Its great to see the current explosion of public #Jitsi Meet. To help choose which one works for you, we set up a test project "jitsi-monitor" to gather data on public #JitsiMeet instances daily:
* config including STUN, analytics, etc.
* TLS setup
* TCP traceroute
* what else?
This should run locally for choosing the closest instance. Our results are in basic HTML format. This can be used to make Javascript UIs. The full JSON, source, etc. are available at
https://guardianproject.gitlab.io/jitsi-monitor/
Automated technology doesn’t work at scale—that's why it's vital that companies take precautions now to ensure transparency and accountability, and roll back new automation later https://www.eff.org/deeplinks/2020/04/automated-moderation-must-be-temporary-transparent-and-easily-appealable
For private meetings with video/audio, the real choice remains open source software: Jitsi, @nextcloud Riot/Matrix, Wire, Signal. For groups, Wire seems to be the only end-to-end encrypted option, so using a trusted service provider is essential. You can find a list Jitsi instances here: https://github.com/jitsi/jitsi-meet/wiki/Jitsi-Meet-Instances
1-on-1 conversations with #Nextcloud Talk are E2E encrypted. With the HPB, larger calls go over your own infra. In no case can anyone listen in!
So take back control over your communication. Host your own #Zoom #Skype #MSTeams!
https://nextcloud.com/talk
We, alongside a network of advocates, have launched an online resource centre to track and explain worldwide Covid-19 measures - you can find it here: https://privacyinternational.org/campaigns/fighting-global-covid-19-power-grab
Anyone with updates can contact us at: info@privacyinternational.org.
What if you could replace a broken phone screen, by yourself, in under 5 minutes? Fairphone 3 is the only smartphone in the world to be awarded a perfect 10 out of 10 repairability score by @iFixit@twitter.com. 🛠️ 🌍 Available now 👉 : https://frphn.co/nvI6X
Access to a critical health service should not hinge on whether or not you have a Google account. https://www.eff.org/deeplinks/2020/03/verilys-covid-19-screening-website-leaves-privacy-questions-unanswered
#Zoom on iOS is sending personal data to #Facebook https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account
🤨 @Whatsapp has failed to respond to our letter on #CloudExtraction - which allows warrantless, broad access to cloud stored data. This is a vital issue for security of Whatsapp's customer data. Help us demand they respond now and retweet. 🔁
Read more: https://privacyinternational.org/news-analysis/3302/big-tech-companies-must-protect-customer-data-legal-backdoors https://nitter.net/privacyint/status/1243463016747634688/photo/1
We're starting another round of translation workflow improvements for websites working with #Weblate: this time the focus is taking the pain out of translating Markdown texts, this builds upon the work on the @fdroidorg@mastodon.technology website
https://guardianproject.info/2020/03/05/improving-crowdsourced-translation-of-long-form-text/
@bortzmeyer @Shaft @tania @fdroidorg@mastodon.technology @exodus @lenaki@mastodon.social @Jolivier
And of course, we're contributing back to Exodus as much as possible. My personal view is that Exodus should be the canonical database of all this stuff but I'm not sure they want the noise of this discovery process in their issue tracker.
@bortzmeyer @Shaft @tania @fdroidorg@mastodon.technology @exodus @lenaki@mastodon.social @Jolivier F-Droid and Exodus have been working together since 2017! https://f-droid.org/2017/12/14/new-collaborations-on-exposing-tracking.html
We are building upon Exodus' work, this is a vast project. Exodus is currently tracking libraries and domain names. Turns out, there are a number of other things that haven't been mapped out yet, like API keys and Broadcast Receivers.
#MachineLearning is proving to be quite #exploit-able, humans need to stay in charge, with #AI only as an assistant:
"Hackers stuck a 2-inch strip of tape on a 35-mph speed sign and successfully tricked 2 Teslas into accelerating to 85 mph"
https://www.businessinsider.nl/hackers-trick-tesla-accelerating-85mph-using-tape-2020-2?international=true&r=US
After more than ten years working to remove #tracking in software, I now see that tracking usage without tracking people is possible. Tracking is essential to #AddictiveDesign, so #DataDriven #SoftwareDevelopment is still full of moral hazards
It has been interesting to dig into this, the vast #malware body of knowledge has gotten us started, but it isn't the same problem, so similar but different tools are needed.
#TrackingTheTrackers I'm digging into tools these days, #faup provides lookups if a string is a known domain name, and #ipgrep returns all strings that resolve to an IP address. The #ipgrep approach seems much more useful since it doesn't need a pre-prepared list of "known domain names", instead #DNS provides that
https://github.com/stricaud/faup
https://github.com/jedisct1/ipgrep
One murky area of #FreeSoftware is what the #mirrors do with the all the #metadata they inevitably collect. Big mirrors like https://mirrors.kernel.org/ have no apparent public #privacy #policy. Purdue PLUG https://plug-mirror.rcac.purdue.edu/info.html and FAU https://ftp.fau.de/datenschutz post theirs
#Privacy policies need not be dense legalese meant to confuse and obscure, @EFF's #DoNotTrack #Policy provides a well crafted, privacy promise for like minded organizations to adopt https://www.eff.org/dnt-policy
OpenPush - A Free, #Decentralized Push Messaging Framework for #Android
"Push messages are an essential part of connected mobile devices. They are also one of the critical missing pieces in the #opensource Android ecosystem. Until now, free Android apps would either need to implement their own push notification system, do without any push messaging or use the proprietary Google Cloud Messaging service."
Ich halte am Donnerstag einen Vortag über #FDroid bei der FSFE Berlin.
Wer mag kann vorbeikommen!
People, apps and code you can trust