I have read the spec, used the service and also implemented my own clients before, that is why I'm so confused by what you're saying, because this has not been my experience at all. If a user joins a channel, whether they are an admin or not, whether it is encrypted or not, then unless the channel is explicitly setup to only allow verified users to talk (not the default), my understanding is there is nothing preventing that new user from seeing all new messages in the chat.
I don't understand. How would the sender prevent messages from going to the admin user that joined the room? It sounds like you're implying new users simply can't join a room? That makes no sense to me... I've certainly never experienced that. I see new users join encrypted rooms all the time and they can talk just fine... so what's the deal? And isn't verification off by default?
End-to-end encryption ensures that only the intended endpoints can read the messages
But who/what gets to decide who the intended recipients are? Can't the homeserver admin just join the channel and then the other members would exchange keys automatically and now they can see what people say?
In an encrypted room even with fully verified members, a compromised or hostile home server can still take over the room by impersonating an admin. That admin (or even a newly minted user) can then send events or listen on the conversations.
Perhaps we have a different definition of "impersonate"... not everyone will pay attention to unverified warnings, and afaik they can still communicate with people (just maybe not read old messages)... but I would love to be proven wrong.
last time I checked, blind users could not even install any mainstream distro anymore, because they all switched to wayland, and that broke screen readers in the installer.
Unfortunately I have found it to be one of the highest concentrations of higher-IQ discussions on the Internet wrt broad ranges of topics, at least historically.
Very misleading writing style IMO. I would say most of their bullet points ARE actually true in most cases... they just keep bringing up somewhat rare/exotic exceptions as a way to call it a "falsehood".
Even if Section 230 didn't require providers to terminate the user's service, providers further upstream could technically punish that ISP for breaking their own ToS depending on what it is.
People like Liz Fong-Jones and Keffals have successfully lobbied multiple Tier 1 ISPs to blackhole websites that have posted information about them that they didn't like based on this fact, behavior which the EFF has specifically called out as a threat to the free and open Internet. Even the CEO of Cloudflare has openly admitted to being personally involved in blocking sites without a really good reason.
Thanks. You're not wrong, and I appreciate the well-written response. Some might say you are defending/advocating proprietary software with this stance, but I don't think there is a clear answer either way that applies to every circumstance.
This article is about the app, which does not run the model locally. Why would you doubt that a Chinese app which openly claims they send your data to China, actually does so?
You mean the coward who sent fundraising messages while hiding inside the Capitol on Jan 6?