ivn

joined 1 year ago
[–] ivn@jlai.lu 20 points 3 months ago (13 children)

I don't get it, are you really arguing that Russia and Venezuela are blocking Signal to protect their citizens from American snooping?

[–] ivn@jlai.lu 16 points 3 months ago

Telegram is not secure, I guess if you can listen to it better not block it.

[–] ivn@jlai.lu 5 points 3 months ago (4 children)

I mean, that's not specific to Matrix. Telemetry is the tool used to get the numbers, so I don't see how you would collect numbers on servers that don't report numbers.

[–] ivn@jlai.lu 4 points 3 months ago* (last edited 3 months ago) (3 children)

Maybe I've misunderstood how it works. I thought that when connecting to a matrix instance you would point to the domain name and the text file would be on a standard location (as with /robots.txt or all the files in /.well-known/) so it would be easily discoverable. In fact I just checked and matrix does use /.well-known/ so one should be able to identify matrix servers by querying these URLs. Unless their is a way to use a non-standard location, but that would require further configuration on the client I guess.

And just to answer your question, the only way to find some hidden file would be to brute force. This could obviously be extremely time consuming if the URL is long and random enough, especially if you add rate limiting (this last thing could be circumvented by using multiple IPs to scan, which would be easy for a state actor).

Edit: I've just realized I wasn't answering to the same person, the first part of the message was more for @TarantulaFudge@startrek.website

[–] ivn@jlai.lu 10 points 3 months ago (6 children)

How would you?

[–] ivn@jlai.lu 5 points 3 months ago (5 children)

Thanks, nice to have someone knowledgeable.

Would you say matrix is censorship resistant? I've very limited knowledge of it but given what you said I imagine that if I was trying to block matrix I would just need to query the url of the text file and check the DNS text entry, if either exist just add the domain to the blocklist.

[–] ivn@jlai.lu 41 points 3 months ago (7 children)

Being decentralized prevents DNS or IP blocks but not blocks through DPI.

Signal has an option to masquerade it's traffic as regular HTTPS, I don't know if Matrix can do such a thing.

https://x.com/signalapp/status/1821979304626155930

[–] ivn@jlai.lu 67 points 3 months ago

You really shouldn't connect windows 7 to the internet.

[–] ivn@jlai.lu 17 points 3 months ago

But it's not run in a sandbox. I'm not sure where you get this from.

[–] ivn@jlai.lu 2 points 3 months ago

Same, I could not go back now.

[–] ivn@jlai.lu 17 points 3 months ago (3 children)

It build in a sandbox, but it's not run in a sandbox.

[–] ivn@jlai.lu 3 points 4 months ago (1 children)

ISP DNS servers often lies, depending on your country, a lot do DNS blocking so it's a way to evade basic censorship. Also some alternative DNS can lie in useful ways, for adblocking or malware protection. You can also check mullvad DNS.

view more: ‹ prev next ›