I wrote a comment here about why sealed sender does not achieve what it purports to.

Upload bandwidth doesn’t magically turn into download bandwidth

Actually, it does. Various Cable and DSL standards involve splitting up a big (eg, measured in MHz) band of the spectrum into many small (eg, around 4 or 8 kHz wide) channels which are each used unidirectionally. By allocating more of these channels to one direction, it is possible to (literally) devote more band width - both the kinds measured in kilohertz and megabits - to one of the directions than is possible in a symmetric configuration.

Of course, since the combined up and down maximum throughput configured to be allowed for most plans is nowhere near the limit of what is physically available, the cynical answer that it is actually just capitalism doing value-based pricing to maximize revenue is also a correct explanation.

If copyright holders want to take action, their complaints will go to the ISP subscriber.

So, that would either be the entity operating the public wifi, or yourself (if your mobile data plan is associated with your name).

If you’re in a country where downloading copyrighted material can have legal consequences (eg, the USA and many EU countries), in my opinion doing it on public wifi can be rather anti-social: if it’s a small business offering you free wifi, you risk causing them actual harm, and if it is a big business with open wifi you could be contributing to them deciding to stop having open wifi in the future.

So, use a VPN, or use wifi provided by a large entity you don’t mind causing potential legal hassles for.

Note that if your name is somehow associated with your use of a wifi network, that can come back to haunt you: for example, at big hotels it is common that each customer gets a unique password; in cases like that your copyright-infringing network activity could potentially be linked to you even months or years later.

Note also that for more serious privacy threat models than copyright enforcement, your other network activities on even a completely open network can also be linked to identify you, but for the copyright case you probably don’t need to worry about that (currently).

Mattermost isn’t e2ee, but if the server is run by someone competent and they’re allowed to see everything anyway (eg it’s all group chat, and they’re in all the groups) then e2ee isn’t as important as it would be otherwise as it is only protecting against the server being compromised (a scenario which, if you’re using web-based solutions which do have e2ee, also leads to circumvention of it).

If you’re OK with not having e2ee, I would recommend Zulip over Mattermost. Mattermost is nice too though.

edit: oops, i see you also want DMs… Mattermost and Zulip both have them, but without e2ee. 😢

I could write a book about problems with Matrix, but if you want something relatively easy and full featured with (optional, and non-forward-secret) e2ee then it is probably your best bet today.

two weeks later: GitLab confirms it’s removed Suyu, a fork of Nintendo Switch emulator Yuzu

sad to see their new git hosting is behind cloudflare 😢

It’s a mild pain and definitely not what we were promised

I think this is precisely what the ActivityPub model of federation promised, actually 😅

💯 points for the name.

They should make it use the sosumi sound for something so that maybe they can get sued by Apple Inc too 😂

Poor choice of git hosts though; won’t gitlab.com take down anything that a big company asks them to?

Ente doesn’t seem to require a CLA.

It turns out, they do have a CLA (with full copyright assignment 😢).

They’d need to implement something like SRP.

Update: I contacted the developers to bring my comment to their attention and it turns out they have already implemented SRP to address this problem (but they haven’t updated their architecture document about it yet).

It is, but in this case I think it isn’t actually a weakness for the reasons I explained.

That’s complicated to do correctly. Normally, for the server to verify the user has the correct password, it needs to know or receive the password, at which point it could decrypt all the user’s files. They’d need to implement something like SRP.

What I proposed is that the server does not know the password (of course), but that it knows a thing derived from it (lets call it the loginSecret) which the client can send to obtain the encryptedMasterKey. This can be derived in a similar fashion to the keyEncryptionKey (eg, they could be different outputs of an HKDF). The downside to the server knowing something derived from the passphrase is that it enables the server to do an offline brute force of it, but in any system like this where the server is storing something encrypted using [something derived from] the passphrase the server already has that ability.

Is there any downside to what I suggested, vs the current design?

And is there some reason I’m missing which would justify adding the complexity of SRP, vs what I proposed above?

The only reason I can think of would be to protect against a scenario where an attacker has somehow obtained the user’s loginSecret from the server but has not obtained their encryptedMasterKey: in that case they could use it to request the encryptedMasterKey, and then could make offline guesses at the passphrase using that. But, they could also just use the loginSecret for their offline brute-force. And, using SRP, the server still must also store something the user has derived from the password (which is equivalent to the loginSecret in my simpler scheme) and obtaining that thing still gives the adversary an offline brute-force opportunity. So, I don’t think SRP provides any benefit here.

edit: the two issues i raised in this comment had both already been addressed.

this was the developer’s reply on matrix:

1. We do have a CLA: https://cla-assistant.io/ente-io/ente
2. We will update the iOS app to offer you an option to point to your self hosted instance (so that you can save yourself the trouble of building it): https://github.com/ente-io/ente/discussions/504
3. The portion of the document that deals with authentication has been outdated, my bad. We’ve adopted SRP to fix the concerns that were pointed out: https://ente.io/blog/ente-adopts-secure-remote-passwords/

There is a version of VLC for the Nvidia Shield, but it has a somewhat irritating UI and I don’t know if it can actually read the menus like the desktop version can.

i am against paying for DRM streaming services, and i boycott apple products, but i must say this is an impressive hacking effort and a well-executed meme about it. 🥂

cloudflare’s service puts them in the middle - so, HTTPS doesn’t encrypt traffic between the browser and your server anymore, but instead between the browser and CF, and then (separately) between CF and your server. CF is an antidote to intelligence agencies’ problem of losing visibility when most of the web switched to HTTPS a decade ago.

cloudflare is an intelligence company who’s flagship product involves them mitming your TLS.

why bother self-hosting, if you do it from behind cloudflare?

There are at least four companies listed here selling new laptops with coreboot preinstalled: https://doc.coreboot.org/distributions.html

oh cool, if Edward Snowden did it I guess software freedom isn’t important anymore 🙄

But seriously, did he? which one? I’m not familiar with that.

But even if he did release something under one, I would be extremely surprised if he called a non-free license “open source” as FUTO is doing here.