@kkarhan@esm@gajim is definitely not libpurple-based. It has its own low-level XMPP lib called nbxmpp. If it were libpurple-based it would probably suck much more for #XMPP :)
Also #ChromeOS supports #Android-Apps and if you don't have administrative privilegues on a machine then consider it insecure and nit trustworthy for yourself as a user!
@kkarhan@esm Not all chromeos devices do. (e.g. ones where apps are restricted by management), and there are still other scenarios where a web app is the best/only way to do it. #ArgumentValid
@kkarhan@esm@hexaheximal That is quite literally a strawman argument. I never mentioned normal windows laptops, I mentioned chromebooks, which don't work that way. Even if it were a windows laptop though, there are ways that they can prevent people from doing that.
This is irrelevant too. Browsers have really good sandboxing nowadays, and on chromium you can even create multiple profiles within the UI. The reality is that, as long as the client-side code can be trusted (reminder that you can self-host element and/or cinny if you don't trust it - I've done that before) as well as the browser itself, it's about the same in terms of security.
everytime something that could've been barely Megabytes as an #AppImage, #FlatPak, #Snap or Kilobytes as a #CLI tool instead shoves yet another entire half gig copy of the #Bloatware-#Browser that is #Chromium onto the Desktop despite using not even 0,1% of it's featureset
I call this a systemic failure in Software Architecture.
Browsers are the most attacked applications on #Linux beyond CMSes and Webservers...
@kkarhan@esm@hexaheximal if you care that much, write your own native app. Problem solved. The reality is that nobody cares - most important things nowadays are either a web app or a wrapper for a web app.
@hexaheximal@esm@hexaheximal ...and even if we think local #WebApps are a legitimate way to handle sensitive comms - they ain't but let's just assume they are for the sake of argument - WHY would you do anything beyond a .desktop file that includes startup parameters for #Firefox (or even #Chrome if you're that kind of Cyber-Masochist!) that specify the browser, and the file to load.
Because any good #WebApp should be reduceable as #HTML5 + #JS6 + #CSS3 and measured in kB or maybe a few MB.
It's easier to audit a small, native app and even sandbox it into a single user that has literally 0 privilegues because a higher layer that doesn't allow said user to interact with it constricts it.
Thats's literally done with [#Webservers and #Databases where they're run as dedicaded users which have no privilegues excpet their own use-cases
@kkarhan@hexaheximal
Ok, the Gaslighting seems to be a issue of the federation...
On our server it looks like the order is: Posted, Edited, Answered.
But that doesnt mean that its the same Order for mstdn.social or even in both of your clients.
I know you both wont agree and you dont need to agree, thats fine. I rather suggest to both of you that you keep in mind that Federation has latency, Edits could easily missed and also certain Clients dont display Threads in a intuitive way.
And just to mention, even if it is Gaslighting, it needs more than just once in a heated discussion so that i take actions.
I've even looked at the network requests while using protonmail, and the messages are indeed encrypted. However, the subject and other metadata is not. Unfortunate, but understandable considering it's PGP, which does not encrypt metadata afaik.
@experiencer matrix protocol development seems to be focused almost entirely around the element client, to the point where the existence of other clients seems like an afterthought
Add comment