Checklists Are The Thief Of Joy - Dhole Moments
soatok.blog
I have never seen security and privacy comparison tables (henceforth referred to simply as “checklists” for brevity) used for any other purpose but deception. After pondering this obser…

cross-posted from: https://beehaw.org/post/20989376

Where Soatok goes over why checklists are meaningless when trying to figure out if something is private or just for comparisons in general.

  • splendoruranium@infosec.pubEnglish
    6·
    4 days ago

    Users shouldn’t have to care about jurisdiction if the servers cannot ever read their messages in the first place. Any app that fails to meet this requirement should wholesale be disqualified.

    What madness is this? Surely this is not about the servers reading a message, but about the user having or not having legal recourse against a server abusing whatever it is they can read. Metadata is data. Someone somewhere will know how much and when and in which patterns I communicate with who. And how much control I have over what they do with that knowledge simply depends on the jurisdiction. Technical considerations are irrelevant for that 🤷

    • Lime Buzz (fae/she)@beehaw.orgOPEnglish
      31·
      4 days ago

      That’s both fair and not fair. I think Signal shows how to do privacy correctly by having pretty much no metadata to give. Most other messengers cannot say the same.

      But yes, having some kind of legal recourse is important too.