HackerTrans
TopNewTrendsCommentsPastAskShowJobs

therealtbs

no profile record

comments

therealtbs
·5 lat temu·discuss
It's getting press because it is siphoning off the page contents which include the names of files you have stored. It is quite a different scenario than just loading an image through an img-tag (which can be controlled through things like Referrer-Policy these days)
therealtbs
·6 lat temu·discuss
Yes, everyone is in complete hysterics exactly because Facebook is evil (by the definition "harmful or tending to harm" (OED) or "morally reprehensible" (Merriam-Webster)). Just remember the recent(-ish) Oculus controversy, where they forced everyone who bought their hardware to sign in with Facebook and in some cases (soft-)bricked users devices because their Facebook accounts did not have enough activity [1]. Especially because Palmer Luckey (founder of Oculus) when answering questions about the acquisition in 2014 said that Facebook would not do such a thing [0].

I personally am scared because the language being used here is not at all specific to the scenario mentioned here ("hosted clients"). I understand that anything more specific would probably be rejected by their legal team. I am afraid that some 5 years down the line they'll be able to do something worse without notifying users because the TOCs and privacy policies are written in this ambiguous language.

Regarding alternatives, I can't really speak on the security/privacy of any of them but from what I can gather, Matrix does have E2E-encryption functionality [2] so I'm not quite sure how it is less secure than Signal (provided you host your own server and/or have a reasonable degree of trust in the server-operator of your conversation-partner).

[0] https://www.cgmagonline.com/2020/08/19/oculus-founder-facebo...

[1] https://www.eurogamer.net/articles/2020-10-15-oculus-quest-2...

[2] https://matrix.org/blog/2020/05/06/cross-signing-and-end-to-...