Thanks for pointing that out to me, I wasn‘t aware of that.

That is an iMessage exploit, nothing to do with push notifications. He might be referring to this, which allows associating an account with an identity, but it’s not what he is claiming (content decryption) either. So as long as no sources are provided he is just spreading FUD

You are just spreading misinformation! Cite your sources!

There is a strategy used, which allows the government to find out who an account belongs to. They ask the push providers (Apple/Google) for data on the push token from e.g. a messaging app. This way they associate the account from an app with an identity.

Nothing there about message content. It is still safely E2EE.

~~I don’t know how it works in your country, but in mine, phone numbers are already associated with identities, so nothing gained as the gov can just ask signal for the phone number of an account, instead of having to ask signal and the push provider to get the identity.~~ (Edit: apparently it’s hashed, so there seems to be a use for this.) Signal isn’t about Anonymity but Privacy. There is a difference.

If you have another vulnerability cite it!

Cite your sources if you want to make claims like these! Until then you are just spreading FUD. There is nothing supporting your statement that i could find.

Wow, the whole argument of the article is basically: funded in part by US government = bad, and making a lot of assumptions, nothing more.

The fund is designated to: “support open technologies and communities that increase free expression, circumvent censorship, and obstruct repressive surveillance as a way to promote human rights and open societies."

One should question the commitment of a fund that dedicates itself to "obstructing surveillance", while being created by a government who runs the most expansive surveillance system in world history. And how the US might define the terms "human rights", and "open society" differently from those who know the US's history in those areas.

How laughable, that is not an argument, it’s nothing more than a guessing game, ignoring that there are different parts of government and different objectives can be true.

Signal's use luckily never caught on by the general public of China, whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows. (For example, India's most popular social media apps, are Facebook and Youtube, meaning that US surveillance giants own and control the everyday communications of a country much larger than their own). Signal instead became used by US and western activists, and due to the contradictions of surveillance capitalism, also now its general populace.

You have to be kidding right? Championing china, which created a fucking surveillance state and is heavily monitoring the citizens, as an example?

Well then you‘ve said it yourself: “shortly after“ they were attacked. That is not really much of an argument.

Ich kann dir nur das aktuelle Interview der Lage der Nation mit Baerbock empfehlen. Es werden die Waffenlieferungen kritisch angesprochen. Ich finde es wichtig, ihre Position zu diesem Thema zu hören, um so die eigene Meinung besser bilden zu können. Hier der Link zur Online Version, falls kein Spotify genutzt wird.

The discussion around this isn’t differentiated enough. Germanys foreign Minister has explicitly stated that what was exported, is stuff whose purpose is defensive in nature, e.g. Ground to air missiles. I can’t say if that is true, though there is some corroborating material. Nevertheless arms exports is too general as a category in my opinion.

I haven’t looked into the technicals much further than the support page.

The way i read it, it sounds like the companies will get some general data if their ads work without a profile about you being created. I would be fine with that. What I don’t like is the lack of communication to users about it being enabled.

PPA does not involve websites tracking you. Instead, your browser is in control. This means strong privacy safeguards, including the option to not participate.

Privacy-preserving attribution works as follows:

1. Websites that show you ads can ask Firefox to remember these ads. When this happens, Firefox stores an “impression” which contains a little bit of information about the ad, including a destination website.
2. If you visit the destination website and do something that the website considers to be important enough to count (a “conversion”), that website can ask Firefox to generate a report. The destination website specifies what ads it is interested in.
3. Firefox creates a report based on what the website asks, but does not give the result to the website. Instead, Firefox encrypts the report and anonymously submits it using the Distributed Aggregation Protocol (DAP) to an “aggregation service”.
4. Your results are combined with many similar reports by the aggregation service. The destination website periodically receives a summary of the reports. The summary includes noise that provides differential privacy.

This approach has a lot of advantages over legacy attribution methods, which involve many companies learning a lot about what you do online.

PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.

This all gets very technical, but we have additional reading for anyone interested in the details about how this works, like our announcement from February 2022 and this technical explainer.

It‘s not only about using the tpm to unlock the FDE, you should be able to do that on every distro with systemd-cryptenroll. The part that is new, is the the measuring of the systems integrity. It’s a way to ensure that the firmware has not been tampered with, the boot loader is the one that was installed and has not been replaced, that the kernel is exactly the one that comes from the distribution, that the kernel command line is the one that we expect, and that the initrd that is used does not contain any extra binary that we do not control.

If you dont want to miss future announcements:

• With an Account on the forums you can get notifications if you turn them on for the “Announcement“ tag
• You can add https://universal-blue.discourse.group/tag/announcements.rss to your RSS reader

I find it rather repulsive, that people would label “being against gay marriage” as “only holding an opinion”. It makes it seem so harmless. It is depriving people of the same rights that heterosexuals have. And that is why it might matter to people. It’s not just “any” opinion, like a view on how the economy should be regulated, where one could definitely argue about. But a view, which would deprive people of the same rights that others have, is not a valid opinion to have. There is no way that it can be respected. It’s the paradox of tolerance

In a comment further down you write the following: (Edit: the comment has since been removed by a mod)

You have the right to have a liberal opinion so why not let people have their own? It's like discrimination of black people at this point.

Which is quite ironic. You try to defend holding an opinion, which would discriminate against a certain group by not giving them the same rights. You argue that it’s discrimination to not respect their discrimination. In essence you ask the tolerant to respect the views of intolerant.