MMN-o ✅⃠ on social.umeahackerspace.se
This remote profile is registered on another site; see mmn's original profile page on social.umeahackerspace.se.
-
MMN-o ✅⃠ (mmn)'s status on Monday, 17-Apr-2017 05:22:27 EDT 
MMN-o ✅⃠
@kevinmarks !indieweb #magic <3 -
MMN-o ✅⃠ (mmn)'s status on Monday, 17-Apr-2017 04:43:44 EDT
MMN-o ✅⃠
@oemplojerad Johodå det var det! -
MMN-o ✅⃠ (mmn)'s status on Monday, 17-Apr-2017 04:21:29 EDT
MMN-o ✅⃠
@pettter That specific scenario was just one of many. Also legal discourse and protection are irrelevant in many situations when damage is already done (compare with surveillance cameras etc.). -
MMN-o ✅⃠ (mmn)'s status on Monday, 17-Apr-2017 02:20:39 EDT
MMN-o ✅⃠
@lnxw48a1 What, you mean Twitter doesn't have a verification system that magically solves nick/username collisions? -
MMN-o ✅⃠ (mmn)'s status on Monday, 17-Apr-2017 02:19:03 EDT
MMN-o ✅⃠
Hur kunde jag missa detta? -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:47:05 EDT
MMN-o ✅⃠
@rw Tell that to your domain name. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:46:21 EDT
MMN-o ✅⃠
@hishamhm Doesn't matter how good the handshake is if people leave their phones logged in with content easily accessible. Some people even think it's too much work to lock the workstation when going to the bathroom. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:44:52 EDT
MMN-o ✅⃠
@pettter Scenario: Person A and B work at the same place, A wants to communicate securely with person B to organise solidarity. B has this really neat, simple app for secure messaging that Just Works(tm). 1. A sends secret message to B about how crappy the boss is. 2. B has archiving on because it's the user-friendly default. While noone can read the message in transi… -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:20:15 EDT
MMN-o ✅⃠
@pettter As long as you don't call it secure when people routinely leave their phones unlocked etc. because it's Secure(tm).
Why should I consider something secure if the remote party doesn't even know _why_ you should (deems it important enough to) auto-lock the screen/app/whatever? ("omg ffs that's totally not user friendly!!! gotta write the 4 digit key MORE THAN ONCE PER DAY!!!") -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:15:06 EDT
MMN-o ✅⃠
@askan I #X-Files är de grå. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:14:33 EDT
MMN-o ✅⃠
@rw
* "Verified" tick: check.
* Twitter owned domain: check.
* Not April 1st: check.
Well, there's obviously no reason NOT to trust this announcement coming only as an image without any other source and posted by a well-known shitposter. -
robek world (rw)'s status on Sunday, 16-Apr-2017 18:47:21 EDT 
robek world
https://shitposter.club/attachment/598862
Oh cool!! -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:09:37 EDT
MMN-o ✅⃠
@hishamhm Sorry for the rant-spam. I felt I had to get it out. .) -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:09:06 EDT
MMN-o ✅⃠
@hishamhm Someone who can't be bothered to learn about the tools to use can't be trusted with secure communication in the first place. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:07:26 EDT
MMN-o ✅⃠
@hishamhm Was it moxie@secure.example or moxie.marlinspike@secure.example? Well I guess it's all the same, the service I am using is Secure, so I can Trust it to be Verified. I'll just go ahead and chat with this moxíe.marlínspíke@secure.example person, he seems so nice. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:04:45 EDT
MMN-o ✅⃠
@hishamhm And last but absolutely not least: If the user doesn't understand the concept and importance of fingerprinting, there is no security to speak of. People laud the "user friendly" interface of #Signal etc, where all of this is magically hidden, but all of a sudden someone with a similar (or visually identical through unicode etc.) identity comes along and bam - they have no idea they're getting duped. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 19:02:40 EDT
MMN-o ✅⃠
@hishamhm Apparently you haven't used #Thunderbird + #Enigmail.
However, the problem of solving UI/UX vs. security tradeoff is _hard_. If the user has a seamless experience, there is no security to speak of. If the user doesn't know where and how the private key is stored, there is no security to speak of. etc. etc. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 18:09:19 EDT
MMN-o ✅⃠
@Gargron PS. I can't join the discussions on #GitHub because I'm not a customer there. I hope you're getting my input through here. -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 18:08:44 EDT
MMN-o ✅⃠
@Elizafox @Gargron Delete functionality for profiles ought to be _profile_ deletion as suggested in that thread. It would be up to each federated remote instance whether to delete the profile and/or data. The possibility to delete an account's data should be obvious. But essentially that could be accomplished by just having the user edit their profile data, deleting a… -
MMN-o ✅⃠ (mmn)'s status on Sunday, 16-Apr-2017 16:55:59 EDT
MMN-o ✅⃠
@knuthollund @mcscx2 I get this POST /main/ostatussub] HTTPClient: HTTP POST http://toot.drup.no/api/push - 404 Not Found
My guess is that @xqus set stuff up for HTTP but serves on HTTPS and because the client gets 301 permanent redirected - by HTTP standard the new request must be a GET and thus the POST data to /api/push gets lost.
All Hacker Poesy content and data are available under the 