Exactly. It’ll be a 3-day workweek, and you’ll only get paid for three days of work. They’re not gonna give us the same wages for less work.

Hmm, maybe I need to upgrade my Tuta subscription. Seems like they might deserve it.

Not just potential for misuse. The people in charge of Palantir are the exact sort of people you don’t want having access to any kind of data, because they will find a way to weaponize it, monetize it, or both; consequences or laws be damned. They’re run not just by billionaires, not just by transhumanists, but by technofacist accelerationists.

The fall of Palantir cannot come too soon.

Jesus H Christmas, that’s depressing

At that point where it matters, I feel like I should be buying the music from the artist, not streaming. My latest favorite band, Mad Routine, gives you the WAV masters when you buy their albums, and they are meticulous about sound; those lossless tracks actually sound better, even with Bluetooth.

However, I think few bands are actually putting in the effort to have beautifully crafted lossless tracks. Also, I have no way of knowing if Spotify is merely increasing the bitrate but using the same lossy source file, which is what I suspect is probably the case. After all, why share valuable goods when you could pretend and throw out a few buzzwords, instead?

I think the analogy is apt. If you post a price on goods, and somebody walks into a store, picks up the item, and walks out without paying, they can’t simply say, “Well, I didn’t care to read the price, and nobody presented me with a contract, so I just took it,” as a valid defense. There’s sometimes an explicit agreement upon terms, sure, but there are times where that agreement is implicit: they put a price on a thing, I pay it, else it’s stealing. I don’t need to sign a contract every time I get groceries.

I do, however, agree that this will only have teeth once it’s argued and upheld in court the first (few) time(s). If nothing else, it’s good to see people trying to solve the problem, rather than just throwing up their hands and letting billionaires run amok with virtual impunity. Maybe this won’t work to reign in AI tech bros, but maybe it will inspire the things that do.

Eh, I think I’ll just rewatch episodes of Bluey instead.

If a database exists, it can be hacked and exfiltrated. With attacks ramping up on states and municipalities, which are often behind on security updates, they also don’t give their 70yo clerical staff proper infosec training to avoid social engineering techniques, nor do they pay them enough to care.

I would look to recent reports of attacks on local governments, rather than studies. Politicians aren’t exactly skilled at understanding studies, but exciting news headlines might be enough to grab their attention. [email protected] might be a good place to start!

Not with that attitude! /j

Barf. I try hard not to think about it, since it’s shoved in our faces at every turn, but you’re absolutely right that our data is going to these AI corpos.

Hot take: buy your music instead—direct from the artist whenever possible, or start building your collection from whatever you can find at a thrift store.

…the websites that host stuff and do it free and efficiently.

It’s never free. The instance you’re using isn’t free; it’s paid for by donations. ISPs and server hosts don’t just give bandwidth out of charity or for the public good. One way or another, these for-profit companies are getting their pound of flesh, typically by selling targeted ad space.

The fact that these companies are adding chat features means they’re now going to try mining conversations for additional consumer profile data points, which they can then sell to advertisers.

This new change is gross, and I hope nobody uses it.

…For dinner? …In prison? …Take a one-way trip to Mars?

If so, then I agree.

Those worked pretty well by the end, tbh

I just bought a cassette for my favorite band, Mad Routine. I don’t intend to use it, because it’s a special item with a limited run, but I would if I had a spare and a cassette player.

The next level is getting one of those radio tuners, a discman, and explaining to your friends that you use the discman, because the car CD player is broken.

So the acronym is now AMAMA!

Yep, and I think there’s a third option that I can’t recall at the moment (not Matrix), but no matter what, there’s alternatives that work and could be made to fit people’s chat needs.

Hi, what about gnu linux xz utils backoor scenario?

This was caught by the community thanks to it being FOSS, and it was somewhat distinct from the scenario we’re talking about here, since the repository was wholly taken over by a bad actor who tricked the original (burnt out) maintainer to hand over the repo.

Could a bad actor get their claws in and take over the repo? Possibly, but given the fact that it’s maintained by a foundation with lots of devs and not just one thankless hobbyist, that likelihood is probably small.

Also is there any regular auditing of signal by third party auditing company?

Regular? I don’t know. They have been audited, iirc, and they have received numerous legal requests to turn over data to courts, to which they’ve been able to reply “what data?” Bear in mind that they would almost certainly not do this if it meant jeopardizing their entire business. No business is going to go to jail for us, after all.

You do what you feel is appropriate for your threat model, but as far as general threats to privacy or Signal’s existence go, I’m not currently concerned about their future.

Signal Foundation is a nonprofit in California, and they are the ones that operate the relays and maintain the FOSS app. Since they’re a regular 501©3 and not a religious org, you can look into how their money is spent (to see if it’s going to any suspicious recipients) and whether they’re getting suspiciously large sums of money.

On top of that, they don’t have access to the communication data itself. It’s all E2EE, and the app being FOSS means you can inspect how that data is encrypted and sent (and even build your own from source, if you’re paranoid). Even if they’re unknowingly hiring covert bad actors, it’s unlikely their activities would stay hidden for long.

So while it’s certainly a concern that it’s still centralized messaging, it’s probably one of the best options due to the easy access for most people. Other than a billionaire buyout or government laws that force backdoors into encryption, the only real existential threat they currently face is operation costs. They were fortunate to have wealthy philanthropists in the beginning, but if they have an explosion in users (unlikely), it might bring the organization to its knees.

I don’t find your particular scenario to be worrisome. And if it turns out that it’s compromised in the future, there’s other good apps out there, like SimpleX.