60Hz refresh rate in 2024? This might be a phone you buy for your parents but with other options available out there, it's going to come down to whatever specific niche this phone fills and whether that's enough compared to the competition.

Serious question, because I get a similar "TIL" on my mastodon thread and saw this and had a similar thought - would you prefer to see no "TIL" content posted by bots? I don't have any stake, but they do provide 3 benefits that I personally enjoy, as much as I'd prefer it was "organically" generated content:

1. Some posts are insightful, others I can just ignore/move on.
2. It provides a way to interact with the broader "fediverse" community about certain topics.
3. Helps avoid visiting sites like Reddit by virtue of having less content here and looking elsewhere.

More on topic - here's a pic of the couple, for anyone interested:

I thought you were kidding 🤷

I'm gonna need some evidence before I believe Google isn't analyzing all the data that passes through it unencrypted.

Unlike Telegram, Signal doesn’t allow researchers to make sure that their GitHub code is the same code that is used in the Signal app run on users’ iPhones.

A few things to keep in mind:

1. Apple's build process makes reproducible builds near-impossible.
   • All the effort Telegram went through and it doesn't completely validate the entire build - there are components that are not fully reproducible [0] and as we saw with the recent XZ backdoor, these could potentially be leveraged to hide a backdoor while claiming to be secure - so was anything gained other than "these things are validated but this black box, which could contain malware, was not validated because we can't check them"?
2. Developing Signal is difficult.
   • Signal is developed by a small team and has to prioritize and coordinate efforts to deliver results - look at how long usernames took or even private contact discovery [1] - nearly 3 years (as a preview) after Signal was created.
   • Signal has no built-in telemetry, any issues are not automatically logged and reported. The end user has to manually submit debug logs and provide an adequate description of the issue for the devs to even attempt to understand what the issue is and how to fix it. Telegram may also have this issue in their very limited private chats, but as most chats aren't E2EE, they can already see all your traffic anyways, making things significantly easier in terms of development speed.

Considering the two points above, it's not irrational to come to state the following:

1. Signal has been prioritizing a fully end-to-end encrypted (E2EE) platform that shares zero data with anyone but the intended recipient and this decision has slowed down their development speed. Non-E2EE chat solutions have existed for decades and can iterate and progress significantly faster as they don't have to work on difficult privacy/security/encryption related issues.
2. Telegram has not been prioritizing a fully E2EE platform and by default do collect most of their user's data. This makes it much easier to develop Telegram and is why E2EE group messages don't even exist on the platform - the Telegram devs have spent more time talking about privacy and security than actually implementing it

Given the two statements above, assuming both projects need to balance resource constraints, it's safe to conclude, :

• Signal has spent zero effort working on reproducible builds on iOS because its impossible to completely reproduce a build and would take development resources working on enhancing the platform for minimal gains, as Telegram has proven [0]. Signal has instead placed their efforts on reproducible builds on a platform where it is possible [2].
• Telegram, instead of working towards implementing security and privacy by default, have decided to work on security theater by working on reproducible builds for iOS that are not even completely reproducible.

Signal refused to add reproducible builds for iOS, closing a GitHub request from the community.

It was closed because they use Github for bug reports, not feature requests [4]. The dev even pointed them to the right place. That said, I do agree it would be great if there was some progress made on this front for Signal, but realize its a huge effort and may be best avoided for now as the iOS client still needs some "catching up" to do, compared to the Android version.

And WhatsApp doesn’t even publish the code of its apps, so all their talk about “privacy” is an even more obvious circus trick 💤

Agreed.

Telegram is the only massively popular messaging service that allows everyone to make sure that all of its apps indeed use the same open source code that is published on Github. For the past ten years, Telegram Secret Chats have remained the only popular method of communication that is verifiably private 💪

Telegram collects all your data by default in a way that's accessible to anyone with enough privileges to their infrastructure.

[0] https://core.telegram.org/reproducible-builds#step-6-comparing-the-appstore-build-and-the-version-built-in-the

[1] https://signal.org/blog/private-contact-discovery/

[2] https://github.com/signalapp/Signal-Android/tree/main/reproducible-builds

[3] https://github.com/ali-fareed/darwin-containers/commits/main/

[4] https://github.com/signalapp/Signal-iOS/issues/641#issuecomment-1276308990

100% agree. Would be nice to be able to just "dock" into a USB-C cable and have a working "PC" at my disposal. Appreciate the response.

genuine question, what do you expect out of a mobile OS that you can't do now?

Even without a source I can see how ICE vehicles are cheaper to repair (assuming you don't have some high-end expensive car. I had a relatively "new"-ish engine replaced in my ICE vehicle (I'll let you guess the make/model) for just under $2,200, this is including labor.

ICE vehicles are "old tech" and everyone knows how they work and where to source cheaper (new or rebuilt) parts. All bets are off if you're working directly with a dealer when trying to save money.

I'm looking forward to owning an EV at some point, but will definitely need to find someone who's competent whenever any major issues appear. Hopefully by then they're significantly more common and the industry has more people that are competent at that type of work.

I would suggest you give this feedback directly through here: https://whispersystems.discoursehosting.net/

It was introduced two years ago: https://element.io/blog/introducing-native-matrix-voip-with-element-call/

Looks like at least two other clients support 1:1 calls.

For anyone considering Session messenger:

The Session developers dropped Perfect Forward Secrecy because it would be hard to work around it.

First things first, let’s talk about what we’re leaving behind: Perfect Forward Secrecy (PFS) and deniability.

Source: https://getsession.org/session-protocol-explained

In plain English, they dropped a security feature for their convenience to the detriment of their users' security.

For anyone unsure what PFS provides:

The value of forward secrecy is that it protects past communication.

Source: https://en.wikipedia.org/wiki/Forward_secrecy

The Session devs also claim:

Session provides protections against these types of threats in other ways — through fully anonymous account creation, onion routing, and metadata minimisation, for example.

Reading between the lines, we can interpret that as introducing security through obscurity, which is generally considered bad practice - https://cwe.mitre.org/data/definitions/656.html

Private messages on Matrix have been end-to-end encryption (E2EE) by default since 2020 - https://matrix.org/blog/2020/05/06/cross-signing-and-end-to-end-encryption-by-default-is-here/

For anyone considering Telegram for privacy:

1. Telegram doesn't default to encryption. All your messages are stored and can be viewed by anyone with enough privileges on Telegram's infrastructure.
2. Telegram's "secure" 1-1 messages are limited to the point of being useless and not worth using. It's a dark design pattern created to discourage their use, ensuring you give them all your data.
3. Telegram doesn't support E2EE group messages.

TL;DR - Matrix is more private than Telegram.