so @cwtch l keeps crashing due to memory tagging errors. is it possible to fix this without having to submit a PR to the project?
if not, are there common things to look for in the source etc that could be patched to fix it?
tagging @sarahjamielewis and @GrapheneOS
@governorkeagan I would add #simplex and #deltachat between 4-5 w/ a 
and in 5 id also put #cwtch & #meshtastic #privacy #foss #signal #whatsapp #telegram #dino #quicksy #briar #tox #jami
@neil Im concerned how this will affect decentralised social media like #simplex https://simplex.chat #briar https://briarproject.org & #cwtch https://docs.cwtch.im these services r so decentralised there aren't even servers that facilitate users directly its more like a participatory network infrastructure, its undeniably user-to-user but what are they going to do charge every simplex relay operator? Or every node in a briar mesh? Or r group moderators liable instead?
@cwtch I really would like to have a better understanding of the differences (not so technical, but also pros and cons) of decentralised messaging services, in comparison:
@cwtch
@element
@delta
Do you know if that exists?
I'm on @signalapp , love it, but I realise that another centralised solution might not be the ultimate solution...
And I need to think wisely before bringing all my people to a new platform 
Thank you!
Open question/food for thought, especially for people living in EU/EEA jurisdictions, about #privacy: How would you go about personal messaging in a worst case scenario with #ChatControl?
Just go on with your life (either because you and your friends already use a very hard to block, secure messaging service, or because you accept surveillance)? Fire up your own IRC server as an Onion service? #Cwtch? #Briar? Start writing a lot of letters on paper, because your handwriting is a great cipher after all those years behind a keyboard?
@uhuru
#DeltaChat has no forward secrecy.
And depended on SHA-1 and using MD5.
Both are considered weak cryptography if I'm not mistaken.
While I believe deltachat to be a great app with good use case, it's not what I'm looking for.
#xmpp ecosystem is?/was! pretty bad in serving proper e2ee cross platform implementation.
Till recently there was only conversations as a usable app. Since some weeks ago it seems that @dino now also offers e2ee by default. But also both conversations and Dino using an outdated omemo specification, and are by that not compatible with @kaidan.
I will reconsider xmpp when they adapt the newer specification.
@briar not mentioned, but also no, cause it's not working on #TailsOS or on android with Orbot.
So very much unusable, since it's not running on the platforms we use.
#simplex, no, I don't like nor trust the dev.
#cwtch, yes, maybe
To prepare for the "star wars' empire and allies" next move against this nice and friendly community? shouldn't we do a threat model based on attack scenarios of what could be (cyber)attacks against our masto communities: How to protect mastodon servers from being shutdown by third parties? How to secure them further? How to distribute them further? How to use tools like veilid, cwtch, spritely or even more commercial ones like storj to continue exchange the files and be capable to scale quickly up or move quickly from A to B in case of third Party disruption of URLs used by activitypub at CDN/DNS level? How to enhance comms so that they can resist specific targetting of specific information diffusion? How to make the new free social network resilient to any dictature controlling the internet communications (DNS, CDN,...) and using automated AI driven content scanning searching for forbidden words? How to secure its supply chain and ensure that the codebase cannot be suppressed from GAFAMs controlled code repositories?
Maybe some of the good questions for FOSDEM 2026, crypto/steganography communities and for beer discussions everywhere amongst EU and US liberty and democracy defenders?
How to protect freedom of speech and trustable secure communications for "we the people" in democracies and ensure they cannot be disrupted?
Time to show that hackers, cryptographers, real cypherpunks and strong techies of today can even do better than the old ones of the 1990s to defend their liberty to think, exchange and love in democracy respecting everyone. New generation, go for it and the oldsters, well support them with what you learned from life after all these years.
@sarahjamielewis @dazo @ambiguous_yelp @GeorgKrammer @simplex @light
In summary, I don’t think the #SimpleX approach of assigning ids to user connections instead of users, and using their own onion routing, provides superior metadata-resistance as compared to a centralized service like #Signal.
In most scenarios, it will provide less metadata-resistance (but will be more convenient to use) than a #p2p messenger like #Briar or #Cwtch.
(continues)
@firebreathingduck @Em0nM4stodon I don't remember enough to quote it right now, but I heard someone having issues with how Session is doing things.
If you want to protect who you're talking with, check out #Cwtch https://docs.cwtch.im/
In case you don't know, @cwtch is a decentralized end to end encrypted chat app
there's no servers by default, meaning no central authority
transport is based completely on Tor onion services, which itself is decentralized and provides automatic and transparent end to end encryption
(though @torproject still hasn't deployed any post-quantum cryptography into Tor, Cwtch is not as robust as newer PQ Signal or iMessage)
the profile ID that you share with your people is based on the Tor onion address that your profile is using for communications. if you shut down Cwtch, your Tor onion address also gets shut down, so you can't receive messages while you're offline, by default
it's my opinion that using Tor onion services for chat apps is a no-brainer. everyone with a Cwtch profile is both a client and a server. you are your own server. because of how Tor onion services works, as a reverse proxy, you don't need to host a "public" service on the internet. and e2ee, key management, encryption is all automatic. you can't fuck it up! its crazy to me that apps like Matrix don't take advantage of this. Tor onion services is an extremely powerful tool and so many people ignore or think of FUD
@cwtch 1.15 still suffers from the same macOS bug that makes it hang if you try to shut it down through the top-of-screen menu bar -- if you do it this way you have to force shutdown the app
instead, use the in-app X button on the top right
the four step process for launching @cwtch in macOS since it's not signed
1. Open Applications, right-click Cwtch.app and click open
2. go to Settings, search for Gatekeeper, click "Open Anyway"
3. click "Open Anyway" again
4. use your admin password or TouchID to launch it
@moonrabbit You poor love. Sending many Welsh cuddles #cwtch
Habe mich nun für die Aufnahme der folgenden Messenger entschieden:
- (Facebook) Messenger
- Google Messages
Kommt nach und nach.
Teste gerade den Messenger #cwtch. Anbei meine cwtch-Adresse für einen Test: 2pfglo3dxiagj2mvta5bzok4ple2ttxvvg3g7gscridocdj7apyqwkyd
Happy Valentines Day!
Cwtch 1.14.0 is now available to download!
Custom Theme Support! It is now possible to load new themes into the Cwtch UI and customize it to your liking
Additionally, this release contains many small UI fixes and accessibility improvements
Many small bug fixes including improvements to file sharing on Android, and support for newer versions of Tails.
Download links and change logs: https://docs.cwtch.im/blog/cwtch-1-14
This week we are celebrating 6 years of the Open Privacy Research Society.
We want to take this opportunity to extend a huge thank you to all of our supporters; without you we would be unable to do the work that we do. Thank you. 
Our Work: https://openprivacy.ca/work/
Become a Supporter: https://www.patreon.com/openprivacy or https://openprivacy.ca/donate/
(plz hire me) 
Ambiyelp 
