cecilkorik

He’s not the hero we deserve, but he’s the hero we need, or something.

If you aren’t supporting it anymore, then you aren’t allowed to maintain exclusive access to it anymore. When you stop supporting it, then you now need to free the code and let other people run their own servers. That does not cost you money.

If you don’t want to do that, then you have to keep supporting it. It’s that simple. Your right to maintain exclusive access to the source code of the software you are providing to people for money, is contingent upon you keeping the software in an operable state. If you are no longer capable of or no longer want to keep the software in an operable state, then you no longer get to keep the software private. This is not rocket science.

If there are third-party libraries you are not allowed to release by contract, that’s fine don’t release them. Nobody is saying the source code you release has to be fully functional and have an easy-to-use build system, people will figure out ways to disable those functions or replace them with alternatives. Cleaning up that kind of legal mess before hand or not getting into it in the first place would be kind of you to do, and polite, but I don’t expect it from a greedy miserable corporation. Honestly, I wouldn’t even be that bothered if they didn’t have to release source code at all. What I particularly care about is them losing the right to send copyright-takedowns when people try to share ways to make their own fucking game work. That’s the bare minimum acceptable standard required here. If you are not selling the game or supporting the game, then you do not have the right to shut down the people voluntarily doing it for you.

And the private encryption keys they use for DRM and bootloader locking too. I doubt that would go over well, but it needs to fucking happen. It is the only way to truly have right to repair and digital device ownership.

The joke is funny, but the real explanation is that a “near miss” is to distinguish it from a “far miss” or just a “miss” in general, not really applicable to aircraft collisions, but if you were say, aiming at a target or throwing darts at a dartboard, a “near” miss where you were very close but didn’t hit the target, which is substantially different from a “far” miss where you are way off. The “very close but didn’t hit” part then turns into the “near miss” of a collision.

Narrator: “It was more PR.”

I wish we had judged “Don’t create the torment nexus” by its cover.

That’s very wasteful, there’s still an awful lot of them and 9mm rounds emit noxious fumes into the atmosphere. We invented guillotines specifically for this purpose because they’re completely reusable, they are the environmentally friendly choice.

End-to-end encryption is the final boss of false-sense-of-security.

Like, it’s great and all, but it’s not universal perfect privacy the way a lot of people seem to hold it up as if it were. You have to understand what it’s actually defending against, and who might be blocked by that, and more importantly, who won’t be. Because the list of potential adversaries it is actually useful against are becoming narrower and increasingly out-of-date.

Encryption alone prevents the messages being read in transit between you and Signal, and obviously that’s fundamental basic security at this point. Signal being end-to-end encrypted prevents your messages being spied on by Signal, but ironically they’re probably one of the most trustworthy actors in this whole chain, so the fact that it’s protected from them, while commendable, is not particularly valuable security. They were probably not the ones going to spy on you in the first place. They have prevented themselves from being capable of doing so, and that’s good, but if that’s all you’re worried about and you now think your privacy problems are solved, you’re completely missing the point because instead of Signal themselves, you need to be worried about the guy currently standing over your shoulder with his camera filming.

Treat your phone and your Windows computer like they are permanently compromised with a rootkit taking continuous screenshots of everything you do and feeding that to their big tech overlords, because they might as well be.

For that matter, even Linux PCs still have their black box “intel management engine” or similar processor running constantly and potentially watching everything you do, although I don’t believe they actually do that in any reasonable case, we need to understand they have both the capability and the motivation to be, at least in some cases, compromised by adversaries which may include (but are not limited to) tech companies and governments. You can’t even trust your “dumb monitor” unless you’ve audited every chip inside it, you’ll never know if it could be scanning everything on your screen and feeding it back through HDMI/DP back-channels or even through powerline networking. You also don’t know if the same kind of things could be happening on the other side that you’re sending/receiving from. Sure the network trip is protected, but that’s hardly the only place you’re vulnerable to interception.

That probably all sounds paranoid and extreme and improbable, and it is, but the point is end-to-end encryption does nothing to help you against any of that, so don’t make the mistake of assuming you’re 100% safe because it’s end-to-end encrypted. The “end” is not what you think it is and it’s not paranoid to at least understand that and accept the risk with the understanding.

I realize I am probably preaching to the choir here, and most of you probably understand this as well as I do. But I’m also pretty sure a lot of people truly believe it’s more secure against eavesdropping than it actually is and that needs to change. The surveillance state is adapting and expanding rapidly and I fear they’ve started getting ahead of many of us. Beware, and plan carefully in the months and years ahead.