to expose it to the open internet. Since you want to share access to others, you'd have to setup Wireguard VPN tunnels for your relatives, which complicates matters.

    Obviously, I'm making a lot of assumptions about you. Whether these are true is up for you to decide.

  • Thanks for providing some evidence at last. You're not wrong on many of those points, but not entirely right either.

    Phone numbers are an issue, true, though you can get around that using a burner SIM or even a virtual phone number. Also, contact discovery has been working without exposing your phone number for over a year now.

    a phone from Google or Apple

    The phone can be made by anyone. The OS needs to be Android or iOS at some point, which is unfortunate; pure (desktop) Linux usage isn't possible. That said, deGoogled Android has been around for more than a decade, allowing you to use Android in a privacy-friendly way. So if you want, you absolutely can avoid being tied to Google and use Signal.

    As you can see, there's a lot more nuance here than "Signal isn't private"; privacy, after all, isn't binary, but rather a gradient. For what it's worth, Signal is more private than many messengers out there by a long shot, and it allows you to use it in more privacy-friendly ways if you so desire. While there are messengers out there that go even further in terms of security, privacy and decentralisation, a lot of them come with usability and convenience drawbacks. The way I see it, Signal sits in a Goldilocks Zone of "private enough" (for most threat models) and "convenient enough" for mainstream adoption. You can have the most secure and air-tight messenger; if there's nobody there to talk to, it's no more than a technically sophisticated brick. For now, Signal may be our best shot for mainstream adoption of reasonably private and secure messaging. If your threat model is higher than that of average Joe, by all means, go for Briar, SimpleX chat or any of the more hardcore options.

    1. Blurt out an opinion without the slightest effort to support it with evidence.
    2. Whine you're getting downvotes for ir.
    3. Claim your baseless opinion is "just stating the facts". Again, refuse even the tiniest amount of reasoning.
    4. Profit?
  • Great, I'll probably do just that this summer. Thanks for the info!

  • Ignore the downvotes. That's a fair question to ask, but one that does have answers. Signal is FOSS, has E2EE and was audited several times, so we know that

    • it did not contain any backdoors at the time of the audit
    • it will not for the foreseeable future (they'd be visible in the client code)
    • I need not trust the server code since messages are E2EE

    Thus, while mistakes do happen and can open up severe vulnerabilities, cf. Heartbleed, there's reason to assume that Signal is relatively secure. Signal's centralisation of server infrastructure is a valid concern, but not for security, but rather for

    • privacy (they might capture metadata, although it appears they don't; nation-state actors trying to subpoena user data have so far only gotten "date of registration" and "last online", which appears to be all they're storing; that's as close to "zero knowledge" as you get)
    • availability (as the recent AWS outage has shown, which took out Signal as well)
  • Fair, that's why I want to avoid it as much as I can.

  • Follow-up: I added the Guardian project repo to FDroid. Turn out: once FDroid has the repo, it can "take over" and do updates, even if Signal was originally installed from the Play Store / Aurora. That pretty much solved my primary issue here. (I'll look into Molly at a later point anyway, just for the sake of curiosity.)

    Thank you, once again!

  • Now that's a smart solution that might just work for me. I completely forgot that they were packaging Signal for their repos too! For anyone interested: Here's the link to their repo.

  • I've got a second deployment of immich that also got stuck somewhere on v1.x. May I ask how you upgraded to the most recent version? Did you just go for 3.0, or did you do "baby steps" in between? (e.g. 1.138 > 2.0 > 3.0)

  • I'll reply to you since you first brought it up, but it's a question to anyone here recommending Molly: what makes you cofident that Molly is secure (i.e. they're not fucking up Signal's cryptography by accident) and maintained by trustworthy people. Signal does get audits from time to time, Molly doesn't.

    Mind you, I'm not trying to shit all over Molly; Unified Push looks great. I'm trying to approach this with due caution though.

  • Obnoxious Windows 10 "upgrade" nag screens on Win 7. If you think you can push me, I'll push back harder. That, and Snowden showing the world that American tech is backdoored all the way to hell and back.

  • There are no issues with DKB on degoogled Android.Commerzbank have recently started claiming non-Google phones were "rooted" (which is bullshit) and refuse app-to-app pushTAN communication. One must work around that using a (PC-based) browser and photoTAN. Motherfuckers.

  • DeGoogle Yourself @lemmy.ml

    How do you guys keep Signal up to date?

  • Selfhosted @lemmy.world

    Vulnerabilities on Dockerhub