Practical experimentation

It is.

Also not a doctor so don’t ask how I know.

Please make sure to do B, C, D and E as well.

So what. I’m sleeping, remember?

Obviously next to House. He wants his seat neighbors to stfu and let him sleep. I want the same. It’s perfect.

Definitely, yeah

• German (native)
• English (pretty well I hope; half my working life and almost all my free time spent on the internet, shows, books,… has been happening in English since, like, 8th grade)
• Japanese (learning; enough for talking about food, the weather, hobbies,… in somewhat acceptable grammar 😄)

Chat is this real?

Huh - you’re right. I went back to Signal’s X3DH spec because I was sure I was right, but it seems I misremembered how the “prekey bundles” work: Users publish these to the server, allowing (in my original assumption) for the server to just swap them out for a server/attacker-controlled key bundle for each Alice and Bob.

However, when Alice wants to send Bob an initial message and she gets a forged prekey bundle, Bob will simply not be able to derive the same key and communication will fail, because Bob knows what his SPK private key is, while the server only knows the public key.

A compromised server would allow the server to man-in-the-middle all new connections (as in, if Alice and Bob have never talked to each other before, the Server/Eva can MITM the x3dh key exchange and all subsequent communication). That’s why verifying your contact’s signatures out-of-band is so important.

(And if you did verify signatures in this case, then the issue would immediately be apparent, yes.)

Edit: I was wrong. See below.

That’s why safewords should be passphrases! /s

Hold on, actually no, not /s

Jitsi is a group (video) call tool. It’s not even close to resembling a Discord alternative. And I’m saying this as someone selhosting Jitsi and evangelizing it whenever I can.

Is this some sort of public tracker issue I’m too private trackers and Usenet only to understand?

Funny, I’ve also already read that 😄 Good blog and article.

What blog?

It’s a very steep curve to start, with some additional minor steep parts along the way, but it’s not a long curve. Once you got the core concepts and the basic language constructs, you’ve learned most of what you’ll ever need.

Two nice resources: search.nixos.org is super handy, and you can search GitHub with language:nix and a search term to get tons of examples from other people.

Oh, and nix and just is actually a pretty common combo!

Yep, exactly.

To be fair, if you use Debian, Arch, Fedora,… long enough, you also know how to tweak your machine for every purpose. In Nix, it’s just somewhat of a self-fulfilling prophecy, because you have to know how to tweak your system to achieve… anything, and then it’s the same tweaking mechanics for every other purpose as well.

My Steam Deck also runs NixOS.

Because this way I can much more comfortably configure it, plus everything game related I automated through nix for my Desktop (e.g. mod installs, reShade config,…) immediately and without any extra steps also applies to the Steam Deck.

https://github.com/Jovian-Experiments/Jovian-NixOS

Yes. Everything is NixOS. Because it’s perfect for everything.

Ha, thanks, I’d already read that. And I do, mostly, agree; the OMEMO implementation is not great both from the security perspective discussed in the post, as well as the UX (not being able to decrypt old messages on new devices at all).

That being said, I primarily want a selfhosted, federated messenger which also takes privacy and security seriously, and at least for the former, XMPP is really refreshingly good.