I don't get it, are you really arguing that Russia and Venezuela are blocking Signal to protect their citizens from American snooping?
ivn
joined 1 year ago
Telegram is not secure, I guess if you can listen to it better not block it.
I mean, that's not specific to Matrix. Telemetry is the tool used to get the numbers, so I don't see how you would collect numbers on servers that don't report numbers.
Maybe I've misunderstood how it works. I thought that when connecting to a matrix instance you would point to the domain name and the text file would be on a standard location (as with /robots.txt or all the files in /.well-known/) so it would be easily discoverable. In fact I just checked and matrix does use /.well-known/ so one should be able to identify matrix servers by querying these URLs. Unless their is a way to use a non-standard location, but that would require further configuration on the client I guess.
And just to answer your question, the only way to find some hidden file would be to brute force. This could obviously be extremely time consuming if the URL is long and random enough, especially if you add rate limiting (this last thing could be circumvented by using multiple IPs to scan, which would be easy for a state actor).
Edit: I've just realized I wasn't answering to the same person, the first part of the message was more for @[email protected]
How would you?
Thanks, nice to have someone knowledgeable.
Would you say matrix is censorship resistant? I've very limited knowledge of it but given what you said I imagine that if I was trying to block matrix I would just need to query the url of the text file and check the DNS text entry, if either exist just add the domain to the blocklist.
Being decentralized prevents DNS or IP blocks but not blocks through DPI.
Signal has an option to masquerade it's traffic as regular HTTPS, I don't know if Matrix can do such a thing.
-
Privacy Badger stopped using heuristic 4 years ago because it could be used to fingerprint you.
-
Cookie autodelete simply does not work with Firefox's Total Cookie Protection, which is enabled by default.
As of Firefox 86, strict mode is not supported at this time due to missing APIs to handle the Total Cookie Protection. Also as of Firefox 103, standard mode has also enabled Total Cookie Protection. Use 'strict' mode if using pre-86, use standard mode for versions 86-102, or from version 103+ use the custom configuration and set cookie to 'cross site tracking cookies' option (not the cross-site cookies).
https://addons.mozilla.org/fr/firefox/addon/cookie-autodelete/
You don't even need an extension to automatically delete cookies, just enable privacy.sanitize.sanitizeOnShutdown and privacy.clearOnShutdown_v2.cookiesAndStorage. To add an exception: Ctrl+I>Permissions>Cookies>Allow.
Check Arkenfox's extension page and the section about sanitizing on shutdown.
The fork was 11 years ago, so a lot. So much that they are considered different engines now.
Wow, you are really confused. The argument about the functionality being already implemented by Firefox was about https everywhere. This has nothing to do with adblocking and it does break some sites (the one still not using https) but you can still access them with a click.
My question was more about the motives in this case.