javik

joined 3 years ago
sorted by: new top controversial old
0
The Taliban are sitting on $1 trillion worth of minerals the world desperately needs (edition.cnn.com)
 

Demand for metals like lithium and cobalt, as well as rare earth elements such as neodymium, is soaring as countries try to switch to electric cars and other clean technologies to slash carbon emissions.

"If Afghanistan has a few years of calm, allowing the development of its mineral resources, it could become one of the richest countries in the area within a decade," Said Mirzad of the US Geological Survey told Science magazine in 2010.

4
Neoliberalism has conned us into fighting climate change as individuals (www.theguardian.com)
 

While we busy ourselves greening our personal lives, fossil fuel corporations are rendering these efforts irrelevant. The breakdown of carbon emissions since 1988? A hundred companies alone are responsible for an astonishing 71%. You tinker with those pens or that panel; they go on torching the planet.

Neoliberalism has taken this internalized self-blame and turbocharged it. It tells you that you should not merely feel guilt and shame if you can’t secure a good job, are deep in debt, and are too stressed or overworked for time with friends. You are now also responsible for bearing the burden of potential ecological collapse.

0
Government of India & WhatsApp - privacy issues (lemmy.ml)
 
Competition of commission of India files case on WhatsApp citing changes made to it's Privacy Policy. WhatsApp files case against Union govt. of India citing 'Traceability' provision in IT Rules.

WhatsApp's Privacy Policy changes are for business and profit. Union govt. of India's rules are for more control over the right to expression and to suppress dissent and criticism. We, users and citizens, are struck between them.

https://www.thenewsminute.com/article/how-govt-s-new-it-rules-track-originator-messages-can-affect-your-privacy-144179

2
LDF wins 99 of 140 seats in Kerala, Pinarayi Vijayan to be CM again (www.thenewsminute.com)
 
Nearly four and a half decades after the fifth Assembly election in 1977, Kerala has repeated history by re-electing the incumbent government to power. The Left Democratic Front (LDF), led by the Communist Party of India (Marxist) – CPI(M), has won 99 of the 140 Assembly seats in the state to come back to power. The LDF not only won eight seats more than it had secured in the 2016 Assembly election, but managed to increase their vote share.

The main opposition – the United Democratic Front (UDF), led by the Congress – won 41 of the seats. The Bharatiya Janata Party (BJP)-led National Democratic Alliance (NDA) won no seats at all.

The exit polls had predicted a simple majority for the LDF.
1
[INDIA] Serum's Covishield At ₹ 400 A Dose For States, 600 For Private Hospitals (www.ndtv.com)
 

Covishield will be sold at ₹ 400 a shot to states and ₹ 600 to private hospitals, the Serum Institute of India (SII) said today, days ahead of a new round of vaccinations from May 1 that will include all above 18.

The centre will continue to receive Covishield doses at ₹ 150 each, which means it will be cheapest to get a Covid shot from central government hospitals or establishments.

2
Monitoring tools for services and resources? (lemmy.ml)
 

Hello,

Which tools do you use to monitor services that you have self hosted and also to monitor system resources?

1
Molly - a hardened version of the official Signal for Android app (github.com)
 

Molly is a hardened version of the official Signal for Android app. It claims the following features,

  • Protects database with passphrase encryption
  • Locks down the app automatically after you go a certain time without unlocking your device
  • Securely shreds sensitive data from RAM
  • Allows you to delete contacts and stop sharing your profile
  • Clears call notifications together with expiring messages
  • Disables debug logs
  • No SMS integration

There are two flavors of it,

  • Molly - Similar to the official Signal app, plus the additional features
  • Molly-FOSS - Doesn't rely on any Google components for location, push notifications & face blurring, plus all the additional features

Download it from here.

I've been using it for a couple of days & it is pretty decent so far.

Anyone here already tried or are using it? How's the experience so far?

What happens when Signal server gets compromised ? in c/privacy@lemmy.ml
[–] javik@lemmy.ml 0 points 3 years ago* (last edited 3 years ago) (1 children)

But, signal has the concept of sealed sender (https://signal.org/blog/sealed-sender/), where signal doesn't know who is sending the messages.

This is when the government asked for data from Signal, "The only Signal user data we have, and the only data the US government obtained as a result, was the date of account creation and the date of last use – not user messages, groups, contacts, profile information, or anything else." (https://signal.org/blog/looking-back-as-the-world-moves-forward/)

With my phone number, they could tie it to other services, but not with the contacts in Signal itself.

This is something related to how groups are secured - https://signal.org/blog/signal-private-group-system/

What happens when Signal server gets compromised ? in c/privacy@lemmy.ml
[–] javik@lemmy.ml 0 points 3 years ago (3 children)

But, we could install a version of signal client that's not compromised, which sends as little as possible, encrypted. So, a compromised server could deny the requests, because the client was modified or it couldn't work with the encrypted content the way it expected. This would automatically raise red flags, because the app doesn't work anymore. Has something like this happened?

And for the deploying modified versions to targeted devices. I know it's possible through orders or compromised server, but has it happened? If so, any sources regarding that.

0
What happens when Signal server gets compromised ? (lemmy.ml)
submitted 3 years ago* (last edited 3 years ago) by javik@lemmy.ml to c/privacy@lemmy.ml
4 comments fedilink
 

Hello Everyone,

This is something I've been thinking about in the wake of many users joining Signal, due to WhatsApp's new privacy policy changes.

When it comes to the mobile client (in case of Android), we could verify its integrity by checking the source code & the APK's integrity using reproducible builds (https://signal.org/blog/reproducible-android/).

When it comes to the server, it is possible that it could get compromised in many ways.

My question is, when it comes to privacy & security, does the server integrity matter if we are reasonably sure the client isn't compromised in any way or doesn't transmit anything that the server could access in a meaningful way.

And, this could apply to any service that has both FOSS client & server or just FOSS client.