this post was submitted on 21 Aug 2024
152 points (94.7% liked)
Technology
58303 readers
15 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
How is it a lot harder to track if the FBI can just subpoena the sysadmin for server/room logs?
With respect, this viewpoint is not defensible from an operational security perspective.
It’s like saying they should use GMail because they have hundreds of millions of users. When the problem isn’t being a needle in haystack, but rather the fact that Google will gladly look through your private data and happily hand it over to the authorities.
If you’re a drug dealer and the FBI sends you a subpoena—you could simply….not respond.
There is actually a bunch of metadata tied to your account and your room. That’s partly how they caught that kid with the Pentagon leaks.
And again, there may be other services between the clients and the matrix server that collect personal data (e.g. reverse proxies, load balancers).
—
If you are someone who ostensibly cares about privacy and security (like a drug dealer) why would you rely on the benevolence and security hygiene of a stranger you can’t audit? Instead of using a known good actor, like Signal or SimpleX, or no actor, like Briar.