skullgiver

skullgiver , 13 hours ago

Without Nvidia's proprietary driver (nvidia-dkms), you're probably using the independent, open source Nouveau driver for Nvidia cards. Nouveau has issues (performance at least, but also stability on some hardware), even on X11. I don't think it supports Wayland, and there are no mentions of Wayland anywhere on the website.

As for why you need nvidia-dkms: the proprietary Nvidia driver isn't open source, and needs to be compiled and linked on your machine for legal reasons.

Nvidia now publishes an open source driver that works on some GPUs (open-gpu-kernel-modules) that could end up in the mainstream Linux kernel, eventually. Nvidia hid all of its special sauce in firmware starting around the 20xx series of cards (and also for the 16xx series), so it seems they have decided to finally open up their drivers. For older hardware (up to 10xx) the special sauce is packaged in software, so Nvidia has kept the code for those devices closed source.

As for the "fullscreen videogame": in a way, that's true, both for X11 and for Wayland. The difference is that X11 has existed for longer, and Nvidia has provided the necessary hardware acceleration features for X11 for longer as a result, ironing out a lot of issues. X11 also allows them to add their stupid arbitrary limits (Nvidia put a hard cap on the amount of displays you can drive using their driver on consumer platforms for no well-explained reason). For Wayland, for years Nvidia refused to implement the normal spec, and instead decided to only implement an optional side feature that only Gnome really used, just to get Nvidia hardware working. They changed course a while ago, but Wayland + Nvidia is still a mess even with the latest drivers and code.

Nouveau has been developed for X11 from the start and the project is moving very slowly. That's not because the project doesn't care, but because reverse engineering GPU hardware is extremely complicated. It took a while to get the 30xx series cards to the point of "boot and show a terminal", so don't hold your breath for Wayland support.

Why do you need hardware acceleration for GUI? Well, technically you don't, but you probably don't want one or two cores being eaten up entirely by rendering your screen. Performance will be terrible, the GUI will stutter like crazy, and if you're on a laptop, your battery will drain fast.

TL;DR: Nvidia + Linux is always iffy, be glad X11 works well for you if you don't use the proprietary driver, because that's far from a given.

skullgiver , 9 hours ago

Nouveau is part of Mesa, which supports DRI/Mesa GBM by design

I'm basing this on the project's website; plenty of references to X11 on there, but nothing on Wayland other than "Speculation: Wayland could solve this. One could write a Wayland Display Server, which takes over all heads of all graphics cards in a computer.".

Of course the driver component has been merged upstream (it's an actually open source effort to bring Nvidia graphics to Linux, after all), but it's more than just the Mesa component.

Worked perfectly while I had nvidia gpu

I can't say the same. Power management seemed off and any attempt to use 3D acceleration ended up pretty sad. If Nouveau worked as great as it did back when you tried it, I don't think Hyprland would recommend users to install the famously mediocre proprietary driver. Of course, your experience will differ from card to card; I'm happy to hear not everyone has been plagued by the issues I was.

Isn’t it their GPL shim?

No, this is their open driver. Their GPL shim isn't on Github, though it's packaged with their proprietary drivers. The open source driver still loads a huge binary blob like many Linux drivers, but this is the entire kernel driver for modern cards.

Nvidia being Nvidia, the driver isn't upstreamed. Instead, contributions go through Nvidia's closed source devs first (probably to keep their code compatible with the closed source Windows driver) before ending up in the open driver again.

Nouveau says around Maxwell

Sounds about right, though the move didn't happen all at once I think. All I know is that I have Pascal and the open source driver doesn't work for my generation and earlier, but just about every card after Pascal seems to be covered.

skullgiver , 1 day ago

I use BTRFS on my Steam Deck's slow SD card because the built-in compression makes loading games faster. Which FS performs best depends on your requirements.

skullgiver , 1 day ago

It should be noted that you can (and should) turn this off for certain workloads. I've deduplicated VM images in the past and that sure saves a lot of space, but write performance drops when you try to run the old images because suddenly every little write is (partially) duplicating data. The same will be true for other CoW copied that you do random writes to.

It's fine for almost all consumer tasks, of course, and it can save a lot of space at negligable performance cost.

skullgiver , 2 days ago

Kernel 3.1.0 is over 12 years old, you should update to Debian 12 and verify that Linux 6.1's cat-resistant features work

skullgiver , 2 days ago

Based on this code I stole:

::: spoiler CatLock.py

import cv2  
import os
import time

# Put https://raw.githubusercontent.com/opencv/opencv/master/data/haarcascades/haarcascade_frontalcatface.xml in the script's working directory
face_cascade = cv2.CascadeClassifier('haarcascade_frontalcatface.xml')  
cap = cv2.VideoCapture(0)

while 1:
    ret, img = cap.read()  
    gray = cv2.cvtColor(img, cv2.COLOR_BGR2GRAY)  
    faces = face_cascade.detectMultiScale(gray, 1.3, 5)  

    if len(faces) > 0:
        # replace the command below to match your DE's lock command
        # this is for X11 Gnome
        os.popen('gnome-screensaver-command --lock')
    time.sleep(100) # wait 100ms not to overload the CPU

:::

Requires the opencv package (sudo apt install python3-opencv or pip install opencv-python)

skullgiver , 2 days ago

Server side anti cheat can't distinguish good players from aimbots. There are plenty of cheats that are clear bugs (like the dual wielding issue) but there will always be client side tricks that ruin games. You can prevent some of it by exchanging minimal data, but that will cause problems like "you got shot by a player that your computer doesn't even know about". It also requires simulating a range of permissible player movements on the server for every single player, which would ruin server performance compared to an efficient server that just relays data and enforces basic correctness.

I'm no fan of the spyware that comes with modern games, but it's the only way to prevent cheaters ruining everybody else's games. Cheaters ruined online gaming and I'm not sure it we can ever to back.

However, I would like games to come with servers again so you can play games on your own terms (with anticheat disabled if necessary), but for online matchmaking I don't think we can go without spyware anymore. Let people host their own servers and deal with cheaters their own way, and let the masses who don't want to bother with all that use whatever anticheat you deem fit.

skullgiver , 2 days ago

It can't detect hardware anticheat (i.e. a hacked keyboard + mouse + a camera + computer vision) but anticheat sure beats a lot of cheats that used to be rampant back in the day. There's a reason cheat developers sell good working cheats for top dollar, cheating is not as easy as it used to be.

If you don't like the software, don't buy it, or refund it. Pirate it if you still want to play the game. Anticheat serves a real purpose that many (I would even say most) players are perfectly okay with for the benefits it brings.

skullgiver , 2 days ago

I think unleashing AI on it will just cause bans for exceedingly good players or exceedingly terrible players. It'll probably also pick up on network behaviour, so people using the same ISPs as cheaters can get banned.

Some games do employ new tactics. For example, when the game suspects you're cheating, it'll spawn fake opponents only you can see and check if you try to interact with them. This will defeat most wallhacks and maybe even a few aimbots.

I don't think client side anticheat is the reason games stopped coming with server code. There's a lot of money to be made selling weapon skins and lootcrates, and those investments disappear when you allow people to play games on their own. It's awful, but unless we can convince players to stop buying this cruft, games companies won't change their tune.

skullgiver , 2 days ago

I don't really consider Minecraft to be a game that cares much about cheaters. I don't even get why you would cheat at Minecraft, there aren't any rankings or anything and you can just set up your own server with every console command imaginable.

Many games servers are written with a simple goal in mind: allow as many players as possible to play as long as possible for the lowest cost. This is especially true for first-person shooters and other timing-critical games. Constantly mapping out the possible moves for a player is quite CPU intensive when you're trying to run servers for a million concurrent players and you need to deal with the packet processing overhead to boot.

You can do some server-side cheater detection based on modelling by taking a random player sample and analysing their behaviour post-match, but you can only record so many matches before that starts to add up.

As for piracy: we now have maybe two people in the world who can crack Denuvo games, and one of them has severe mental illness so working with her to share knowledge and skills isn't very likely. Games do get cracked, but it takes a very long time, or it doesn't happen at all when games aren't very popular, or it happens because developers remove Denuvo after they've made enough profits that they can ship the DRM removal as a magical "add 10fps" patch. I don't even know of any popular online games that you can still play with cracked versions on PC. Denuvo and basic always-online DRM have beaten most of the piracy scene, it seems.

skullgiver , 2 days ago

That's ridiculous. The server can definitely detect those. Valve should 100% fix their server code on this one.

That doesn't necessarily mean client side anticheat isn't necessary, though. You need a balance of both if you intend to have any kind of ranking or (professional) competition among all players.

skullgiver , 3 days ago

I believe the left wing is on the water, facing the camera, giving the goslings a platform to stand on. It looks like the side of the right wing is visible on top, folded like normal. I believe the mother goose is preening, which would explain the awkward position of her neck.

skullgiver , 3 days ago (edited 3 days ago)

Edit: Beeper Mini is a new thing, apparently. Never mind.

skullgiver , 3 days ago

You're right, I see they reverse engineered iMessage (sort of). I confused Beeper Mini for Beeper, the encryption of which is often misstated.

I'm not all too confident in using a chat app that relies on reverse engineering Apple's protocol and lying about the device being used (especially since a large portion of it is still done with the help of a centralised Beeper server for APN callbacks). The riskiest part of this approach is that if Beeper does get blocked/banned by Apple, your phone number will still be registered as iMessage capable and you need to remember to unregister your phone number or you will not be able to receive any (SMS) text messages from iOS users.

skullgiver , 3 days ago

If the diagrams in their explainer are correct, their servers are only involved to forward Apple's push messages to your phone through Firebase. That means Beeper knows when you're receiving messages and how often, but nothing more than that; the phone syncs up with Apple's servers.

I can't find the source code so I can't say much about the encryption code this app uses, but assuming they implemented the encryption well, security should be solid. However, the blog post explaining their architecture does link to another blog post that seems to have kicked off this project that says the most commonly documented format is the outdated encryption system without forward secrecy. I can't find whether Beeper implemented the newer pair-ec encryption or not.

There is the risk that Apple bans you for breaking the ToS by using this service, of course, and it's possible Beeper's servers get blocked, the company gets served by a cease and desist. If Beeper does go down, the app will stop working well, and you'll need to unregister your phone number with Apple or your iOS friends won't be able to text you until that registration auto-expires.

skullgiver , 3 days ago

I don't think they'll open iMessage to be honest. They are working on implementing RCS, though, and they have indicated that they were going to ask the standards body governing RCS for an official E2EE system (rather than relying on Google's current, proprietary implementation based on open protocols).

I expect their third party integrations to go through RCS unless they are ordered by a court to open the original protocol.

skullgiver , 3 days ago

Manjaro works fine. I like their themes.

They've made mistakes in the past that made the project look amateurish. At some point their package manager had a bug that caused some unnecessary load on the AUR servers, and the main website has had its TLS certificates expire a few times (which shouldn't happen but doesn't matter most of the time either).

I think everyone who decided to worship Manjaro had decided to worship EndeavourOS these days. Both of them are fine. Use what works for you. It's relatively easy to change a Manjaro install into an Arch or Endeavour install down the line should you need to (the other way is also possible, but can cause issues with replacing packages with older versions of themselves).

It's not like moving from Debian to SUSE where you need to find and match all the package names, do a clean install, reinstall the old packages and restore the data: you can simply change the pacman settings, run a scary command that'll redownload and reinstall every package on the system, and suddenly you're on another Arch fork.

As for the polish: KDE is available on many distributions and the modifications Manjaro made are relatively minor. Any recent Linux distro will have a similar polish and feel to it if you also pick KDE.

skullgiver , 5 days ago

They’re talking about the notification history. Some brands have put it in the settings.

No need to read the AI-generated fluff around the screenshots now.

skullgiver , 5 days ago

I first knew him for his role as a raving lunatic, and then I saw him appear as a creep unable to deal with reality without retreating into fantasy.

“I’m a professional actor who’s been avoiding a sex change my whole life, just as most of you have,” Schultz said on Tuesday’s broadcast while filling in for Michael Savage.

“Sometimes when I listen to this administration and I look carefully at the people who have been appointed, I don’t wonder whether or not someday they’re going to be knocking on the door saying, ‘You know, it’s time for your sex change. You got it. It’s in your health care bill. It’s going to make things a lot easier. I promise.’”

“No sex change for me. I don’t care how popular it becomes,” he added.

Sounds like he took those roles to heart. How unfortunate. What drives people to say things like these? Is he in denial, like many of those gay-hating priests? Is he just making up bullshit to get relevance?

skullgiver , 6 days ago

You could try something like:

$HOME/.config/systemd/user/clean-user-cache.service[Unit] Description=Clear cache After=network.target [Service] Type=oneshot ExecStart=/usr/bin/rm -r %h/.cache/* %h/.cache/.* [Install] WantedBy=default.target

$HOME/.config/systemd/user/clean-user-cache.timer[Unit] Description=Clear user’s cache every month [Timer] # Runs on midnight on the first day of the month OnCalendar=monthly # Wait a random time between 0 and 10 minutes before invocation. This prevents your FS getting hammered if you deploy this script for multiple users that all log on after a reboot. RandomizedDelaySec=10min # Enable persistence to run the command even if the machine wasn’t on at the time the timer was supposed to trigger Persistent=true

To enable the monthly timer:$ systemctl --user daemon-reload``$ systemctl --user enable clean-user-cache.timer

To clean the cache once, right now:$ systemctl --user start clean-user-cache.service

To see the output of the service (and past executions, if they happened recently):$ journalctl --user -u clean-user-cache.service

This relies on a systemd user service (better not do rms as root, just in case) so you need to log in for it to work. You could also use a system service with User= and Group= in case you’re removing the cache on a server you rarely ever log into.

skullgiver , 6 days ago

Video game age ratings and maybe movie age ratings come to mind. Of course they only implemented decent ratings because companies knew damn well that several governments around the world were about to enforce much stricter requirements if they didn’t get their stuff in order.

Giving a new industry a chance to self-regulate can work, but only if you intend to lay down strict regulation if they can’t get their shit together.

skullgiver , 6 days ago

TV and movies seem to have been codified into law more often. I think this makes sense, given the nationalised status TV has had for the first few decades in many countries.

The European PEGI and American ESRB are the result of the industry coming together. The ESRB may not have the same legal status PEGI has, but it’s still the result of industry regulating itself.

Similarly, the German USK rating video games has also been formed by the industry itself. Japan’s CESO has similar origins.

PEGI ratings are done by the NICAM (which also does TV and movie ratings in the Netherlands) but that this institute is largely made up of companies and organisations that sell or produce media, as well as a bunch of more independent and (semi) government bodies.

Even if your country may have nationalised the rating system, many others haven’t, and I think the rating system in those countries prove that industries can, in specific circumstances, regulate themselves. All they needed was the fear of entire industries being banned all together!

skullgiver , 8 days ago

The spinning thing is the best you can hope for, but some phones just don’t have good compasses. Sometimes calibrating the compass and then using GPS to get the right heading will fix a phone’s sense of direction for a while, but if the phone keeps losing north, it’s possible you’ll need to recalibrate constantly.

Note that these sensors are affected by nearby magnetic metals, so if you have a metal phone case of some kind, or if you attach it to a metal steering handle, you may be messing up the readings that way. Electromagnetic fields (of, say, a high current wire) can also induce errors, though I’m not sure how you would accomplish such a field while using your phone for navigation.

skullgiver , 16 days ago

The Arch wiki is great, but Arch is a terrible platform for newbies, unless they go into Linux with the intent to do a deep dive into the structure behind a Linux OS.

skullgiver , 16 days ago

Java package names are supposed to be inverse domains (google.com turns into com.google), so it’s a bit strange that slickapp.co doesn’t use co.slickapp, unless they also own com.slickapp.

Of course there’s no real enforcement here, you could just name your package my.roommate.steve.is.kind.of.a.dick if you wanted to.

skullgiver , 17 days ago

I assume you’re referring to this tidbit:

Stronger LUKS2 encryption when chosen systemd-boot

When LUKS encryption with systemd-boot is chosen, the system will be installed with a stronger LUKS2 encryption using argon2id.

You can upgrade the PKDF if you want. There’s a guide in this article which assumes some preexisting technical knowledge. The commands should be simple enough, but you need to replace /dev/whatever with the path of your encrypted partition (like /dev/sda2, /dev/nvme0p2). You can find this path in the GUI disk management tool your desktop environment probably came with.

If you use systemd-boot and follow that guide, you should be able to upgrade your security without any issue. However, it’s essential to ensure that 1) you are indeed using systemd-boot, as older bootloaders like Grub don’t support all recent key derivation functions, and 2) that your systemd-boot is up to date (just install updates through the normal means your distro provides to accomplish this).

If you follow the guide, you will end up with a backup of the LUKS header which will allow you to restore the old key setup if something breaks. Be careful with that backup, because if someone with bad intentions finds it, it’ll basically undo the hard work you did to upgrade LUKS.

I’m not entirely sure how critical this upgrade is, based on the fact there’s only one scarcely reported incident where the encryption was supposedly broken. There’s no reason why you shouldn’t want the best security you can get, but it’s not like there’s a commonly known secret trick to bypass your computer’s encryption; if it exists at all, it’s hidden very well by law enforcement agencies.

As for the password question: yes, you can change the password. You can even use multiple passwords to unlock the same drive, or use password files in automated setups that are much stronger than simple passwords.

Changing the password may be as simple as opening the disk management tool and right clicking the encrypted partition, depending on what desktop environment you chose to install. EndeavourOS very much prefers customisation over standardisation so I can’t tell you what tools you have installed on your system, but common desktop environments like Gnome will have advanced disk management tools that will allow you to change the password without any command line knowledge.

skullgiver , 16 days ago

EndeavourOS switched their key derivation function to argon2id, which Grub doesn’t support yet. LUKS2 will work fine, but only with the older PBKDFs, not the one that Endeavour switched to as of a few days ago.

If OP wants to upgrade their encryption to argon2id to match a fresh Endeavour install, they won’t be able to do it with Grub. That said if they’re using Grub right now, nothing would’ve changed in terms of security whether they installed last week or today because the Endeavour change only affects systemd-boot installs.

skullgiver , 17 days ago

Ubuntu comes with various drivers, kernel patches, and configuration options that other distros lack or have their own replacement for. It also comes with a different kernel version (6.5 for 23.10) compared to other Linux distros out there.

I can’t tell you if these changes affect performance much, but there may be big performance differences between distros for specific workloads. Running the same tests on Arch or OpenSuse may produce different results, you can’t assume all Linux performs the same.

skullgiver , 18 days ago

There’s a wide variety of ways in which Microsoft adds more and more annoying shit to Windows, but this isn’t one of them. It’s a harmless, helpful reminder.

I got the message in Windows once or twice. It was easily dismissed. I got the message every time I booted Linux for a while.

I don’t even mind something like this. File systems slow down when they get filled and hard drives are especially hard to get decent performance out of when you fill them up more than a certain percentage. Yes, even on Linux fragmentation exists, and no, there is no automatic defragmenting nor is there any GUI you can click to fix fragmentation once you’ve cleared up space.

With how much ammo Microsoft gives Linux fans, I’m baffled by someone getting upset by a “your disk is nearly full” warning that any usable OS will send you.

skullgiver , 18 days ago

Honestly, that doesn’t even sound that difficult to run on Linux.

It’s usually the purpose-built hardware that messes up Linux support (i.e. controlling RGB keyboards, Stream Decks, that sort of thing), a DIY setup like yours shouldn’t be that hard to port.

Then again, if you’re happy with Windows, stick with it. There’s not that much difference between maintaining a collection of hacks and registry settings to turn off Windows’ bullshit compared to installing Linux, this is a pick-your-battles thing.

skullgiver , 20 days ago

If it’s decrypted in the middle, it’s not end to end encrypted. I guess you could invent a term like end to end to end encrypted for a trusted middle server, but Matrix bridges do drop the security E2EE provides. Now you’re back to “all of my messages can be stolen if a server gets hacked” again, which real E2EE should prevent.

If MLS and MIMI make it to chat messengers, we could see real E2EE across chat services. Until every service speaks the same protocol, we simply won’t have cross service E2EE.

skullgiver , 19 days ago

The WhatsApp bridge has access to the messages it has sent over Matrix, at least in the standard bridge setup. Plus, a hacked server can leak the messages in real time (the most common WhatsApp bridge even logs the messages it forwards to the server log by default).

The Matrix (Beeper) server stores the messages even if the bridge doesn’t. Plus, the bridge has a valid authentication token for the app on your phone, so it can pull down your entire chat history straight from your device if it wants to.

Beeper’s security is done about as well as you can with a bridge setup, but there are certain risks that can’t be mitigated given the limitations of the bridging system.

skullgiver , 20 days ago

It helps a lot that many of the core people working on the most common X implementation were the ones who started work on Wayland in the first place. The most experienced X maintainers decided to go “fuck this, we can’t fix the shitty protocol, we should just build something new”.

Most people who have issues with Wayland don’t contribute to these projects, they just use the free software given to them. They won’t fork X nor will they fork any X desktop environment when Gnome or KDE will eventually go Wayland-first.

I imagine some big companies may end up paying IBM/Redhat to maintain a fork of one particular X11 desktop environment, but almost every core developer in the Linux low-level GUI world is working on Wayland.

That said, there are still features that Linux sorely misses that haven’t made it into Wayland yet. The list gets smaller every month, but current Wayland platforms aren’t feature complete just yet. Plus, someone needs to update all those old applications to use the new API (i.e. for taking screenshots or registering global shortcut keys).

skullgiver , 22 days ago

SMS uses servers, those servers just happen to be your telco’s servers. RCS was designed to work the same way, exchanging messages via servers hosted by carriers.

Nobody cared about RCS so Google took it upon themselves to host their own RCS server. Now most people who use RCS, use Google’s servers.

Assuming spec compliancy, anyone can make an app that communicates with a carrier’s servers, or with Google’s servers for that matter. In practice, the standard is obscure and the lack of system integration will have RCS apps fighting over who gets to do the RCS registration for your phone number.

Custom ROMs and such will probably get RCS support outside of Google Messages at some point in the future, and perhaps rooted phones will be able to use those same apps as well when that eventually happens. However, as it stands, RCS on Android would allow you to use one single app for rich messaging, and all other apps (including the Android system APIs) would have to fall back to SMS.

Furthermore, the RCS Google supports actually uses an E2EE scheme that isn’t publicly documented. That means your custom RCS app will likely need to reverse engineer Google’s encryption code (I believe it’s based on Signal for one on one, and MLS for groups?) or you won’t be able to read half of the messages.

skullgiver , 22 days ago

Pay special attention to the Universal Profile. That’s the core spec everyone agreed on a few years ago, the one used for basic texting.

You know what isn’t in there? Encryption. Google will need to either disable encryption in chats with Apple users, or Apple users won’t be able to join encrypted groups.

Is this better than using SMS? Obviously yes. Is this going to fix the iMessage problem? Only if you don’t care about privacy.

I personally don’t ever chat via SMS or RCS so I don’t really care either way, but unless Google opens up and documents its encryption, the user experience will still degrade when talking to iOS people.

skullgiver , 22 days ago

SMS very much needs servers. SMS messages go from your device to the SMSC which will store the message and try to transmit it to your phone in case your phone isn’t on or connected. In theory you could set up direct SMS messaging, but in practice there’s a layer of indirection because messages would get lost.

Since SMS can’t do anything but text, MMS is required to send images and videos, and those too travel through an MMSC so messages are available when your phone is offline (or if it doesn’t support MMS, which was something MMS had to be designed for). MMS can’t work directly between clients, it had to go through a server.

Like everything designed for carriers, MMS is a mess of moving parts and optional services that only a committee could’ve designed:

https://upload.wikimedia.org/wikipedia/commons/6/6b/MMSCNA.png

SMSCs and MMSCs may not be available over the internet, but they are very much a client-server architecture. The store-and-forward server approach is also what Signal and supposedly WhatsApp use.

skullgiver , 21 days ago

It’s been three months and there is no documentation about what messages use Signal, what messages use MLS, the specifics of the encoding (I’m guessing the base64 blob is just raw Signal/MLS, but who knows?), and I can’t find much information about Google’s key servers.

They’ve documented the encryption primitives they use for Signal-style messaging, but that documentation uses phrases like “The RCS file transfer XML is extended to include this encrypted payload”. Extended in what way? Where’s the schema? Are they using the same mechanisms in MLS?

They haven’t closed off their implementation like iMessage has, but they also haven’t done much to allow external integration. Building a compatible client will still involve reverse engineering the Google Messages app with packet traces/eBPF captures and interpreting the XML and their binary schemas (and hopefully not get the details wrong).

Meanwhile, Apple has promised to support the Universal Profile. We have no promises of E2EE support at the moment. Even if Apple could easily get the necessary documentation from Google, who’s to say they will? If they don’t, they can label any group text “insecure” when RCS gets involved, which should help push people back into Apple’s walled garden.

skullgiver , 21 days ago

The Signal protocol and MLS are useless without access to the key servers.

WhatsApp is also basically Signal’s protocol, but writing your own WhatsApp client is still very difficult. Without a documented implementation, you’ll still be reverse engineering Google’s solution if you want to inter-operate. Apple will easily be able to get the necessary documentation from Google, but right now that openness is vague and noncommittal.

Google said they were moving MLS into Android’s code, but every article says Google “announces” or “claims” or “promises”. When it comes to the actual source code, there’s nothing public out there right now.

skullgiver , 21 days ago

Do you have a link to those standards? All I could find was a high-level overview of “this is how the Signal based crypto is used in Messages” from a year and a half ago. It mentions extending the XML scheme used in RCS, but doesn’t provide a schema or any other details.

Google Messages and WhatsApp are both based on documented, secure protocols, and neither can be particularly trusted because both are run by data-hungry ad companies. I trust both companies to make the right choice in giving customers this little bit of privacy so they don’t leave the platform entirely, but they’re both equally iffy.

Hopefully with MIMI we will see complete cross-messenger compatibility, so open source messengers can be used for all communication.

skullgiver , 21 days ago

I knew where to find these, but where are the details on Google’s implementation of them? Because that’s what’s most important here.

skullgiver , 22 days ago

Looks like a proprietary binary format. There’s an open tool to turn .bkn files (apparently also something that WinUV shits out) into text files, but I can’t find anything for .mcn files.

Based on the path in the file, the software seems to have been designed for Windows XP or earlier. There’s a good chance Wine will be able to run the software that reads these files so you can export them into CSV or some other usable format.

skullgiver , 22 days ago

In that case, try exporting the data in CSV form (or some other common format). I don’t think there’s anything to read this particular proprietary format.

skullgiver , 23 days ago

I can see why you would interpret it that way, and maybe my interpretation is wrong. Either way, you can just try whatever and continue.

If you want to skip most of these on iOS/macOS, you can use Safari which has Privacy Pass built in. I think the Privacy Pass addon is no longer supported, so for other platforms we’ll have to suffer through these vague questions until something else (and probably worse) is implemented cross-browser.