Sometimes you can even close one
Natanael
joined 9 months ago
Again, you sound like an antivaxxer, and you're ignoring his history of failure, including SPECIFICALLY FAILING AT ENCRYPTED DM BEFORE
You're questioning experts with absolutely no justification other than your own animosity, assuming the experts too are driven by animosity instead of true concerns
Nothing is a cat's fault - cats
This is incoherent bullshit.
You're choosing to pretend it's nothing so you can dismiss legitimate criticism.
An engineer hearing about some novice trying to build a plane using difficult methods that only one or two companies with immense expertise has succeeded at would be correct to assume that plane would be unsafe.
A doctor hearing about a tiny clinic attempting treatments that only big medical research facilities have pulled off are correct to assume they're charlatans.
A cryptographer hearing about somebody attempting to build E2EE using methods that very few are capable of implementing correctly and without having the expertise on hand are correct to call that snakeoil.
Cryptography is INFAMOUSLY complex. E2EE is infamously difficult to make easy ("Johnny still can't encrypt"). The worst part is that cryptographic failures are almost always 100% silent!
There's a reason almost everybody copies Signal's protocol, and that everybody else who does it in-house keeps having vulnerabilities.
Multi user key management (PKI) specifically is wildly complex.
They're doing cryptography in the browser - famously difficult to make it work decently because there's no reliable code pinning solution, no reliable protected key storage (no TPM protected keystore) and absolutely no auditability. And that's on top of the risk of getting served malicious Javascript via XSS attacks, or by the host getting hacked, or by a maliciously issued certificate (there's 800+ certificate authorities, FYI, no cert pinning = easy for a state level actor to MITM)
They're not doing transparency logs of user keys. Even whatsapp has started doing that.
I haven't seen evidence of them attempting user key verification
Twitter/X has only displayed signs of LACKING the necessary expertise.
To pretend that's wishful thinking from me just reveals how little you care about expertise.
There's both similarities and differences, both Trumpism and nazis decided on several other groups as a scapegoat. Nazis started with people with disabilities and similar groups first and shifted to exploiting existing prejudice against Jewish people. Trump and much of GOP have been stupid racists from the start. Also, all of these types of fascist groups starts infighting eventually and fewer and fewer people are "pure enough"
If you can't demonstrate that you know more about cryptography then me, it's time for you to admit you're wrong
Heated objects glow the same colors no matter what they are made of
True only if light emissions aren't dominated by chemical effects or filtered by structural effects. Plenty of materials burn at different colors. Although if you wait out the chemical reactions and keep it heated, it does eventually end up with just blackbody radiation too 🤷
You sound like an antivaxxer defending a crank
Not goose meat though. There's a chance it gave up the feathers willingly!
(very tiny, very very very tiny)
I've run a cryptography forum for 10 years. I can tell snake oil from the real deal.
Musk's Twitter doesn't know how to do key distribution. The only major company using HSMs the way Musk intends to is Apple, and they have far more and much more experienced cryptographers than X does.
3! = 3*2*1 = 6
By that measure everything ever is propaganda