

and for the users at home playing the drinking game: of course this weird fuck’s been giving dangerously bad advice on privacy lemmy, why wouldn’t he be
I ain’t gonna dig any deeper to find out if privacy Typhoid Mary over here has a uniquely bad gpg setup he loves but if anyone does: that’s another shot
e: also lol @ coming into TechTakes with an account named after the fucking cypherpunks mailing list
exactly, it’s not a problem that’s unique to the web. I’d argue that as an execution environment, the browser has properties that make it slightly easier to catch this class of attack (though as you said, we’re in halting problem territory so there’s no universal check for this kind of thing):
and I do have to emphasize that last bit. I’m not here to praise Proton, I’m here to bury it correctly. if the worst thing you’ve got to say about proton is that an SLA could request a custom JS exploit be sent to your browser, then it’s probably still a perfectly fine service to use if you’re just chatting with your grandma and your drug dealer, depending on your threat model. I’d argue that Proton isn’t suitable for anybody, because the class of attacks they’ve enabled allow for quiet mass surveillance, rather than the motivated (and loud) targeted kind.