@BrodieOnLinux @qdot I find this to be the worst way to decide a #TechStack.

• If #IT was developed and maintained that way, we'd not have #Linux or even #Windows, most likely not even #CPM & #UNIX because "everyone uses punchcards and tubes, so stop complaining!"...

#NetworkEffects are #toxic when it comes to #SaaS and #proprietary shite, regardless if the bad guys are #discord, #Autodesk, #Adobe, #Apple or #Microsoft for that matter. (Don't even get me started on #SAP & #Oracle!)…

• I just don't vibe with that appeal and would rather #SelfHost than compromise. If that makes me an outlyer then I'm happy to pay that price!

https://infosec.space/@kkarhan/114623174796828016

@dgar Love the variety of synonyms for "died"

Lessons to be learned -
• Boycott #proprietary software - use #FreedomRespecting software (a.k.a. #Libre / #OpenSource / #FreeSoftware) which is free of corporate control, and
• Boycott #centralized services - use #federated services so you aren't locked into one service.

#XMPP is still around, and thriving.
https://contrapunctus.codeberg.page/the-quick-and-easy-guide-to-xmpp.html

@debby #Mumble, #IRC, #XMPP (+OMEMO = @gajim / #monoclesChat) & #Linphone (#SIP / #VoIP) are the better options. #NextcloudTalk also exist and @monocles as well as @Stuxhost offer that.

• #Signal and #Session are #proprietary, #centralized, #SingleVendor & #SingleProvider solutions!

• And #Matrix is just a shittier #XMPP+#OMEMO. Give @delta / #DeltaChat a try instead.

OfC #JitsiMeet and #WebCall are also great!

https://webcall.timur.mobi

@signalapp As a supporter of #Signal, it is important to point out a key detail: Signal's own code is #OpenSource, but Signal uses multiple #proprietary libraries from #Google. Those cannot be scrutinized since the source code is not open. We believe Signal should offer an actual open source version, and are ready to help. This exists already in the fork https://fosstodon.org/@MollyIM Also, apps like #Element #Threema #Wire are #FOSS, and have #ReproducibleBuilds on @fdroidorg #FDroid

…while many of the #NLRB's records are eventually made public, the NxGen case management system hosts #proprietary #data from #corporate competitors, personal information about #union members or employees voting to join a union, & #witness testimony in ongoing cases. Access to that data is protected by numerous federal #laws, including the #Privacy Act.

@simendsjo @jackdaniel #XMPP has all those features, and there's a fairly big #Lisp / #Scheme / #CommonLisp channel there - https://xmpp.link/#lisp@conference.a3.pm?join

It might not have everything that #Discord does, but it's vastly better than #IRC. And there's a cost to using #proprietary and #centralized services, which people constantly forget about in chasing convenience and shiny features.

Here's a guide to help you get started.
https://contrapunctus.codeberg.page/the-quick-and-easy-guide-to-xmpp.html

@pixelcode neither are there reproduceable builds nor is #Signal's #backend opensoirce'd nor is it possible to #SelfHost.

• Thus it is #proprietary #SaaS!

Remember - the rest of the #OpenStreetMap #FreeSoftware ecosystem is still on #GitHub. The OSM website, the iD editor, @osmandapp, @vespucci_editor, @everydoor, @osmapp...despite offers to help with the move.

I know the devs to be otherwise very friendly and supportive people, but on this issue we are at an impasse.

Why do they wait to be abused by #proprietary platforms when they could avoid the whole problem from the start?

@signalapp It's not #disinfo when one points out that you demand #PII aka. #PhoneNumbers from Users and that is literally a architectural vulnerability, alongside your #proprietary & #Centralized #Infrastructure.

• #Signal being a #SingleVendor & #SingleProvider #Solution is literally the reason why I consider it #insecure.

Not to mention the lack of @torproject / #Tor support with an #OnionService or the willingness to fulfill #cyberfacist "Embargoes" or shilling a #Shitcoin #Scam named #MobileCoin!

• #KYC is the illicit activity!!!

And don't get me started on the #cyberfacism that is #CloudAct.

• If you were secure, criminals would've used your platform so hard, it would've been shutdown like #EncroChat and #SkyECC.

I may nit have allvthe.evidence yet, but #Signal stenches like #ANØM: #Honeypot-esque!

@signalapp I disagree because your platform is #proprietary, #SingleVendor, #SingleProvider and doesn't allow for #SelfHosting, #SelfCustody of all the Keys and you demand #PII in the form of a #PhoneNumber which can be used.to track users down!

• If #Signal was as secure as claimed, it would've been shut down like #EncroChat, #SkyECC & others...

@ueeu I think crucial parts is looking at it's components, dependencies, size and for apps permissions.

• Also make shure it uses #OpenStandards, because #OpenSource can be just a "smoke grenade" when it's a #centralized, #proprietary, #SingleVendor & #SingleProvider solution.

#ReproduceableBuilds for example are important, so the actually released source code is what people actually get served as basis.

• Both of the latter points are something that @monocles / #monoclesChat does perfectly and that @signalapp completely fails at!

Plus in terms of #security, choose *real #E2EE with #SelfCustody of all the #Keys!

Good luck @weblate ... While @nextcloud talks about FOSS and decentralization, people have been asking them for years about using #Peertube and #Weblate, but it's always crickets and continued exclusive use of #YouTube and #Transifex.

There's virtually never even a response why they exclusively use the closed, #centralized, #proprietary services.

I respect @Karlitschek and @jospoortvliet but the org seems only interested in #FOSS / #Privacy / #decentralization in their own code / marketing.

@lauren no, because @signalapp is subject to #CloudAct (= incompatible with #GDPR & #BDSG if you ever care!) and collects #PII in the firirm of #PhoneNumbers, which are at best pseudonymous but trivial to track and at most means that people inviting others without their consent comitted an illegal disclosure if PII!

• Use real #E2EE with #SelfCustody of all the keys that isn't a #proprietary #SingleVendor & #SingleProvider solution that peddles a #shitcoin #scam!

Give #XMPP+#OMEMO a shot: @monocles / #monocles & @gajim / #gajim.

1 2 3 4 5

@bert_hubert @kiesraad

Zou je de kiesraad ook kunnen adviseren van vrije opensource platforms gebruik te maken, ipv het #proprietary Github? Bijvoorbeeld @Codeberg?