> [1] I'll respect their name change once Elon respects his daughter
It's still just Twitter, but you're not being banned anymore. So ACTUAL discussions can take place without having the thought police running around with a banhammer.
Because it would seem hate speech has had quite a surge:
https://journals.plos.org/plosone/article?id=10.1371/journal...
I guess censorship is a popular thing now on HN. Never thought I would see all you people advocating FOR censorship. I’m happy Elon seems unmoving in his stance on this. We need to progress.
If you don’t like the platform censoring you, go somewhere else or do what Elon did and buy the platform and change the rules for yourself.
I loathe the poorly educated.
They're already being pulled down by the alg. It's just allowed now, and why shouldn't it be? I think it's better for humanity overall if these people are not pushed into a small echo-chamber but instead can speak freely and openly.
We should go back to sticks & stones. Let hate flow off you and instead look for love, which is also still there.
what? Elon routinely complies with random countries asking him to ban users, and routinely bans people he personally doesn't like. he even banned someone who was just reposting public flight data!
what on earth does "complete free speech" mean to you??!
https://www.washingtonpost.com/technology/2024/09/25/elon-mu...
Anyone still swayed by his vision is painfully naive
Twitter is not the US and does not guarantee free speech. To insist that it must because it’s a US company is entirely missing the point. Banning people is essentially ignoring people. Which is what the text of “sticks and stones” is instructing.
Sticks & stones is a general thing that’s missing in a lot of people nowadays. Trying to protect everyone from bad words will only make them react more when they inevitably will encounter said bad words.
As for the rest of the “what if”s, I guess we’ll see what happens when it happens. As of right now, my For You page is filled with science, discussions, tech, friends, well-known people having normal discussions with “plebs”, etc.
If you don’t find value in the platform, simply don’t use it. Use Bluesky if you want.
The signal to noise ratio is so low even when curating feeds, it feels pointless to post anything meaningful anymore, it just gets drowned in the noise and bots.
That sucks tho. I’m not against other places existing if it makes people feel better.
Isn’t your suggestion to remember the words of “sticks and stones” the same as you advocating for how everyone should protect themselves from bad words?
I don’t use either platform because I find short form writing utterly valueless for anything than marketing purposes. You may say “but I read a lot of good discussions on there”. Great for you but the discussions are still mostly short form rhetoric with little value other than “talking out loud”. The other half of discussions is split between jobless comedians and hate-speech-as-freedom-of-speech advocates. I will never get my science, news, etc from a quote box. There’s a reason I deleted my account 10 years ago.
So when you say "it's still good" while also mentioning thought police, I take what you're saying with a huge grain of salt, as I never noticed thought police to begin with, so less of something unnoticable sounds very close to "complete anarchy, nazis, and that's how we like it". Like 4chan put on a business suit.
X is the only platform where you can see the real state of the world, raw, unedited. That's INCREDIBLY valuable and I'm absolutely baffled by how everyone here seems to celebrate censorship. We fought wars over this.
I think people talking about how new-Twitter is somehow a bastion of free speech or whatever are just telling on themselves about what they think speech is.
Again, if you don’t match with the vision, don’t use the platform. But you have to accept that the platform exists, is very popular, and allows free speech, and you can’t change that.
which isn't really all that free after all.
Regarding the auto moderation of that word, what does happen when a post gets auto moderated? Does it get like, semi-hidden or something?
In my opinion a free-for-all is what the online world needs. But it’s just that, an opinion. Feel free to not participate. I’m interested in what you do participate in, except for HN, though - is there something better that doesn’t ban me for defending Elon, for instance? To put question marks by global policy? etc etc. That’s at least as popular as X is? We can just talk to huge names there, and call them out on their bullshit, if they spew it. That’s unbeatable.
https://x.com/elonmusk/status/1876168991330439314
Yeah I'm not going to return to a website that doesn't ban people unable to have a civilized conversation.
That's your choice! Perfectly fine. For me, I don't want to close my eyes for what the world is actually thinking, even when they're in rage-mode. I think that makes your own thinking very narrow.
Also, it's a conscious choice they made - they're the only platform I know of that allows you saying anything with no penalty except for maybe a algorithmic one. That doesn't mean it sucks, or is a bad platform, or the transition failed.
There's a million things you cant say, its now you are happy that the right wing nutjobs get to have their peace in public - that's the only part of the conversation that's "now allowed"
I don’t think there’s a million things you can’t say. I see tons of posts criticizing Elon. But I also see tons of people defending him in replies. This is what we should want. Discussion. Open talking. And that includes “right wing nutjobs”.
If the vision you’re seemingly okay with censoring is so damaging that you can’t fight it with words, is the opposing vision strong enough?
https://www.statista.com/statistics/272014/global-social-net...
There are certainly much better ways to learn what the world is thinking than a website without effective moderation. The problem was never "censorship" or "people are not allowed to say everything". The problem is the quantity of garbage the information supersewer generates and finding what is true and relevant.
“Garbage”. “Supersewer”. I simply don’t see what you mean. Of course there IS garbage, but you’d actively have to seek it out. You’d have to scroll down all the replies to get to the shit. If you want to see that, it’s there, but if it doesn’t have value, it stays there. Up top are the sensible replies and discussion threads.
We can keep talking, but if you don’t want to see it, you’ll never see it.
I still instinctively open Twitter up most days. I scroll for a bit, see a couple of interesting tweets, but the majority is either garbage spam for views, overtly general racist tweets, purposeful right-wing distortion of facts to incite hate.
You go into any comments of a tweet that has gained a traction - the first comment will usually be "@grok is this true?", OF replies boosted by the original post (because the thread was garbage spam and they're getting paid), or obvious ChatGPT responses.
It feels really disheartening, especially having grown my career from the stuff i've seen and connections i've made on Twitter. Shell of its former self.
I don’t know why an account is necessary to read updates from government agencies and local organizations after 10 years of not needing to do that.
X.com is distinctive and unambiguous. Wikipedia has entertained at least 12 proposals to change the article name; 100% of them have failed, and they are issuing 3-month moratoriums on discussion now.
Honestly the new name is a bit of a prank on porn addicts. If someone is watching over your shoulder while you try to type "x.com" into the URL bar, autocomplete may reveal how many other sites begin with "x" that you’ve visited lately.
But what about when you are searching a comment thread on another site to try to find a comment you remember where x.com was mentioned? The comment is probably not going to say "x.com".
Twitter wouldn't be the first rebrand where people just decide they're not going to bother with this. Notably, there the odd year or so where the Royal Mail attempted to rebrand to 'Consignia' (in the alternate universe where the Iraq War didn't happen, this would be what everyone remembered about the Blair era), and Netflix's attempt, some years before scrapping it entirely, to rename its DVD delivery business to 'Quikster'.
Let’s just start some companies with the names:
- Let’s - Just - Start
You get the idea…
https://github.com/signalapp/Signal-Android/blob/main/reprod...
OpenSSH was trivially backdoor'd [1] and distributed in several major distributions and the security community _did not_ notice until after it was already wild.
[1] https://www.ssh.com/blog/a-recap-of-the-openssh-and-xz-liblz...
I would quibble with calling it "trivial" though.
2) From your link, it says: "Ubuntu 24.04LTS was a month away from being shipped with this backdoor, with other distros being on the same boat. Maybe the best way to describe it is this: had it gone undetected, Linux servers would have been running with a bomb waiting to be activated remotely." and "Luckily this backdoor was discovered in an early stage, and most of the Linux user community stays safe"
So, the security community _did_ notice.
No free lunch. If comms security is that critical for you, outsourcing its assurance via trust is never going to cut it.
But I guess Signal doesn't implement it?
Edit: or Apple, whathaveyou
Noticing something and reacting to it are very different things. Signal could fairly trivially grab all historical data for all online users within a fairly limited window. However it would be a one off event so the value proposition of such an act is dubious.
Show your working otherwise this is utterly spurious.
Anyway the difficulty of the task itself is traditionally taken to be irrelevant when performing cryptographic threat analysis. The question is about what is and is not mathematically impossible for an adversary to do.
Circling back up. Article author: Twitter might be untrustworthy and could bruteforce your keys. Use Signal.
Me: That's unreasonable. You also have to trust Signal.
Your answer just now: Why are people picking on Signal?!?
In fact, what the world really needs, rather than 3rd-party controlled encrypted messaging solutions like Twitter and Signal, is public apis for public key cryptography on non-trusted infrastructure, not tied to single groups. Everybody knows this. The reason that we instead have bodies like Signal -- a company that just so happens to tie every encrypted message to a real phone number and real human identity for no easily explained reason -- and the reason we have people who surely know better defending bodies like Signal in public, is an exercise left for the reader.
X's new "encrypted" XChat feature doesn't seem to be any more secure
> ... As noted in the help doc, this isn't forward secure, so the moment they have the key they can decrypt everything. This is so far from being a meaningful e2ee platform it's ridiculous.
I think these Twitter DMs only does the scamming the gullible part, as you need to pay to use the feature and this is scamming people into thinking they're paying for secure messaging.
is the bitcoin a fundraising mechanism for juniors or something?
can you explain tbe mechanism?
I was going to point out that Bitcoin does not use encryption; but technically I think it's signature algorithm (ecdsa) can be thought of as a hashing step, followed by a public-key based encryption step.
So, in the most charitable reading, it using ecliptic curve asymmetric encryption. Presumably for the purpose of exchanging a symmetric key, as asymmetric encryption is very slow. In other words, what basically everything written this decade does. Older stuff would use non EC algorithms, that are still totally fine, but need larger keys and would be vulnerable to quantum computers is those ever become big enough.
Yeah Musk as not very technical person would hardly know the difference.
It really can't. If you're extremely drunk you can think of it as similar to hashing followed by a public-key based decryption step (signing uses the private key, as does decryption) but that's about as good an analogy as calling a tractor-trailer a container ship because both haul cargo. The actual elliptic-curve part of the operation isn't encryption or decryption, and thinking of it as such will lead to error.
RSA does have a simpler correspondence in that the fundamental modular multiplication operation is shared between decryption and signing (or between encryption and verification). But modular multiplication alone isn't secure, it's the "padding" that turns modular multiplication with a particularly-chosen modulus from some basic math into a secure encryption/signature system. And the padding differs, and the correspondence doesn't hold in real systems. RSA without padding is just sparkling multiplication.
...
>Signal doesn't have these shortcomings. Use Signal.
Dunno that Signal is a really good counterexample for this particular aspect of E2EE messaging. The option exists to compare a 60 digit decimal number but the usability of this feature is such that most users don't even know that this is something they have to do. Just having a feature is not valuable if no one knows that feature exists and have no idea what any of it means.
I like the approach used by Briar Messenger. They just have the user use the number that represents identity in the system. There is no misleading feature that maps a phone number to the actual cryptographic identity. This makes it much harder for the user to unknowingly use the system in an unsafe way. A Briar identity looks like this:
briar://bafybeiczsscdsbs7ffqz55asqdf3smv6klcw3gofszvwlyarci> Caution
> Experimental library!
and
> While this library is just a wrapper around the well known Libsodium library it still comes with high potential of introducing new attack surfaces, bugs and other issues and you shouldn't use it in production until it has been reviewed by community.
[0]: https://github.com/ionspin/kotlin-multiplatform-libsodium
Signal has had forward secrecy forever, right? The modern practice of secure messaging was established by OTR (Borisov and Goldberg), which practically introduced the notions of "perfect forward secrecy" and repudiability (as opposed to non-repudiability) in the messaging security model. Signal was an evolution both of those ideas and of the engineering realization of those ideas (better cryptography, better code, better packaging).
What's so galling about this state of affairs is that people are launching new messaging systems that take us backwards, not just to "pre-Signal" levels, but to pre-modern levels; like, to 2001.
1. Core Secrets said the FBI "compelled" companies to secretly backdoor their products. Another leak mentioned fines by FISA court that would kill a company. I dont know if you can be charged or not.
2. They paid the big companies tens of millions to $100+ million to backdoor their stuff. Historically, we know they can also pressure them about government contracts or export licenses. Between 1 and 2, it looks like a Pablo Escobar-like policy of "silver or lead."
3. In the Lavabit trial, the defendant said giving them the keys would destroy the business since the market would know all their conversations were in FBI's hands. The FBI said they could hide it, basically lying given Lavabit's advertising, which would prevent damage to the business. IIRC, the judge went for that argument. That implies the FBI and some courts tell crypto-using companies to give them access but lie to their users.
Just these three facts make me wonder how often crypto in big platforms is intentionally weak by governemnt demand or sloppy because they dont care. So, I consider all crypto use in a police state subverted at least for Five Eyes use. I'll change my mind once the Patriot Act, FISC, secret interpretations of law, etc are all revoked and violators get prosecuted.
People are going to come back and say "well yeah that's just what they tell you about FISA court, but I bet FISA courts fine people all the time", but no, it's deeper than that: private actors aren't parties to FISA cases. It's best to think of them as exclusively resolving conflicts between government bodies.
I dont know the mechanics of it, like jurisdiction. It might be as you say. I just know they and their targets were both clear at different times they could force a company to do it.
> In some circumstances, nongovernmental parties may litigate the lawfulness of FISA orders or directives to provide information or assistance to the government. For example:
> A private company or individual that has been served with a directive to assist in acquiring information under Section 702 may petition the FISC to modify or set aside the directive. Conversely, the government may petition the FISC to compel the recipient to comply with the directive.
> In responding to the government’s petition, the private party has the opportunity to show cause for the noncompliance or argue that the order should not be enforced as issued.
> In 2007, Yahoo! Inc. refused to comply with directives issued by the government under provisions of FISA that have been replaced by Section 702. The government filed a motion with the FISC to compel compliance.
https://www.fisc.uscourts.gov/about-foreign-intelligence-sur...
The warrants the court issues do apply to private parties. Failure to comply with a warrant is contempt of court and the court can compel compliance by fines and other sanctions. You can read what that looks like in this FISA court ruling against Yahoo.
PDF warning: https://donohueintellaw.ll.georgetown.edu/sites/default/file...
https://inteltoday.org/2020/02/15/crypto-ag-was-boris-hageli...
We've always done this.
diggan•1d ago
What does "Bitcoin style encryption" mean? Isn't Bitcoin mostly relying on cryptographic signatures rather than "encryption" as we commonly know it?
77pt77•1d ago
nicce•1d ago
thewarpaint•1d ago
londons_explore•1d ago
However, the challenge is distributing those keys in a trustworthy way - because if someone can tamper with the keys during distribution, they can MITM any connection.
I assume this "bitcoin style" encryption is a blockchain or blocktree of every users public key now and throughout history. Ship the tree root hash inside the client app, and then every user can verify that their own entry in the tree is correct, and any user can use the same verified tree to fetch a private key for any other user.
kstrauser•1d ago
JustFinishedBSG•1d ago
VWWHFSfQ•1d ago
kstrauser•1d ago
NicolaiS•22h ago
CodesInChaos•1d ago
kstrauser•1d ago
londons_explore•1d ago
However, with a merkle tree, the root hash is embedded into the app, and the servers return the data together with info chaining to the merkle root (typically a few kilobytes, even if the whole tree is hundreds of gigabytes).
With that info, the app can verify the chain to the root and be sure that the servers aren't returning false data.
fc417fc802•15h ago
londons_explore•1d ago
Merkel trees are snapshot/read only though - so you then use a bitcoin style Blockchain to ship refreshed versions of the root tree hash (you can even ship it in the actual bitcoin Blockchain if you like, piggybacking on its proof of work to ensure different people don't see different root hashes)
viraptor•1d ago
paxys•1d ago
jsheard•1d ago
kees99•1d ago
Exact same effect could be achieved by making conductor that very same single-digit % thicker. Which is an order of magnitude cheaper. And ohmic resistance is not that important for audio-cables anyway.
jsheard•1d ago
kees99•1d ago
Assuming good contact in connector(s) is achieved, gold-plating does not further help with high-speed signals. What matters here - is wire/cable itself, specifically, tight control over where conductors are relative to each other and insulation, so that impedance is well matched throughout, cross-talk is minimized, etc, etc...
__alexs•1d ago
https://en.wikipedia.org/wiki/Low-background_steel
seanhunter•23h ago
arealaccount•18h ago
killdozer•16h ago