We should make a thing that's like... We start a wiki for projects that don't yet exist. Something that really lays out the essential elements of the thing in our mind. Basically, what the fan wiki for our thing would look like if we had the time/funding to make it. Yes, that includes spoilers. And then, once completed to a satisfactory degree, use them as planning docs to build the thing. It's more open source *and* would provide transparency should such an effort ever go for crowdfunding.
Let's talk about **xPal**, which purports to be an encrypted messaging app.
xpal.com
xPal | Ultra Secure Messaging App for Private Communication
xPal is an advanced secure messaging app that keeps your chats private, encrypted, and safe. Start communication securely today.
 Anyone that reads my blog probably [already knows where this is going](
Dhole Moments
Encrypted Messaging Apps - Dhole Moments
Over the lifetime of this blog, I’ve looked at a lot of so-called private messaging apps. A lot of this was prompted by random people’s...
 ). If this post accidentally reaches escape velocity and people that don't know me find it: Hi, I'm a furry cryptography nerd. Usually when I talk about so-called private apps, it's to disclose vulnerabilities in them. (Today, I just don't have the damn energy to do a formal write-up.) Let's start with how they market their app. image
I know age verification is stupid bullshit pushed on us by conservative morons who hate queer people... But since those clowns are the ones writing the laws right now, would anyone be interested in building a service that looks like this:?<li>Authenticate with FIDO2 tokens.</li><li>Upload photo ID for manual verification into an isolated subsystem. (TODO: Figure out how to remove this step with help from local governments.)</li><li>After verification, issue privacy pass tokens (with Ristretto255) that other apps can consume/verify as proof of being 18+.</li> I'm not happy with the prospect of this being necessary, but being able to use cryptography to limit the blast radius of privacy violations is something I'd be interested in working on. I'm sure I can convince my peers in cryptography to help, too, if there's sufficient demand for it.
The Authenticity Drought The types of people that proudly call themselves "influencers," and describe what they create merely as "content," are so profoundly allergic to authenticity that it bewilders the mind. Don't believe me? Look no further than the usage of "unalive" in the modern lexicon. The verb "unalive" became a thing because content creators (predominantly on YouTube) were being penalized by advertisers for talking about suicide and other heavy topics.
Dhole Moments
The Authenticity Drought - Dhole Moments
The types of people that proudly call themselves &#8220;influencers,&#8221; and describe what they create merely as &#8220;content,&#8221; are so p...
The next blog post I publish will either be met with riotous laughter or extreme butthurt. Weeeeeeeeeeeee!
Another example of the tech industry being absolutely shit at respecting consent. image
Constantly torn between "I don't want to be an annoying, attention-seeking bastard that spams links to his blog all the time" and "Holy fuck how have you people not read about this? You're supposed to be professionals! I even blogged about it!" whenever I read news sites.
Prediction: There will be zero meaningful accountability for Hegseth or anyone else involved in the Signal chat. The reason is that too many elected officials treat politics as a team sport, and no matter how bad someone fucks up, they put party loyalty over all.
The Practical Limitations of End-to-EndΒ Encryption Internet discussions about end-to-end encryption are plagued by misunderstandings, misinformation, and some people totally missing the point. Of course, people being wrong on the Internet isn't exactly news. XKCD: Duty Calls "What do you want me to do? LEAVE? Then they'll keep being wrong!" Yesterday, a story in The Atlantic alleged that the Trump Administration accidentally added their editor, Jeffrey Goldberg, to a…
Dhole Moments
The Practical Limitations of End-to-End Encryption - Dhole Moments
Internet discussions about end-to-end encryption are plagued by misunderstandings, misinformation, and some people totally missing the point. Of co...