m0xEE @m0xee@librem.one

@robryk
Yandex might be compromised and has security services representatives on board — therefore should no be trusted, but it's not officially a state-owned company — they might be exempt to these sanctions, but they still distribute their own Yandex Browser with said CA baked in. Few others might be using certs that are still valid — those didn't get revoked, they just can't renew them.
@kravietz

@Hyolobrika
Why would it be? TLS is only the first layer — some metadata probably still gets transferred over it, it's what is considered unencrypted, but on top of it at least Element and Schildi have proper cryptography module in WAsm, it works mostly the same as desktop SW would. I'm not sure how Fluffy works, but it's probably the same.
Although browser cryptography is a classic "bad idea": https://tonyarcieri.com/whats-wrong-with-webcrypto , it's not the worst of what we have to deal with now daily😅

@Hyolobrika
You can use Element in Firefox, I think you can also use Fluffy Chat and there's a desktop version of Schildi, but you need Node.js to host it, so I've never tried it myself.
If you want chats only and are fine with TUI, there's gomuks — you only need go and libolm to build it, I think you can even build it without cloning the source using "go install github.com/tulir/gomuks" — should work, but I haven't tried that myself in ages.

@Hyolobrika
Come to the Matrix side! We have "Unable to decrypt message"… too! Yeah, we have that one too 🤣

@romin
Well, at least we would get VR support this time 🤪

@kravietz
Thus communication of Russians, most of which have to have this cert installed (they still have to use banks and government-provided services) over non-E2E-encrypted messengers such as Telegram are in theory "transparent" to Russian "law enforcement". I don't know though, if Telegram apps perform any checks and give you any warning if the non-expired certificate gets replaced all of a sudden.

@kravietz
To avoid the suspiciously looking warnings they have made their own certification authority and are actively encouraging users to install this CA certificate to their systems. With this cert in the system, MITMing anything gets relatively easy.

@kravietz
> group chats can’t be end-to-end encrypted (E2EE), so their contents are readable to at least Telegram operators
Only today this came to me: little is known about it in the rest of the world, but due to sanctions, Russian enterprises and government organizations can't acquire proper security certificates recognised by most widely used browsers.

@threat
They probably can't be taking amphetamines while on duty… That's what speed dating is about, right?
@get @Doll @p @0 @FrogsAreREEEcist @sun

@ellenor2000
At least he looks harmless — the one who gets drunk and falls asleep fast! 🥴
I bet he gets all furious when he wakes up hungover though 🤔
@kevinrothrock

😏

@eidolon
> White man
Are you sure? 🧐
Objects in the mirror… might not be what they appear to be. They might be a trans-woman, they also might be trans-black… Or from the White People Co-opting Black Culture association: https://www.youtube.com/watch?v=fBsE4ICwivA

@IAMAL_PHARIUS @kirby
Thy flesh consumerised 🤪

@taylan
Well, in this case you're absolutely right 😆
It'd be either Arch or flavours of Ubuntu, depending on in which parts of Fedi the poll gets more boosts, and, I've never used Arch myself, but they don't appear too different — same glibc, gnu userspace and even the systemd, package manager being the only major difference. Oh, and one has a reputation of being more user-friendly and the other being for advanced users, both are debatable — but that's it.
@bob