• 0 Posts
  • 9 Comments
Joined 1 year ago
cake
Cake day: July 3rd, 2023

help-circle


  • I’m surprised and happy that SUSE is still doing well. I have fond memories of using SUSE in the enterprise especially around their “perfect guest” campaign for using it in virtualized environments. I thought they had very well-baked integration with large Windows networks—things just worked out of the box that didn’t with RHEL. I’m sure a lot has changed in the last decade but I appreciated their cooperative stance in the enterprise.




  • Surprisingly, I thought the article was a reasonable summary of the actual paper. I think some people might think this was a poke at privacy on Apple, but it really focused on how hard it is to create accessible settings despite the enormous number of options.

    I have found that navigating the menus in Apple iOS is quite a bit easier than on my Android devices. Mac seems more difficult as the settings tend to be inside the individual apps and don’t surface as well through the search.

    The paper hammered home the point that Siri configurations were particularly hard, but they also mention that Siri data is end-to-end encrypted. I thought all those points were fair.

    I do believe settings need to be improved, but I have little faith they will ever be useful for 99% of users who will simply never change anything from the default. At this point I believe any meaningful improvements for the majority of users will come from useful defaults that include E2E encryption on basically all user data. I feel Apple is coming close with iCloud Advanced Data Protection that was introduced last year, but that needs to become a default. Maybe it cannot though—too many users will lose all their data and then the trade off of security to convenience will not be worthwhile.



  • I agree that decrypt/encrypt is bad—it is simply not E2EE. The solution would have to be a better method of public key distribution for ‘federated’ systems.

    While I don’t know anything specific about facebook messenger, E2EE doesn’t necessarily preclude what you suggest. A messaging service could store the entire chat history encrypted without decryption keys. When you get a new client you could restore the entire history in encrypted form onto your device. You would then use a recovery key you would possess to decrypt the message history on your end. At no time would the messaging service have the keys to decrypt. I’m not saying that is what facebook does.