You mean text editing after sending? I would definitely not consider that a “basic” feature - we are talking about E2EE here, editing a message that you already encrypted locally and then sent on its way is by no means trivial - especially with the kind of E2EE that we have nowadays.
It actually is super easy, barely an inconvenience. When you edit an E2E encrypted message, your client simply sends another E2E encrypted message telling your contact what to replace your previous message with.
As i understand the current consensus on Spinosaurus:
• it walked on all fours, not on two legs.
• it was probably similar to a giant croc as is mouth is design for catching fish.
• the tail looks like it could be used for swimming, but didn't have the muscle attachments for croc/gator tail swimming.
• which is weird because that should put it in an ideal situation to give fantastic skeletons(similar to the duck billed dinosaurs), but we barely have any. Worse is that the most complete skeleton was destroyed by allied bombing in WW2.
• and all of that raises the question of what the hell was the sail for. Since that doesn't make sense on an aquatic ambush predator.
• moreover, the sail wasn't a one-off, but a feature of half of the spinosaurids, so it was selected for. So it served some useful purpose.
In birds this sort of seemingly bad adaptation is usually related to mating. Like male cardinals being bright red or a peacock's tail. An fragile and energy-expensive appendage like that would be very indicative of the health of the individual, especially because it would get damaged pretty easily.
Or hell, maybe they used it to shade the water to see fish better. Or they used it to absorb heat from the sun to stay active in cool water. Or it helped them see other members of their species from a distance. I love mysteries like this!
RCS is an open standard. However, on Android you can only use it with Google chat. So android stops any other apps from using it. Nothing to stop you making your own phone from scratch and adopting it.
Samsung messages app also supports RCS, depending on your carrier, though? It’s super fucking buggy and frequently switches back to sms so I still switched to Google messages, but it does technically have it.
That was the time when all the apps were standard XMPP. It didn’t have proper encryption back then. WhatsApp is still XMPP nowadays, but excluding federation and non-standard implementation on Meta servers and so on
Sure, but now you show me all the clients that supported OTR back then 😜 - or now, for that matter. Besides, OTR doesn’t work in multi user chats. OMEMO does, and support for it is still not exactly widespread…
Most popular clients supported OTR back then… Pidgin, Gajim, Adium, bitlbee, Psi, you name it.
And that’s at a time where absolutely no one did E2E, even SSL wasn’t a given.
Yes OTR* doesn’t do group chat, but now you’re just moving the goalpost.
*There has been a proposal in the works for years and years, but OMEMO stole a lot of it’s traction, and the last nail in the coffin was the arrest of Ola Bini in Ecuador as he was one of the main contributors.
You seem to not get that OMEMO is directly based on OTR.
It also powers the communications / presence on many gaming avenues as well like Fortnite, League of Legends, & whatever Nintendo is using for notifications + online status (assuredly a lot more games).
XMPP is old, stable, & massively scalable for industrial applications – while maintaining decentralization + efficiency & allowing for extensibility like OMEMO encryption which is covering most folk’s chat use cases. Since the XMPP foundation don’t put budget into marketing & hype, a lot of folks weirdly assume it’s dead or not being used. It’s strange to me how folks seem more interested in RCS & Matrix despite their histories/ownership/flaws rather than embracing what is already good.
We can start it up again. Time to nudge in the next Lemmy AMA to allow XMPP addresses alongside Matrix. You’d be surprised how little things like that can nudge adoption & pique curiosity.
Yeah, XMPP is great and all, but the client side is a big old mess, everything is full of friction and missing support for feature xyz. Have you tried using XMPP on iOS?
Conversations compliance test has brought most clients into an acceptable base to where most basic chat/audio/video needs are met, so if you are comparing older legacy clients then the experience will be different. The XEP system means everything is optional & can be pitched by making a spec & seeing who uptakes the idea. It also means the bar to create your own server is absoluetly minimal since everything is an extension which means you could build one in a weekend which is great for those learning to code since the barrier to entry is extremely low if Conversations isn’t the goal.
IDGAF about Apple since you have to have a wad just to publish an application on their proprietary store & the EU didn’t do a good enough job so it’s expensive to open alternative stores like F-Droid while also being antagonistic towards sideloading as well as PWAs (not to mention needing to buy their overpriced hardware to build/release applications). Heck, you can’t even publish a GPL-or-similar-licensed app on their store. This is a giant slap in the face to free/ethical software developers & probably why the clients aren’t in a good state; if you aren’t trying to make money, why would you develop in an ecosystem that is entirely hostile for you to develop in?
I actually tried pidgin maybe 6 months ago just for kicks if it could handle whatsapp, signal and telegram, and whaddaya know, it could. It was ugly as hell, but it could be done.
For whatsapp, my experience with Pidgin was terrible. Stickers had to be downloaded as photos, group chats would only show up once someone sent a message, contacts would only show as the full international phone number, all existing chats were horizontal tabs, like a browser.
It sounds like your problem is with the way providers handle email and not email itself. Email is actually a really nice protocol. It’s got so much fault tolerance built into it. I could take my servers down for 24 hours, and none of my customers would miss an email.
Yes, there is definitely a spam problem, but overzealous spam filters are not the fault of email, they are the fault of email providers.
As much as I hate Gmail, at least they are pushing for everyone being required to use SPF and DKIM. That alone will eliminate a huge portion of the spam problem.
Also, email isn’t the only protocol with a spam problem. I get so many spam messages on SMS, Facebook (back when I used it), Telegram, etc. Basically anything that allows someone to send a message without two-party consent first (like scanning each other’s QR codes) is going to have a spam problem if it’s popular enough.
It sounds like your problem is with the way providers handle email and not email itself.
No. Providers handle mail this way because they have no choice to do so.
You are stuck between two major Issues.
On one hand you can have your anti-spam very lenient and receive pretty much everything. But if you do you will get more phishing and malware ridden mails. So the users will be exposed to one of the most dangerous vector of infection.
On the other hand you can have a super aggressive spam filter but some mail will be dropped. Whether an email notifications or the contract of the year for a business. It’s no matter. It might never be delivered.
And since we have to block millions of spam mail everyday we have to block them silently because if you respond to certain malicious SMTP server online they will just spam you.
In reality businesses are used to email so that’s what is commonly used.
But it’s far too unreliable to communicate with clients of that business. You can’t just have an important contract sent as an attachment by mail with some chance that it will be silently dropped at some point.
The simple fact that you can send an information to someone by email and it might be silently dropped without you ever being aware of it should IMO have led to the conclusion that it should never be used for anything remotely critical.
If it’s important it shouldn’t be an email. The reality is millions of dollars worth of business conducted solely through email conversations. And also a very lucrative business of spam.
Even businesses are often spammers or as they may call it “gray mail”.
No email providers will guarantee you a 0% fault spam filtering.
Not Gmail either.
As much as I hate Gmail, at least they are pushing for everyone being required to use SPF and DKIM. That alone will eliminate a huge portion of the spam problem.
It’s a good thing Gmail does that but it helps only their users right now (since February’s changes). If your business communicates with thousands of small domains on small providers it will take another decade for every SMTP server to fix their s***. And even then there will still be spam.
What’s the difference between a spammer going through all the hoops of creating a mail domain and a new business ?
Not much. Both mynewlegitEmailDomain.com and SpammerWho UnderstandsDNS.com are essentially the same for a spam filter.
They both would have “legit DNS records” but would both have trouble sending mail to Gmail at first.
Because Gmail cannot know if you are a spammer that setup a new disposable domain or a serious actor in email that just wants to communicate with you.
Truthfully Email is a terrible protocol that cannot be fixed with yet another layer of duct tape. You will never have any guarantee your mail is delivered. There is plenty of communication systems that’s will tell you it’s delivered or not.
Again, your problem is with the way providers handle email. It would be perfectly possible to deny email that’s flagged as spam, then the sender would get a bounce notification. “Dropping them silently” (which actually means accepting them and delivering them to a spam folder in this context) is a choice that providers make. It’s already general practice to deny email from an IP address that’s been blocklisted.
Also, spammers aren’t going to spend the money to buy and set up domains if each one is blocklisted before it makes a profit. My own email service will mark something as spam if it fails FCrDNS, SPF, and DKIM. Gmail went one step further and doesn’t even consider FCrDNS.
And again, any communication method will have a spam problem if it is popular enough and it allows non-two party consent messaging. Email’s popularity is the reason it has a spam problem, not its protocol design. And any distributed system cannot guarantee delivery. If my server tells your server it’s delivered, you just have to trust it, no matter what protocol you’re using.
By dropping silently I meant really litteraly. If you answer to SMTP commands, you are not silent. You essentially say a spammer server that you are a valid target and that they can go on.
It’s not even a question if spammer buy domains to spam. It’s well known and the reason why commercial products provides a feature to filter too fresh domains.
There are procedures to “warm-up” an IP if you are a large provider and if you don’t do it and attempt to send a lot of mails to Gmail this will not work. It’s not just about DNS records. You could have donne everything perfectly DNS wise and still be blocked by Gmail servers.
You should take a look at the requirements of Gmail for large providers. As far as I recall Gmail does check FcrDNS since last month. On top of more requirements for authentication.
Still you can’t just buy an IP, a server, set MX, SPF, DKIM, DMARC, ARC?, FcrDNS and expect large amounts of mail to go through right away.
And again, any communication method will have a spam problem
The major issue here is that anybody can send any email to whoever. Most communication apps won’t let you do that certainly not like emails.
You can’t open WhatsApp and start spamming the whole world. You basically can only do that with phone calls and emails ?
So no, SMTP/IMF has rotten foundations. No matter how many (optional) protocol you add on top, it will always be such an hassle to maintain and there will be always people who can’t afford that much effort.
Small businesses having to set that up just to reach Gmail is a big problem that they usually externalize with Outlook365 and so on.
Again, Gmail calls the shots because they are the leader. But on paper my fully unauthenticated mail from Barack.obama is perfectly RFC compliant and legit. These protocols that are essential are optional at the end of the day. They became virtually mandatory because of the spam issue and Gmail pushing in the (right) direction because they have leverage.
I don’t see your issue with dropping a connection before issuing any SMTP commands. Your problem is with not being able to determine delivery status, right? If your server never even gets to send the message, then you know with 100% certainty that the message wasn’t delivered. And if it’s denied, you know with near certainty that it wasn’t delivered. (I don’t know of any servers that will issue a hard deny after receiving the message and then still deliver it, but that’s technically possible.)
I have read Gmail’s requirements, and I’m familiar with IP reputation. I didn’t mean that they don’t check FCrDNS, I meant that only having that is not enough. They now require both SPF and DKIM. Whereas my service will still accept your messages and not automatically mark them as spam if you only pass FCrDNS.
Generally if you’re getting your emails denied right off the bat, it’s because your IP or the block your IP comes from already has a bad reputation (basically any IP a cloud provider will give you). But yeah, you don’t want to spin up a server on a brand new IP and start firing off 10,000 emails a day, just like you said you don’t want to fire off 10,000 messages a day on WhatsApp. That’s a bad idea for any platform.
WhatsApp is not distributed, nor is it an open protocol, so that’s right out. It will never be the standard.
Gmail only calls the shots for Gmail users. If you never interact with Gmail users, you don’t have to obey any of their requirements. Like imagine a system that you’ve set up to receive notification emails from your own servers. You don’t have to obey anyone’s rules.
Your spoof mail may be perfectly valid for the base ESMTP spec, but there is not one single email provider on the planet that only considers that spec. Email isn’t just one spec. It’s a system that’s made of many specs and common practices, some required, some de facto required, and some optional.
I get paid way more than my coworkers, and even my supervisor, because when I got hired I immediately made a bunch of random tools in google sheets that only I know how to maintain, and spread them around until everyone was using them. Before long, I was essential to my department, and praised for going “above and beyond” even though I was mostly just dicking around making the tools rather than doing my actual job.
I have 0 coding experience, so the tools are absolutely horrendous behind the scenes, but that just means that they break pretty often, and people are reminded that only I know how to fix them. So, when I went looking around on LinkedIn for other offers after a few years, I eventually got one that was paying way more since it was in a major metro area, and I took it back to my manager to negotiate a 50% raise and a full-remote designation that virtually nobody else in my office is given.
You don’t get ahead by working hard, and you don’t get ahead by working smart to benefit the company, you get ahead by working smart to benefit yourself. Think about it this way - if you’re at the store to buy bananas, and you see that they’re selling bananas for $0.05 ea, you’ll likely think “Wow, that’s a great deal!” and buy a bunch of those bananas at the $0.05 price. You’re not going to pay them the price you think would be fair for a banana, you’re going to take advantage of the price you’re allowed to pay so that you can save money. Your employer sees you - working for less than you’re worth - as a $0.05 banana. You’re nothing more than a cheap commodity they were lucky to snag on sale.
As long as you can get constant raises who cares about a promotion? If you got your job nailed down so much you only need to work like 5 hours a week and from home while getting raises I would turn down any promotion.
It’s one good thing to have on a resume, sure, but another is the skillset itself. For example, I work with a highly specialized software, so I frequently get messaged with interview offers on LinkedIn because I show up every time employers search for that specific software.
I turned down the promotion they offered me. It was significantly more work, required me to come back to the office, and only offered a 10% pay raise. It doesn’t matter where your “standing” in the company is - if you’re indispensable, you can fight for good pay even outside of managerial roles.
You don’t get ahead by working hard, and you don’t get ahead by working smart to benefit the company, you get ahead by working smart to benefit yourself.
There is a bit too much “my situation fits all” here. Startup vs big corp, private vs government, thoughtful management vs not, etc. Other people will also recognize this mentality. Can’t say “eat the rich” because they only do what’s good for them, then do the same (yes, that’s extreme).
You should benefit the company, and they should benefit you. I take your point to mean this equation should be balanced (which unfortunately it usually isn’t), vs the specific words above.
That’s a fair point. You’re correct that my point is that the equation should be balanced, but you’re understating the reality with the statement “unfortunately it usually isn’t.”
I put in 4 hours of work last week, though my employer thinks I put in 40. In those 4 hours of work I started and finished a project for the company that will earn over $100k in gross profit. It ended up being almost exactly 1.5x my yearly salary. Just by putting in the absolute minimum effort I’m already earning my company more in a week than they pay me in a year. And I don’t even work for a large company. I’d imagine corporate giants have an even greater divide.
I’m not responsible for worrying about whether I benefit the company; most companies have gotten so good at maximizing profits while minimizing costs that even the most layabout worker earns them significantly more money than they cost to employ. My only thought is about how I can do as little as possible while still ensuring management continues to think I’m being productive.
People really need to consider the pedigree of the guy who created this company and how willing he is to walk away from a company when it becomes unprofitable. Eric Migicovsky sold Pebble when it became unprofitable, promised that people would still have their jobs as devs, and at the last minute, the sale didn’t include their jobs, so everyone was left fucked out of luck and with no job. Also, the fact that he has zero long term plans for how to keep fighting Apple for iMessage access after he used a teenagers reverse-engineered code to make a standalone Beeper iMessage app which Apple promptly broke after only days. If that’s as far ahead as he was able to “plan” in regards to that, it speaks to his weakness on having a long-term business plan. Lack of realistic long-term business plan coupled with how badly he fucked over the developers when he bounced from Pebble screams “Don’t trust this.”
Wait a moment it is actually march. How about the DSA against Gatekeepers from the EU? I thought we are all able to communicate to every messenger from the messenger we chose.
Gatekeepers like WhatsApp need to open their platform, but the other app developers need to attach to those provided connections. And so far Signal and Threema already announced that they will not use the opportunity.
slrpnk.net
Oldest