XMPP is not a private protocol either. In a lot of cases data is not E2EE, there is no reference clients and there's a mess of standards that very few if any clients fully implement.
Probably another point is that the encryption for Matrix/Element has undergone multiple audits, one in 2016 and another one of their newer rust library. Whereas telegram just has not. There was this also a not too long ago. MTProto is also used nowhere else, whereas a lot of encryption has been influenced by the Double Ratchet which is well understood.
The other thing worth noting is that Matrix is the foundation for other products which many governments use for secure communications.
Even Windows or Chrome OS, provides quite a bit of "control" it's just that a lot of it is "opt out". Google does, for example record what YouTube videos you look at against a logged in account by default. Windows does have targeted advertising enabled by default.
I think privacy is really more about what you do on such platforms. If you use products (sites) that clearly have bad policies in regard to privacy then no OS is going to provide really all that much improvement.
Generally we'd say no, not really, and certainly not with the highest security.
The whole point of a security key is that it is supposed to be impossible to extract the key material, that simply isn't going to be the case for a DIY solution. They have shields, and light sensors to prevent decapping/forensic inspection.
Stopped reading at “storing my passwords on a db”. Even if you encrypt the data, is it not just plain better to use a generative algorithm for passwords instead that needs no cloud?
There are quite a few reasons why we don't recommend deterministic password managers and I have been meaning to write an article about it. There is a summary and further discussion in that thread.
Keep in mind LocalCDN will make your fingerprint more unique. HTTPS Everywhere is unmaintained and no longer needed.... and you certainly don't need Decentraleyes, thats a duplicate of LocalCDN and is also unmaintained.
If you're going to use Arch use Arch. It is incredibly dangerous to be blindly trusting things in AUR, when they can be contributed by anyone.
However, it then goes on to say that only moderate or advanced users should use Arch
Yes because there is less QA, there is nobody testing those things before they are released to you. It also requires you to make a lot of selections which unless you know what components to choose (I also use Arch) would be not great for a newbie user.
I find this funny as many corporate servers use Debian, and I don’t really see any huge security issues since the 90’s waving red flags of warnings and issues.
A lot of them are Ubuntu these days, or Centos. In a corporate environment you tend to be running a lot of containerized workloads because you want redundancy, and high availability.
By following this guide, it really leaves no option for beginner linux enthusiasts. I (we) recommend not folloing this guide as it reads like privacy paranoia propaganda piece.
TLDR being there is no reason to look beyond Fedora or Ubuntu for a newbie user. That is the point that it makes. These other obscure distributions don't provide anything that you need.
100% this, and it's why I still used old.reddit.com, because the new reddit site is just awful.
What I will say is there is less "noise" on our lemmy/discussion forums, and distinctly higher quality posts. This is something we'd like to encourage long term, particularly when people ask questions already answered quite clearly on our website.
dngray @ dngray @lemmy.one Posts 0Comments 54Joined 2 yr. ago
Closed rooms in session are limited to 100 people iirc. You can have Matrix rooms with any number of users.