… and I can’t even continue the chat from my phone.

  • zoey@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    219
    ·
    5 months ago

    Such is the state of Electron.
    I’m slowly stopping to care about web apps, however the amount of shit Electron causes is through the roof. Discord, Element, Signal, even Steam is full of it, so you just end up having 8 different “programs” running with every single one using at least around 400MB of RAM.
    Can’t wait to see something using Rust and Tauri. Graphite wink wink

    • taaz@biglemmowski.win
      link
      fedilink
      English
      arrow-up
      91
      ·
      edit-2
      5 months ago

      Steam is close but actually not electron, they use CEF - Chromium Embedded Framework which is something Electron uses too under the hood (afair)

      • flubba86@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        5 months ago

        I use a whole bunch of Linux distros at work (CentOS, alpine, ubuntu, debian, opensuse) and a bunch on my devices at home (mint, fedora, nobara, and manjaro), and so far the only distro I’ve seen ship decoupled shared electron libs like you described is Manjaro (and presumably Arch).

    • Blackmist@feddit.uk
      link
      fedilink
      English
      arrow-up
      10
      ·
      5 months ago

      I wouldn’t mind so much if they all just used the same bundle of stuff, and you could install that once, and then the apps were all like 2MB each.

      But no, big fucking bundle of shit, every single time.

      • masterspace@lemmy.ca
        link
        fedilink
        English
        arrow-up
        10
        ·
        edit-2
        5 months ago

        Eh, that’s not the joy you think it is.

        That’s how software used to be distributed and that’s where the terms DLL / Dependency Hell come from and why programs used to not uninstall cleanly and break other programs, etc.

        It’s more efficient, but it’s also brittler and a lot more complex to manage. Conversely, bundling everything together with all its dependencies is a lot easier to manage, and a lot more robust overall, but comes at the expense of storage capacity and network bandwidth.

        • Captain Janeway@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          Would be kind of cool to allow people to choose an install method. As someone who has experienced low bandwidth in rural homes, it would be nice to avoid the waste at the cost of possibly managing chromium versions myself.

    • Killing_Spark@feddit.de
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      I really want to see the zygote approach worked out for electron. It’s working really well for android but with electron there are just too many different versions used by the different programs for that to make sense.

    • alyth@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      5 months ago

      Of the apps you mentioned, I can use Discord and Element in my browser. WhatsApp even installs as a PWA. And Steam games can be launched through Lutris afaik?

      There is no such option with Signal though.

      • zoey@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        14
        ·
        5 months ago

        With Discord in browser, you lose Krisp, RPC ipc socket support (aRPC might work, no clue), and from what I remember screensharing only worked with browser tab capture.
        Element will eat your RAM no matter where it’s running. You could add it as a Nextcloud app to triple your RAM usage! Woo
        And you can’t run Steam games without the Steam client running. That’s how their DRM works. (Unless you use the goldberg steam emulator, which is a whole another thing to talk about)

      • JoeyJoeJoeJr@lemmy.ml
        link
        fedilink
        English
        arrow-up
        7
        ·
        5 months ago

        Using an E2E chat app in your browser necessarily makes the keys and decrypted messages available to your browser. They would have the ability to read messages, impersonate users, alter messages, etc. It would defeat the purpose of a secure messaging platform.

        • alyth@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          5 months ago

          I don’t get it. Who is “they”? Why can’t you fetch the encrypted message from the server and then decrypt it client side?

          • JoeyJoeJoeJr@lemmy.ml
            link
            fedilink
            English
            arrow-up
            8
            ·
            edit-2
            5 months ago

            “They” is the browser/browser maker. The browser, acting as the client, would have access to the keys and data. The browser maker could do whatever they want with it.

            To be clear, I’m not saying they would, only that it defeats the purpose of an E2E chat, where your goal is to minimize/eliminate the possibility of snooping.

            • Socsa@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              2
              ·
              5 months ago

              You realize that your kernel which loads keys into memory can also access all this right? So can anything which shares memory space on the platform.

              • Natanael@slrpnk.net
                link
                fedilink
                English
                arrow-up
                2
                ·
                5 months ago

                The bigger risk is browser exploits, not just who develops it. There’s more attack surface and more ways to exfiltrate data

          • mexicancartel@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            I think the encrypted messages are not saved in the server. You probably have to backup from phone and restore it on pc. “They” is the other programs running on browser

    • rdri@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      5 months ago

      Can’t wait to see something using Rust and Tauri.

      What about sciter?

      • masterspace@lemmy.ca
        link
        fedilink
        English
        arrow-up
        47
        ·
        5 months ago

        Hey now, the three React Native for Windows apps would be very offended if they were stable enough to read text input.

    • lengau@midwest.social
      link
      fedilink
      English
      arrow-up
      15
      ·
      5 months ago

      It’s because it’s an electron app. So in addition to the chat app itself, it also includes a full Chromium runtime. Worse still, the Electron architecture doesn’t really lend itself towards reusing electron itself; this means you might have several copies of the same version of electron on your machine for various apps.

      People complain about the sizes of things like flatpaks and snaps, but tbh the whole architecture of applications is like this these days. Ironically, flatpaks and snaps could help with this because their formats can work decently with filesystem level deduplication.

    • bss03@infosec.pub
      link
      fedilink
      English
      arrow-up
      54
      ·
      5 months ago

      New messages will show on all your devices, but yes, it is intentional that old messages are not available to new devices.

      • scarilog@lemmy.world
        link
        fedilink
        English
        arrow-up
        26
        ·
        edit-2
        5 months ago

        This is because they don’t retain your (encrypted) messages on their servers right? Is this for storage reasons, or more just security philosophy of not being able to access past chats when you login from elsewhere?

        • JoeyJoeJoeJr@lemmy.ml
          link
          fedilink
          English
          arrow-up
          29
          ·
          5 months ago

          This is not entirely correct. Messages are stored on their servers temporarily (last I saw, for up to 30 days), so that even if your device is offline for a while, you still get all your messages.

          In theory, you could have messages waiting in your queue for device A, when you add device B, but device B will still not get the messages, even though the encrypted message is still on their servers.

          This is because messages are encrypted per device, rather than per user. So if you have a friend who uses a phone and computer, and you also use a phone and computer, the client sending the message encrypts it three times, and sends each encrypted copy to the server. Each client then pulls its copy, and decrypts it. If a device does not exist when the message is encrypted and sent, it is never encrypted for that device, so that new device cannot pull the message down and decrypt it.

          For more details: https://signal.org/docs/specifications/sesame/

          • Rin@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            ·
            5 months ago

            That’s for your insightful comment. I’m now going down the rabbit hole of the signal spec :)

        • Fetus@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          5 months ago

          The chat continues on all linked devices from the point in time that they are linked.

          Imagine two people having a face-to-face conversation, then a third person walks up and joins in. The third person doesn’t know what was said before they joined the conversation, but all three continue the conversation from that point on.

          Linked devices are like the above example, if two of those people were married and tell each other every conversation they’ve had since their wedding.

          • JoeyJoeJoeJr@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            ·
            5 months ago

            There is no sharing of messages between linked devices - that would break forward secrecy, which prevents a successful attacker from getting historical messages. See the first bullet of: https://support.signal.org/hc/en-us/articles/360007320551-Linked-Devices

            Messages are encrypted per device, not per user (https://signal.org/docs/specifications/sesame/), and forward secrecy is preserved (https://en.m.wikipedia.org/wiki/Forward_secrecy, for the concept in general, and https://signal.org/docs/specifications/doubleratchet/ for Signal’s specific approach).

            • Natanael@slrpnk.net
              link
              fedilink
              English
              arrow-up
              1
              ·
              5 months ago

              Message logs doesn’t break forward secrecy in a cryptographic sense, retaining original asymmetric decryption keys (or method to recreate them) does. Making history editable would help against that too.

              What Signal actually intends is to limit privacy leaks, it only allows history transfer when you transfer the entire account to another device and “deactivate” the account on the first one, so you can’t silently get access to all of somebody’s history

              • JoeyJoeJoeJr@lemmy.ml
                link
                fedilink
                English
                arrow-up
                2
                ·
                5 months ago

                You’re describing something very different - you already have the messages, and you already have them decrypted. You can transfer them without the keys. If someone gets your device, they have them, too.

                Whether Signal keeps the encrypted the messages or not, a new device has no way of getting the old messages from the server.

                • Natanael@slrpnk.net
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  5 months ago

                  I run a cryptography forum, I know the exact definition of these terms. Message logs in plaintext is very distinct from forward secrecy. What forward secrecy means in particular is that captured network traffic can’t be decrypted later even if you at a later point can steal the user’s keys (because the session used session keys that were later deleted). Retrieving local logs with no means of verifying authenticity is nothing more than a classical security breach.

                  You can transfer messages as a part of an account transfer on Signal (at least on Android). This deactivates the app on the old device (so you can’t do it silently to somebody’s device)

          • eksb@programming.dev
            link
            fedilink
            English
            arrow-up
            3
            ·
            5 months ago

            There is no reason why the message sync that works from phone to phone could not be implemented on the desktop client as well.

        • JoeyJoeJoeJr@lemmy.ml
          link
          fedilink
          English
          arrow-up
          9
          ·
          5 months ago

          Yes, as long as you set up the desktop client before sending the message.

          Messages sent with Signal are encrypted per device, not per user, so if your desktop client doesn’t exist when the message is sent, it is never encrypted and sent for that device.

          When you set up a new client, you will only see new messages.

          See https://signal.org/docs/specifications/sesame/ for details.

    • NeatNit@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      11
      ·
      5 months ago

      Okay, but can’t it be an optional feature? I’d like it if a new device could download message history from an old device by having both online at the same time.

      • randombullet@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        ·
        5 months ago

        Optional how so? It’s a rotating key. Unless you have all of those keys to export into your computer, then you’ll be stuck with the current synced key.

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          5 months ago

          You can still push old message history from your main device to your other devices, you can re-encrypt

        • JackbyDev@programming.dev
          link
          fedilink
          English
          arrow-up
          4
          ·
          5 months ago

          I don’t see why the current key can’t encrypt old messages and send those. I admit I might be missing something obvious though. Maybe something like not wanting to accidentally leak old messages? As in it’s less attack surface or something?

      • stepan@lemmy.cafe
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        It means that if you have chats on one device and install Signal on another one, the chats don’t transfer to it. After you link new device, new chats do sync perfectly fine.

  • Carighan Maconar@lemmy.world
    link
    fedilink
    English
    arrow-up
    60
    ·
    5 months ago

    Signal’s desktop app is as horrendously unusably bad as the project as a whole is good, tbh.

    It’s no wonder people prefer stuff like Telegram. It has native apps and all. Or can be used in a browser. Meanwhile Signal is only used in a browser, but you have to download it and it fucks up font scaling and it shits the bed on font antialiasing and it can’t even get UI design consistent with the OS it’s running on and it won’t even use the OS emoji font.

    Let’s not even mention how you still cannot use Signal on a tablet.

    • PrettyFlyForAFatGuy@feddit.uk
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      Signal’s desktop app is as horrendously unusably bad

      I think this is a bit dramatic. I’ve been using it for years, no problems.

      • tempest@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        5 months ago

        Care to elaborate?

        I use the app from the AUR and I don’t think I’ve had a single problem in 3 years.

        • prole@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          5 months ago

          I’ve recently had an issue where it wasn’t let me paste anything that I had copied from outside the app

    • amelia@feddit.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      And anytime you clicked on a link or image in the chat, you’ll have to click into the message field again (or press Ctrl+t) to be able to type a reply. I don’t understand how this absolutely infuriating thing hasn’t been fixed in years. Is nobody bothered by this? I want to be able to alt+tab into signal and just start typing ffs.

    • voxel@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      5 months ago

      telegram has an “advantage” of not having e2e encryption by default, which makes stuff like sync much easier as chats are fully stored on the server (encrypted with your user password).

      and if you enable encryption (aka start a secret chat), the chat will only exist on the device you started it on and stop getting synced

    • KillingTimeItself@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      it won’t even use the OS emoji font.

      im still amused by the fact that discord mobile uses two yes, you read that correctly, TWO emojis sets, it uses one in app, and the selector, and then uses another for the text input line, because.

  • VeganCheesecake@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    31
    ·
    5 months ago

    For the most part, I don’t care about App Size. Storage is cheap. What I miss with the Signal Desktop App is the option to save everything in an encrypted container.

    • kostas@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      Wouldn’t having full disk encryption achieve most of the benefits of that? In case of someone having access to your unlocked machine what is stopping them from launching the app and looking though it?

      • VeganCheesecake@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 months ago

        Yes, full disk encryption helps against intruders with device access, but not against the files being indexed by other application. My phone is encrypted, but I still use a signal client that is encrypted again.

        • kostas@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          Hm, but wouldn’t such an application be malicious by default? Having protection against attackers on your device seems of out scope for a messaging application, at that point I would consider something like Tails. Though this may be a rare case when moving to an appimage could help matters.

          • VeganCheesecake@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            4
            ·
            5 months ago

            Yes and no. I personally would like to be asked permission for such behaviour, but a gallery application, for example, could have legitimate reasons to index all photos on your system. I personally prefer to manually set the folders it is supposed to index, but that doesn’t seem to be a generally accepted paradigm.

            In general, I see why you need to trust that a system your app runs on is uncompromised to a a certain degree, but measures to potentially limit harm in case it is still seem sensible, especially for an app with a focus on privacy and security.

            • kostas@lemm.ee
              link
              fedilink
              English
              arrow-up
              2
              ·
              5 months ago

              We set the threshold of sensible protections provided by the app (signal) itself differently.

              On desktop having a gallery app, as you say, or running an application like windirstat for example I expect the user to understand that anything stored on device can be “seen” by the app and that, if they dont trust it, having sensitive files deleted or sandboxed might be prudent. Messages are stored at least somewhat encrypted (albeit with the key in a config file) so a random (non targeted/malicious) scan would gt blobs there.

              On mobile due to how opaque the os is I am thankful for the extra encyption and I would consider it a much more critical flaw. On desktop less so. Still I appreciate your point of view and a passkey to encrypt at least messages on the desktop app would be a welcome addition.

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          Am encrypted container doesn’t help if the directory is mounted and accessible or if the key is in plaintext. Also doesn’t help if the process isn’t isolated. You need a bunch of extra measures like using the OS keystore set to only allow the correct program to retrieve the key, keeping secrets only in process memory, etc.

          Tldr it’s a lot of work to do it right. If you do it the simple way like throwing it all in SQLite with encryption active you still leak metadata.

          • VeganCheesecake@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            I have never worked on a properly hardened desktop app, so I don’t have much of a perspective on that, and can definitely see that it might not be worthwhile for the signal team.

            I would appreciate some level of encryption, thinking that it might help with less targeted attacks. I’d also appreciate a Web client, like Threema’s with none permanent sessions. But all that’s, as you’d say in German, “Meckern auf hohem Niveau”, especially since I’m not currently contributing to Signal.

  • philpo@feddit.de
    link
    fedilink
    English
    arrow-up
    27
    ·
    5 months ago

    That’s why I am so happy that I switched to Matrix - selfhosted with Signal and WhatsApp Bridges(amongst others) and now I only need to keep one App on our mobiles, Notebooks,desktop,etc. but I can still communicate with everyone. (we have have a few mixed groups now)

    • Cryophilia@lemmy.world
      link
      fedilink
      English
      arrow-up
      45
      ·
      5 months ago

      Is Matrix another one of those apps that when you click on a download link it takes you to a page full of tech jargon shit like “nightly signed beta configs here, just unjibble the .trag file and recombobulate with a python scrab to mambo directory: AAATGFHHOLLLM56888NGAAA.tar.gz” ?

      Or is it like an app normal people can use?

      • Lazycog@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        21
        ·
        5 months ago

        Of course not,

        with the new encapsulator all you need is to reconfigure your turbomutator to allow electrostabilizer executable to directly read instructions from your self-hosted AI model.

        Who even uses python to scrab anymore? Install podman dude.

        • discount_door_garlic@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          as a big proponent of FOSS I see where you’re coming from - but the reality will always be that apps which have a significant learning curve to even install are obviously hugely off-putting to the majority of users. While the rest of us might be comfortable cloning a repository and building from a tar file, expecting the average person who wants to talk with friends and family to jump through those kind of hoops is exactly what has held back wider adoption of better standards.

          Things like flatpacks and snaps have gone a long way to making this less daunting, but when matrix isn’t a ‘self-hosted decentralised chat’, it’s a *‘version of whatsapp that isn’t always online, and i don’t know where to download it and have to learn what the terminal is to even get it on my laptop’ * - we can’t be surprised people stick with the less secure, private, easy options. That’s why I’m a big advocate of signal - it’s not perfect and part of me wishes it was matrix or threema or one of the other standards, but getting people comfortable with the idea of free and open source software, while making it as simple for them to install on their phone or computer as anything meta makes is a really good first step - in the meantime, it’s up to us in the wider community to make the other solutions more intuitive, simple, secure, and trust that if a good enough job is done of that - they will come.

          • philpo@feddit.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            Sorry,but have you at least read the wikipedia article before writing this post?

            Matrix is a standard. Not an App. Just like Lemmy is.

            There are dozens of clients (Element, Schildichat, Fuzzychat, Beeper) available to download for basically every system imaginable and in all major Appstores.

            You can easily join an existing instance - and with beeper there is even one existing that handles all the bridges for you.

            Only when you self-host it gets more tricky-just like it does with Lemmy(as a matter of fact Matrix is far easier to selfhost than Lemmy). And again there are various distributions available. They aren’t as easy as the clients and not as easy as flatpacks, but someone who has done their due diligence can absolutely handle them easily. (And self-hosting should absolutely not be “as easy as flatpacks/snaps” - the risk for both the admin and the net itself is too high). But again: The average user has little incentive to selfhost. Just like you don’t selfhost your Lemmy instance.

            The Matrix environment is as easy to use as Signal, Threema, WhatsApp for ages now. In some points I would even argue that it’s more user friendly than Signal,btw.

          • KillingTimeItself@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            as a big proponent of FOSS I see where you’re coming from - but the reality will always be that apps which have a significant learning curve to even install are obviously hugely off-putting to the majority of users.

            i think part of the problem is that stuff like matrix is built for a very specific interface. Where as we could build something like matrix, in a different design meta, more akin to something like mumble, which not only greatly simplifies the construction of it, but also greatly simplifies administration of it. The protocol itself shouldn’t innately require an obtuse arbitrary system that makes it a nightmare.

            Anything that is remotely related to “web apps” or web in general, seems to be an utter fucking nightmare these days. I think we need a healthy dose of dedicated native applications.

          • Darth_Mew@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            5 months ago

            elitist because I said they don’t want to read? lol ok … you weirdos get so butthurt over a simple statement

            • ProdigalFrog@slrpnk.net
              link
              fedilink
              English
              arrow-up
              2
              ·
              5 months ago

              Not everyone has the ability or spare time to become skilled in every field. Calling them lazy and illiterate for not learning a complicated thing (when they may already be learning some other complex subject) is kinda the definition of elitism.

              • Cryophilia@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                5 months ago

                Tech bros are so fucking bad about this shit. Doctors too. I’m not an idiot, I fix big industrial machinery for a living, I can rewire your whole house up to code, but I don’t work in tech so I don’t know what the fuck a flapjack api is or whatever.

                • Darth_Mew@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  5 months ago

                  tech bro? wtf does that even mean. maybe stop crying that cOmpUteRs ArE hArD and use your brain

              • Darth_Mew@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                5 months ago

                being able to read and follow instructions = elitism

                please get your head out of your rear end

      • FractalsInfinite@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        5 months ago

        It’s website seems to have had a graphic designer look over it. It seems to do the best of both worlds where you can download the default user friendly client or choose to go down the jargon route if you want to.

    • ealoe@ani.social
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      I can switch to Matrix and talk to the two other users on this platform! Can’t wait!

      • philpo@feddit.de
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 months ago

        Yeah, 115 Million users atm. And as I said - you can easily bridge it to other services so you only use Matrix but communicate with others.

      • alyth@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        4
        ·
        5 months ago

        I’ll give you a little anecdote. I joined a casual server on Matrix recently. Two minutes into the conversation, it turns out the person I was talking to is installing some Linux stuff and watching an episode of classic Doctor Who. That’s two of my biggest interests right there that we immediately connected over. If there are only two users on Matrix, they’re the only two I need.

        • Takumidesh@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          I think the vast majority of people are more interested in talking to people they know in real life.

    • alyth@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      Your post encouraged me to self host Matrix ^^ That’ll be a nice project for the next rainy day

      • Mikina@programming.dev
        link
        fedilink
        English
        arrow-up
        7
        ·
        5 months ago

        I self-hosted it few months ago, and it’s actually surprisingly easy! Someone has made an Ansible script for Matrix with Element and some bridges, that (at least a month ago, IaaC tends to be pretty fragile) worked out of the box on a first try. I just set up some config values (mostly about enabling bridges I want) based on their amazing documentation, and then ran it once and everything is working so far. I even updated it several times already, and every time it was smooth, and it was basically just running a single ansible command. Their documentation is pretty well written, and with my basic cloud, IT and Linux knowledge I had no issues with following it. All you need to know is how to set up cloud VM, get a domain and set DNS, and set up SSH keys to access the server.

        In total it took me about two hours in total, from when I decided “I’m setting up Matrix tonight” without any prior knowledge, looking up my options and finding the ansible script, setting up cloud and getting Matrix up and running.

        I’m renting a VM on Hetzner for like 6$ per month, and it worked without issues so far. I use it for Discord and Messenger, although the Meta bridge does have some problems, for example I didn’t figure out how to message someone with whom I haven’t had a conversation since I set up the bridge, since only then it creates the room for it. But that can be solved by keeping the Messenger app or usign the browser to send a first message, and it immediately shows in your Matrix bridge (and stays there forever).

        • alyth@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          Thank you for sharing your setup, this kind of information is always extremely valuable <3

      • philpo@feddit.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        5 months ago

        Thanks,welcome to the club! It can be a bit “tricky” at times (and I use a container manager,cloudron, meanwhile as I got too deep into the rabbit hole and now host too many things to maintain them myself) but once you get it set up it’s rock solid.

        And I am really optimistic for Element X/Matrix 2.0.

        It’s a great standard.

        • alyth@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          Gonna repeat what I said to Mikina - Thank you for sharing your setup, this kind of information is always extremely valuable <3

  • asparagapple@lemmy.world
    link
    fedilink
    English
    arrow-up
    24
    ·
    edit-2
    5 months ago

    Signal package has Electron (which is built on top of Chromium and NodeJS) + Signal app code and assets. So not surprised that it’s bigger than Chromium.

  • 9point6@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    ·
    5 months ago

    Like I know native apps are always better, but why doesn’t electron ship an installable runtime so we don’t have to have a shitload of inert chromium installs on one machine?

    • thepreciousboar@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      May be, but I don’t think apps use it. Afaik Teams, Discord and such are all epectron apps, yet they have not much in term of dependencies and large install sizes, so they must ship with their own versions.

    • rdri@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      5 months ago

      You don’t understand. This way if some app crashes it will not cause others to crash too.

      This is how google introduced the “multiprocess architecture” of Chrome.

      • 9point6@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        ·
        5 months ago

        You can still have separate processes and everything else with a shared runtime, you just save having all this wasted storage with every application bringing its own bundled runtime.

        .net or Java applications work in a similar way, one Java app crashing won’t take out another just because they’re sharing the same runtime

        • rdri@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          5 months ago

          I’d rather not have frameworks based on web browsers. Programming is not that difficult.

          • 9point6@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            5 months ago

            For most uses of electron I’d agree, but if some engineers are going to use it anyway, I’d prefer the approach I’ve described.

            Programming is not that difficult.

            Learning how to do something in a new language and framework isn’t that tough, I agree, but no one is going to become an expert in something overnight. I don’t reckon many desktop native engineers are choosing electron unless they actually need it, so if you imagine the case of an expert web engineer building a desktop UI, they’re going to do a much better job with their main skillset than something they have just learned.

            • rdri@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              5 months ago

              but no one is going to become an expert in something overnight

              It’s not like they need to become experts. But also that’s actually possible (at least the effects of that), especially with all the AI around.

              • 9point6@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                5 months ago

                It’s not like they need to become experts

                I mean if they would produce a better UI by using their expertise, how would not becoming an expert in the new thing be better? The reality is that the people paying the engineer are going to want the better UX over the benefits of not using electron in most cases.

                But also that’s actually possible

                Respectfully, no it’s not, not with software engineering unless you’re talking about learning a simple library or something.

                If someone can genuinely master something in a day it wasn’t much of a skill to begin with.

                I’ve been in this industry for about 20 years now, I would find it very hard to believe an engineer who says they’ve gone from no knowledge to expert in a new framework/language in any short period of time. I would either assume they’re trying to pull a fast one or more charitably just in the “naively confident” phase of learning:

                especially with all the AI around.

                AI can assist you if you more-or-less know what you’re doing, but a novice replacing proper learning with ChatGPT pairing is going to write some shitty code. I use AI in my role semi-regularly, and in my experience, no model has consistently produced me anything (non-boilerplate) longer than a couple of lines that didn’t need some kind of refactor for it to actually be up to our code quality standards. Sometimes you see them spit out some ancient way of doing things that have been outright replaced by a more modern approach, if you don’t have the experience, you’ll not know any better.

                • rdri@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  5 months ago

                  I mean if they would produce a better UI by using their expertise, how would not becoming an expert in the new thing be better?

                  I failed to understand the meaning of this sentence. It doesn’t make sense to me. Producing a better ui is not even on the table when we are talking ui frameworks and native programming - you use what’s available, and if you are a graphics designer then maybe you should’ve sticked to that instead. Becoming expert in native ui is super cool but I wouldn’t expect such miracles from everyone. Just producing a valid low level code is enough to meet my standards of performance. That’s because those standards were heavily affected by web frameworks existence.

                  The reality is that the people paying the engineer are going to want the better UX

                  And I hoped it would be customers who would pay for a software or a service who would send valid feedback.

                  AI can assist you if you more-or-less know what you’re doing

                  Assuming web devs creating apps don’t know what they’re doing?

                  but a novice replacing proper learning with ChatGPT pairing is going to write some shitty code.

                  Chances are that code would be much more optimized than anything electron/CEF wrapped.

                  to actually be up to our code quality standards

                  Quality standards are great. But seeing companies shipping fixes to simple CSS issues that were breaking some of main app functions made me realize most of them don’t care about quality standards. If that’s how it is and if there will still be a lot of broken stuff across app updates - might as well just go all the way to proper low level languages.

  • leaveWitX@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    5 months ago

    Haha, WeChat is even more outrageous than this. All your forwarded files will be automatically stored again. Your chat records will always be stored on the disk, but WeChat will tell you that the chat records have expired. In addition, it has recently been discovered that every Once you log in to WeChat, your avatar will be saved more than ten times

    • viking@infosec.pub
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      You can actually delete the data for good in both the android and windows software through the interface, and it works. But yeah the amount of data is staggering.

      I’ve got a reminder in my calendar to delete the data on the first day of a new quarter, so this here is accumulated since April 1st:

      image

      • KillingTimeItself@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        “android is good” mfers when they have to manually set a calendar task to notify themselves to manually delete the bloated information for an app that they have installed.

        no shade to you specifically, but it pisses me off how much android users circle jerk over it being better than IOS, even though it’s like, moderately less annoying.

    • Eager Eagle@lemmy.world
      link
      fedilink
      English
      arrow-up
      24
      ·
      5 months ago

      And that’s also a lot for an app that doesn’t have that many binary assets like images or videos. I do wonder what makes up most of these sizes. I see other apps that are arguably more complicated - like AntennaPod - using under 40MB; So I guess it has to do with actual native apps vs cross platform ones.

        • rdri@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          5 months ago

          That’s a very bad way to look at things. Just because I have gigabytes of memory doesn’t mean I want to use unoptimized software.

          • baatliwala@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            And your way to look at things that “all apps must be 20 mb or less otherwise they are unoptimised” is better because?

            • rdri@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              5 months ago

              Because optimized software is better for industry, people, and environment. Also seeing that some menu or window is not an html page but a native element makes my headache go away because I value my CPU cycles (seeing a cursor doesn’t lag when some complex page is displayed should not be considered a weird fetish) and like it when things don’t do stupid unnecessary stuff both visually and under the hood.

              And it could be even less than that depending on specifics.

        • thepreciousboar@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          If developers optimized their apps, we could have phones that are 10x faster than 10 yeara ago. Instead they are the same speed and the same amount of apps fit in the bigger storage, because developers are lazy and use heavy, unoptimized technologies that use 10x the resources

          • RaoulDook@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            That sounds like a problem with YOUR phone. Every phone I’ve bought has been faster than the last. Maybe you have too much bloatware?

            I use open source Android only, will not use a phone with stock android. Bloatware is a non-issue on AOSP unless you do that to your own phone.

  • AllNewTypeFace@leminal.space
    link
    fedilink
    English
    arrow-up
    13
    ·
    5 months ago

    Given that they have a native, non-Electron iOS version, it’s a shame that they haven’t built a desktop macOS version using mostly the same code. (To make it look like a proper Mac app, they’d need different UI code, though even without that, they could build a version that looks like the iPad version with no changes, and it would look no worse than the Electron web-app UI and run an order of magnitude more efficiently.)

    • B0rax@feddit.de
      link
      fedilink
      English
      arrow-up
      10
      ·
      5 months ago

      They don’t even need to built a separate app if they have an iPad app. they just need to not „not allow“ the execution on macOS.

  • Flying Squid@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    5 months ago

    Sadly, it’s the only way I can contact someone to buy a decent quantity of weed in this state. I get less even if I go to a state where it’s legal and I pay more.

    • RaoulDook@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      What’s so sad about it? You have the ability to securely send E2EE messages for free. I’m very pleased with Signal after using it for years.

      If you mean it’s sad about the weed being hard to get / illegal… yeah, I concur. Hopefully Schedule III happens soon and nationwide Medical will be legal.