• 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: February 7th, 2025

help-circle

  • As a software engineer that works on virtualization and is interested in software freedom, this law terrifies me because it’s a trojan horse for something much much worse than the already shitty status quo: remote attestation.

    And I will tell you this: the operating system is 100% where you want to do age verification

    No, it’s the last place you want to do this check. Let me explain: because users control the PCs they buy right now, meaning they can install any OS and programa the so wish to install; governments at some point will decide that they cannot trust the results given by any OS.

    The only way for governments will be to actually trust third parties (again) that will check properties in your computer through a module that controls the whole computer and users don’t have access to.

    This is called remote attestation: https://www.eff.org/deeplinks/2023/08/your-computer-should-say-what-you-tell-it-say-1

    With this technology, users don’t decide what programa they can install and run, they can’t even decide what websites can they visit.

    It’s a brutal encroachment on the computer freedom you have enjoyed up to now, and the perfect tool for an authoritarian government to enforce what can you watch and in general, can do with your computer.

    If this law is approved, I guarantee you it will spread and will have expanded versions requiring remote attestation. (Don’t worry, lobbyists will find a way to sell remote attestation preserves privacy to make it go down easier)

    The end result is a nightmare-fueling scenario where someone like Peter Thiel through Persona not only has your information because it needed to verify to create the account in your computer, but Microsoft also has it, and governments through Microsoft may decide to limit which platforms you can access (X or something worse), if also if you’ve been a bad citizen, if you can run programs in any computer that can be legally sold.

    All in all, this law is incredibly dangerous in the current political climate where even supposedly democratic governments are pushing for more authoritarian controls to digital life. And I’m surprised organisations like EFF haven’t seen this yet


  • Of the ones I’ve tried that are fully open-source, zulip is the best one regarding UX functionality.

    I’ve found Matrix is a UX nightmare, with many different clients implementing different features, or having issues if a non-default login mode is used, ending in people getting locked out after the browser logged them out because they forgot to copy a key when they were logged in.

    Others like rocketchat are opencore like matter most, which means they can do the switcheroo.

    The things I would care the most when checking this kind of service are:

    • UX: how easy it is to use for nontechnical users
    • how well-backed is the project, socially and financially, to ensure it lasts a long time
    • how easy it is to get the (public) conversations out, as an exit strategy, if the one above isn’t looking so good.