Étudiante en études féministes
Feminist studies student
Wish lists update!
Humble Store: https://www.humblebundle.com/store/wishlist/53976081
You can also buy me coupons on https://www.cardmarket.com/.
[fr] Chaque vendredi (ou presque) je choisis un thème et plusieurs personnes en lien avec celui-ci pour #FollowFriday. Toutes mes précédentes recommandations peuvent êtres trouvées en réponse à ce message.
[en] For #FollowFriday, I choose several people in relation to a theme (almost) every Friday. All my previous recommendations can be found in reply to this post.
The family of George Floyd have confirmed that this is the only legitimate fundraiser they are operating. not sure which fake ones, if any, may have been going around here earlier but this is it: https://www.gofundme.com/f/georgefloyd
@dankwraith for a while i didn't know what a 'school resource officer' was and thought it was just a weird title to give the person in charge of, like, distributing binders and paper and stuff
then one day i learned they were literally cops and i was like 'what the fuck?'
yes we need armed patrols around literal children. good and normal society
En même temps ça me choque, pas, "Les Morts En Marche" ça ressemble à un nom de traduction québecoise de "walking dead" https://actu.orange.fr/politique/loi-avia-pourtant-decede-avant-le-vote-la-voix-d-un-depute-lrem-comptabilisee-magic-CNT000001qtKPg.html
@Sylvhem probably, and it's unfortunate bethesda has kinda mangled that message to pieces in recent works
GoGetARoomie spoiler potentiel
E2EE scheme that's under consideration for Mastodon
(First, I'm talking from my perspective and not on behalf of Eugen or the Mastodon project)
There's still a long way to go, but we're working on providing end-to-end encryption of chat-like messages in Mastodon.
The cryptographic protocol we're considering is basically that used in XMPP's OMEMO, Signal, and part of Matrix (part of Matrix, because Matrix also features another protocol, that provides weaker security but is much more efficient in group chats).
Like Matrix and OMEMO, your server will still know who you're talking with and when (Signal does manage to avoid that to a great extent).
There's one feature we are discussing that I want to talk about a bit: message franking. It's a scheme designed by Facebook to enable the receiver of a message to report it to their server without revealing other messages in the process.
Basically, it works by having the sender hash (using HMAC) the message with a key they generate just for signing that single message. They then encrypt that key together with the message. So, the hash is visible to the server, but not the message nor the key. So it cannot, at that point, be verified by the server or infer anything about the message or key.
The server then takes note of the hash, and who sent the message to whom. It then signs that note with its own key (that key can be private, it's not important). It could also encrypt it. Nobody but the server needs to be able to read and verify it, but it's also not super important if anyone else can.
Then the server gives that signed note, along with the message, to the receiver, and forgets about it.
Upon receiving the message, the receiver performs the usual checks, but now, it has the message and the HMAC key, so it is able to verify the HMAC hash. If the HMAC hash is invalid, that means the sender lied, and he won't be able to report it. So the receiver just discards it (it could display an error message to the user, but that's not important). Otherwise, the receiver can report it. How? By sending the message, along with the HMAC key and the signed note back to the server.
The server first decode/decrypts the note, verifies its signature so that it can be sure that it indeed made that note, and then, since it has the HMAC key, can finally check the HMAC hash and verify that the reported message is indeed the message that was sent.
To lie about the reported message, you'd have to find another message and another key that match the hash, which is exactly what the HMAC algorithm tries to make impossible, and for which there are no known attack to this day.
Since you need the key and the message, on its own, the key does not let you learn anything about the message. If you were almost sure you knew the message, you'd still need the key to verify it.
According to a paper (https://eprint.iacr.org/2017/664.pdf)—which I'm going to trust here, I intuitively understand the reasoning, but I don't have enough knowledge to be completely sure about it, the message franking construction isn't even needed because the underlying protocol already has the same properties, if you reveal just the right key. This means adding message franking doesn't make the deniability of the protocol actually weaker. Adding it just makes it easier to implement and also makes sure that you disclose exactly the message you were reporting and not a few more (the alternative would be to reveal the input to the key derivation function for one message, but it could be used for more than one message, although it would usually be a short amount of messages)
viol - article important
Je viens de lire d'un trait cette série d'articles de Slate
Ca parle de viol. C'est une meuf qui témoigne de son viol et des jours, mois, années qui ont suivis.
Cette meuf, ça pourrait être ma pote, ça pourrait être moi. On se sent tellement proche d'elle quand on écrit, j'ai lu chaque mot comme si j'étais elle, en train de voir à travers ses yeux.
Ca me rappelle pourquoi je suis féministe, pourquoi je ne lâche rien. Les mecs, lisez.
Biting the hands that feed you takes a lot of energy that's why cats sleep so much.
Étudiante en études féministes
Feminist studies student
Une instance se voulant accueillante pour les personnes queers, féministes et anarchistes ainsi que pour leurs sympathisant·e·s. Nous sommes principalement francophones, mais vous êtes les bienvenu·e·s quelle que soit votre langue.
A welcoming instance for queer, feminist and anarchist people as well as their sympathizers. We are mainly French-speaking people, but you are welcome whatever your language might be.