• 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: July 30th, 2023

help-circle




  • It should most definitely be a valid assumption.

    If the key passes through their servers at all (and it probably does,) then they have access to the keys and sufficient information to decrypt it. it’s possible the app does send keys independent of their server- I don’t know- but I very much doubt it.

    The keys shouldn’t be on or go through a server anywhere, that would be an absolute joke.

    What makes you think that private keys are being sent anywhere? This app uses a slightly modified version of the Signal protocol (because of course it does), as they describe here, section 27, page 90. Only public keys should ever leave your device, otherwise no amount of showing the code would make it secure. That’s the whole point.

    Again, with the client code you should be able to tell that the keys are generated there and not sent anywhere.

    As I said, with any app, just because they publish some server code does not mean that that’s what they’re running on their server - for security you have to be sure that the app is sufficiently secure on its own. Even if they were running the exact public code that “didn’t save the keys” the server could harvest them from memory.


  • You’ve misunderstood. With the client code you can be sure that your messages are properly encrypted before leaving the device. If that’s done correctly, you don’t need to trust the server, because it can’t read your messages just like some attacker couldn’t. Signal is pretty similar, they didn’t update the public server source for a few years, and even with the source, we can’t know that that is what they’re actually running. But with a verified build of the client code we can know that our messages are encrypted such that, even if they held on to them until quantum computers became mainstream, they’d still be properly protected.





  • That’s got very little to do with my comment. Obviously, you (as in you personally) can eat whatever you please, but if you make biological claims about it you ought to back them up with evidence.

    What does “as intended” mean? You mention bread and pasta in an earlier comment; do you understand that flour is also a processed ingredient? And that baking is a means of processing food? Oil can be as simple as just being squeezed out of whole seeds or fruit, that’s no more processing than grinding, cooking, or peeling something.



  • matter@lemmy.worldtoMemes@lemmy.mlWinning is relative
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    1 year ago

    What about three weeks of extra annual leave, public holidays, real healthcare with no bullshit co-pays (and unlimited sick days, they don’t count towards “pto”), a maximum 35 hour work week… Because that’s more like what it would look like for a higher value job like that. Depends on the country and the job, of course. But in my case in the UK right now, and in my last job in Germany, my total “pto” in US terms has been roughly two months. (Which is a lot even here, but it’s not by any means unheard of, and easy to get if it’s a priority to you). Doing a job with an average salary of about 100k in the US, and I get paid a little over 50k £ for it, which is about 1.5 times the median salary here, so even after the recent inflation it affords a pretty comfortable lifestyle, it’s enough money to pay the mortgage and take holidays to the continent in my ample time off.

    Sorry, this turned into a bit of a rant, but tldr: it’s not just “an extra week”