It’s Saturday, only losers leave before the man burns (Saturday night). If this keeps up through late Sunday then it might start to be a problem. If anything this will keep out straggling weekenders.

Signal is too darn secure. Much better to have one dude who probably knows how to use a crypto library build the whole thing over again with a coat of ActivityPub on top

pro tip: they still leave cookies, even when you "opt out". You're American, you don't have a right to not be tracked. Use Firefox Focus, purge your cookies regularly.

This isn’t really specific to federated software. The client can go offline but the server can’t. Same applies to all centralized services. The only place this really applies is for decentralized (as in, no central points) systems, and those tend to have a lot of special sauce to make other people being offline less painful

It’s down to 3.5k out, maybe this isn’t as big a deal. Most of QA seems back, and a small part of Magnolia is still out.

Encourages users to just add a rotating number or other not too secure thing to their password. I know that’s what I did when I worked somewhere with that dumbfuck policy.

That's fair! If you're on these type of forums, there are a lot of Signal haters and a lot of Matrix lovers, and sometimes they like to make confusing or just straight up inaccurate statements. The crux of the issue is not about the encryption of the text of messages themselves, which both platforms are capable of doing. Personally, I wish there was something like Signal but without the centralization, but the reality is such a thing doesn't exist.

Signal (as in the Signal server and by extension the legal entity behind Signal) does not know what groups you're in, does not know who's in your contact list, does not know which groups you are sending messages to, doesn't know which groups exist, and can't tell the difference between a message, a reaction, a read receipt, a remote delete ("delete for everyone"), an edit... etc. Signal doesn't have a way to send anything between two parties that the server can see. Signal has received a number of subpoenas which they typically fight, and if/when they lose they over all of the information they have about the subject of the subpoena, which tends to be whether or not they have a Signal account, when they registered the account and when they last used it. You can see these at https://signal.org/bigbrother/

Matrix (as in the Matrix server you're registered on as well as the servers of whoever you're talking to, for groups that means everyone in the group, notably this is not necessarily the same as the legal entity behind Matrix, but in practice a LOT of people use matrix.org for their home server so it frequently is) can see basically all of the things I listed above. The text of normal messages is encrypted. The group membership list isn't encrypted. reactions aren't encrypted. read receipts aren't encrypted. Group membership lists are stored in plain text.

"theoretically" being the operative word here. Most people don't. And if they did, they wouldn't be able to talk to anyone else without the metadata getting copied to that person's server. Probably okay if it's between two information security experts who operate their secure own servers, but in reality most people don't do that. This could be summarized as: Matrix offers a lot of easy ways to be less secure, Signal does not.

As for WhatsApp, I know they have paid or maybe still do pay Signal for their encryption. I believe Facebook Messenger did or does as well. I'm not sure what the actual implementation looks like and neither is anyone else, because it's closed source.

Ok but not external images (I think)

Reddit doesn’t support image embeds in their markdown, Twitter doesn’t support markdown at all

All depends on your definition of “properly secure”. As far as I know, most users do not host their own server

Can’t tell if this didn’t work or mlem just isn’t rendering it right. Also can’t edit or delete.

Edit: used web ui on mobile, made it work