An #E2EE messaging app unaffected by #ChatControl

* App: https://chat.positive-intentions.com/
* Code: https://github.com/positive-intentions/chat
* Reddit: https://www.reddit.com/r/positive_intentions

How it works: https://positive-intentions.com/docs/projects/chat

TLDR: I'm working on a #P2P messaging #webapp. Webapps are generally not considered secure because of the nature of serving statics over the internet. This is correct, but not a limitation of this project. (#selfhosting options: https://positive-intentions.com/blog/docker-ios-android-desktop).

As a webapp, I can provide the app with zero-installation and no-registration. The app is only using (local-only) browser storage (specifically #indexedDB). So in a P2P interaction, the traditional concept of "the cloud" is just the physical devices connected over #WebRTC. This allows for things like P2P authentication: https://positive-intentions.com/blog/security-privacy-authentication.

Future:
I'm aiming to create the most secure messaging app out there... (more than #Signal, #Simplex, #threema, #session, #deltachat, #bitchat, etc). I know I have a long way to go to get there. The UI is fairly ugly for the average user, but I think the mechanics are working as expected. I think #JavaScript is underrated in what you can do with it. I'm actively investigating improving the #encryption approach further to align to how the Signal protocol works (currently using a #DiffieHellman key-exchange).

Support:
In the age of #ChatControl, I would like to keep this project #opensource, but open-source funding is not working for me. I don't want your donations (but don't let that stop you) because it isn't sustainable for a long-term project. I have so far only experienced grant-funding rejections. I have no idea what I'm doing in trying to get funding for this project, so any support/advice is appreciated. In recognition of the project in its current state not being able to get funding... (sorry) I will have to go #closedsource (which I'd like to avoid because it undermines several #cybersecurity claims I'd like to make). I don't accept collaboration on the project because this would make tough decisions like going closed-source also immoral.

After thousands of articles on how insecure open-source software is, why do the large-scale hacks seem to target closed-source software? I guess it will remain a mystery.
#cybersecurity #closedsource
https://www.bloomberg.com/news/articles/2025-07-21/microsoft-server-software-comes-under-widespread-cyberattack

You have to see it to believe it!

Die Auftragsvolumina für proprietäre amerikanische Softwarelizenzen des Bundes sind schon lange außer Kontrolle.

Die Ausgaben für Oracle-Software sind besonders unverhältnismäßig hoch, was zu dem Schluss führt:

- Vendor Lock-in wird teuer bezahlt
- Keine erkennbare Strategie zur Kostenreduzierung (z.B. durch Umstieg auf OSS-Alternativen) sichtbar
- Angst vor Veränderung und Verantwortung

Citrix Netscaler schon wieder sehr hohes Risiko

Die Produktlinie NetScaler begann als Marke der US-Firma Citrix. Inzwischen sind beides getrennte Marken unter dem Dach einer Firma mit Namen Cloud Software Group (CSG). - Aktuell gibt es Warnungen vor drei Sicherheitslücken in mehreren NetScaler Produkten. Die schlimmste der Sicherheitslücken, CVE 2025-5777, wird mit einem Risiko von 9,3 (von 10) eingestuft. Oder sollte man sagen Hintertür? Die Sicherheitslücke beruht nämlich darauf, dass Eingaben nicht ausreichend geprüft werden ("insufficient input validation"). Ah, ja.

https://www.pc-fluesterer.info/wordpress/2025/06/25/citrix-netscaler-schon-wieder-sehr-hohes-risiko/

Reading this article by @stefano with great interest.

Many things can be learned here.

#Apple #iPhone #ClosedSource #OpenSource #iMac #Mach #kernel #SteveJobs

https://my-notes.dragas.net/2025/05/14/apple-devices-reliability-question-20-plus-year-user-retrospective-updated/

This is one important reason why you should rip yourself away from closed source underlords

The destruction of your privacy by ripping your adblock extensions a new #rsehole

I stopped using Alphabet's google chrome 100% before this came into effect

It wasn't just 30 million people using this extension by the way it was much much more (close to 300 million users?)

@mozilla @Timpostma @stefano

"pitfalls"

TechCrunch: Some startups are going 'fair source' to avoid the pitfalls of open source licensing

https://techcrunch.com/2024/09/22/some-startups-are-going-fair-source-to-avoid-the-pitfalls-of-open-source-licensing/

OpenAI Quietly Scrapped a Promise to Disclose Key Documents to the Public - From its founding, OpenAI said its governing documents were available to the public. When... - https://www.wired.com/story/openai-scrapped-promise-disclose-key-documents/ #business/artificialintelligence #closedsource #business

One Less Binary Blob - Open-source software has gone a long way into making modern technology the way it ... - https://hackaday.com/2023/12/07/one-less-binary-blob/ #softwarehacks #closedsource #proprietary #binaryblob #opensource #espressif #firmware #wireless #driver #esp32 #wifi

»Zeiten ändern sich:
Microsoft hilft bei Linux-Installation«

Nun ja, M$ hat Windows schon über ein Jahrzehnt nicht mehr intern als erstes prio Software & Produkt ihres Unternehmens deklariert. Außerdem ist die Diskussion um Win & M$, für oder gegen Linux nichts neues und Werbung. Außerdem ergibt Linux auf Win viel User-Nutzung-Einblick für M$ & Dienste.

https://www.heise.de/news/Microsoft-hilft-bei-Linux-Installation-9333190.html
—
#linux #windows #microsoft #winos #win #opensource #closedsource #business #oss #os #sicherheit #itsicherheit #it

#Introduction #Welcome

Please repost for visibility, so I can find people with similar interests. Like or comment for me to take a look at your profile, and possibly follow.

Likes/Interests: #Programming #Technology #OpenSource #FreeSoftware #FOSS #FLOSS #Fediverse #OnlineFreedom #Privacy #Anonymity #Anonymous #InfoSec #CyberSecurity #Manjaro #Linux #Science #Socialism #HumanRights #SocialJustice #MultipolarWorld #Programming #Python #Golang #Rust #RetroGaming #Gaming #SelfHosted #TechNews #Matrix #Youtube #Movies #Anime #Hentai #Erotica #Futurology #AI #Singularity #Fitness #Health #Collapse #ClimateCrisis #Audiobooks #Books #Fantasy #SciFi #StarWars #Fanfiction #Conspiracy #CriticalThinking #Cooking #DataHoarding #Piracy #FileSharing #Meshnet #Decentralized #Distributed #P2P #PeerToPeer #IPFS #Zeronet #Freenet #I2P #Tor

Dislikes/Disinterests: #Music #Memes #Sports #Coffee #Animals #Cats #Dogs #Nazis #CIA #NATO #UsEmpire #Oligarchy #Plutocracy #Kleptocracy #Imperialism #Fascism #Racism #Capitalism #Billionaires #Woke #Wokeism #Liberals #Democrats #Republicans #Conservatives #BigTech #ClosedSource #Microsoft #Discord #Copyright #Censorship #WesternMedia #MaintreamNews #OfficialPropaganda #Surveillance #PoliticalCorrectness #SurveillanceCapitalism #DRM #DataMining #FakeNews #Misinformation #Disinformation #EchoChamber #FilterBubble #CorporateMedia #Consumerism #Materialism #Overconsumption #PlannedObsolescence #FastFashion #Waste #EnvironmentalDegradation #Gentrification #Inequality #Neoliberalism #Globalization #FantasyFootball #Apple #Tech #BoardGames #TTRPG #DnD

Best to worst: #fopnu #nicotine+ ( #soulseek ) #aMule ( #edonkey2000 #ed2k ) #EiskaltDC++ ( #dcpp ) #gnutella #Shareaza #qBittorrent ( #BitTorrent #torrent )

My dream social media platform. What do you think, what are the most interesting ideas, what other features would you like to see, how would be your perfect social media platform?

_Dang_ this is... legitimately dangerous.

Bambu X1C and P1P started printing while owners were asleep

https://www.theverge.com/2023/8/16/23064592/bambu-print-asleep-cloud-outage

Well done, #Ubuntu - with Ubuntu Pro, you've finally achieved your walled garden. Delightful move that you've walled in some key packages (such as ImageMagick) that many people rely on but probably don't even know they are there. Force-installing snapd - a virus I've spent many hours trying to extirpate - is the real bubblegum in the hairdo.