-
#ShowerThought
#ShowerThought
-
First time I reflect on how @matrix sessions list on someone's profile has a weird #privacy-infringing text format that also makes it less secure.
> "Oh, let's see. This person is using Ubuntu and Chrome. Oh and this immature client that has a known bug. Let's see what the next person uses. Oh wait.. I'll automate that scraping with my troll farm's #PII scrapers."
Is this a weird observation of mine?
-
lucas ∞replied to small circle 🕊 in calmness last edited by
@smallcircles @matrix I didn't ever notice this text for anyone outside of myself. For other people it just shows a random ID, probably a public key.
-
small circle 🕊 in calmnessreplied to lucas ∞ last edited byThis post is deleted!
-
small circle 🕊 in calmnessreplied to lucas ∞ last edited by
-
S [email protected] shared this topic
-
Robin Rileyreplied to small circle 🕊 in calmness last edited by
@smallcircles @matrix not weird imo! I generally try to configure my software not to broadcast what I'm using, or at least not the specific version number, whether it's a Matrix client or a web server.
-
small circle 🕊 in calmnessreplied to Robin Riley last edited by
It is at least weird that these choices are made with the general unawareness or consent of the end-user. I got surprised reaction from other people I mentioned about this. Maybe matrix is security-first in the protocol and the app devs or instance admins decide to make it more lax. But the protocol might also enforce the secure by default impl. Merely wondering as I'm certainly not the expert
