Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

411
active users

med-mastodon.com: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#techliteracy

1 post1 participant0 posts today
Public
Kevin Karhan :verified:

@rakoo @delta @cy @thunderbird

It is a good tool because it allows for self-custody of keys.

  • Also by that notion manually setting up an eMail account is also complicated for anything that Thunderbird can't autoguess or doesn't have in it's database.

Shure that isn't an excuse for #Thunderbird to not deliver sane defaults and handhold users asking them at account creation/import if they want to create/import a keypair and/or wish to automatically activate it.

  • Same with pulic keys: #Enigmail used to have the nice feature to automagically attach the Pubkey to every eMail and to automatically sign and encrypt them. In fact I have this preconfigured to the point that any non-encrypted eMail requires me to manually confirm stuff.

I don't "belittle people for not knowing how to use gpg" but instead acknowledge the lack of #TechLiteracy as a matter of facts because most people got groomed into being consoomers and into ignorant users.

  • It's not their fault, it's decades of failed education and awareness that now demand compound interest like credit card debt.
blah.rako.spacerakoo (@rakoo@blah.rako.space)@kkarhan I'm sorry but no, gpg in @thunderbird doesn't "just work". You need to manually create a key with the 16 clicks and technical chops that go with it, you need to understand the settings, y...
Replied in thread
Public
Kevin Karhan :verified:

@HumboldtUni Ich halte das für fundamental falsch, weil #Schulen heutzutage nichtmals fundamentale #MediaLiteracy geschweige denn #TechLiteracy hinbekommen.

Wir brauchen mit solchem Bullshit nicht anfangen bevor niht jede #Schule #Glasfaser und mindestens nen kompletten Klassensatz an #Pi500 am Start hat damit #Schüler*innen auch #Informatik lernen und nicht zu #Microsoft-#Kunden verblödet werden!!!

Ernsthaft, da hätte die #EU das in andere #Forschung und #Entwicklung oder #Infrastruktur investieren können, statt irgendwelche #Buzzwords wie #AI nachzurennen die eh nur dazu da sind #Geldverbrennung zu betreiben!

Public
Mojo ♻️

Study Suggests Natural Intelligence Affects Computer Skills More Than Training.
New research indicates a person's innate intelligence may influence their computer proficiency more than previously thought. The findings suggest that practice alone may not be enough for some to become comfortable with technology.
The study challenges assumptions about training and highlights the role of cognitive ability in tech literacy.
What do you think—does natural aptitude outweigh training when it comes to mastering computers?

#TechLiteracy #Psychology #ComputerSkills

scitechdaily.com/new-study-a-l

Replied in thread
Public *
Kevin Karhan :verified:

@pixelcode @taylan Your nonchalant "So what?" gets people publicly murdered by the state in many juristictions...

  • Which is why there is no substitute to teaching proper #TechLiteracy ffs!

If things were so easy as in "JuSt UsE sIgNaL!" then @signalapp would be shut down.

If you do think so then you should really get some professional help, cuz you seem rather lost...

  • #Signal doesn't even bother to have an #OnionService, much less to provide means to use their service without self-doxxing with a #PhoneNumber, which at best is pseudonymous and requires money to attain and maintain...

It's #centralization is an absolute nightmare and mist be deemed as criminally neglectful!

MastodonPixelcode 🇺🇦 (@pixelcode@social.tchncs.de)@kkarhan@infosec.space @taylan@feministwiki.org For every messenger there's the risk of someone finding out that you use that messenger (for example when you download the app without a proxy or when you rent a server for self-hosting). So what? Nothing and no one stops you from voluntarily using Tor to connect to Signal (Orbot, InviZible, Advanced Privacy etc.). For those oppressed by authoritarian regimes, Signal offers easy-to-use censorship-circumvention proxy support built into the app. https://support.signal.org/hc/en-us/articles/360056052052-Proxy-Support
Replied in thread
Public *
Kevin Karhan :verified:

@Andromxda @mollyim no it's not bs and fanboying @signalapp isn't going to change that.

If #Signal was secure it would be the #1 comms tool of organized crime...

Real professionals use #SelfHosting capable, fully #FLOSS'd solutions like #PGP/MIME & #XMPP+#OMEMO.

It's just me reading the room: Cuz #ComSec isn't done woth "JuSt UsE sIgNaL!" and everyone who claims so without pointing out #OpSec, #InfoSec & #ITsec is BSing hard.

  • The cold hard truth is that #TechLiteracy is irreplaceable and the only solution to it is to actually teach normies how to "get gud" with stuff like PGP.

Fortunatelty, @thunderbird and @tails_live / @tails / #Tails and many other tools make that easier than ever before.

YouTubeSignal's Terrible MobileCoin BetrayalBy The Hated One
#cryptoparty
Replied in thread
Public *
Kevin Karhan :verified:

@licho @osman provide evidence the code @signalapp released is actually being deployed.

Not to mention pushing a #Shitcoin-#Scam (#MobileCoin) disqualifies #Signal per very design!
youtube.com/watch?v=tJoO2uWrX1M

  • Given the collection of #PII like #PhoneNumbers, the ability to restrict functionality based off those and the fact that #Signal is subject to #CloudAct make it inherently not trustworthy.

And don't even get me started on the fact.it's not sustainable to run it as a #VCmoneyBurningParty!

Same as identifying users: They already got a #PhoneNumber which in many juristictions one can't even obtain without #ID legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to #SS7 a specific number...

  • All these are unnecessary risks, that could've been avoided, but explicitly don't even get remediated retroactively!

Again: Signal has a #Honeypot stench, and you better learn proper #E2EE, #SelfCustody and #TechLiteracy because corporations can't pull the 5th [Amendment] on your behalf!

YouTubeSignal's Terrible MobileCoin BetrayalBy The Hated One
Replied in thread
Public
Kevin Karhan :verified:

@ai6yr @briankrebs OFC this targets #TechIlliterates and the only effective means here are:

  1. Teach #TechLiteracy instead of consumerism.
  2. Mandate #confirmation & #notification - #PopUp|s for every use of #Clipboard (similar to #webcam use by websites)...
  3. Ban #JavaScript - seriously!
  4. Ban #Windows, because it's a #Govware, espechally since #Windows10 and even more so on #Windows11 that is *insecure in every configuration!
  5. Put #TechIlliterates before a system they can't feck up. I.e. @tails_live @tails / #Tails for that reason alone (can't run such commands if they neither got #root nor any #persistent #storage to target).
  6. Normalize the use of @torproject #TorBrowser!
  7. #Teach #tech #literacy instead of #consumerism!
  8. Ban #GAFAMs and their shitty products!
  9. Migrate every #TechIlliterate to #Linux and don't give them administrative privilegues.
  10. Teach tech literacy instead of consumerism!
#techliteracy#confirmation#notification
Replied in thread
Public *
Kevin Karhan :verified:

@Avitus @lispi314 @lauren THE REQUIREMENT FOR A #PhoneNumber BY @signalapp IS LITERALLY THE PROBLEM!

  • #KYC IS THE ILLICT ACTIVITY!!!

If you gonna say "JuSt GeT aN iMpOrTeD #SIM / #eSIM!" then you obviously expect people to have way more #financial means and #TechLiteracy than is needed to get absolute N0obs setup withb#XMPP+#OMEMO and pay for @monocles / #monoclesChat!

IOC.exchangeAvitus (@Avitus@ioc.exchange)@kkarhan@infosec.space @lispi314@udongein.xyz @lauren@mastodon.laurenweinstein.org @signalapp@mastodon.world You can register any number on Signal even a landline, ass long as you can get a 2FA SMS or phone call. Signal knows nothing about its users, nor does it attempt to. See https://signal.org/bigbrother/. All they have is the date and time you registered and the last date and time your device connected to a service. They've been subpoenaed many times but haven't been able to provide any data because they don't have it.
#sim#esim
Replied in thread
Public *
Kevin Karhan :verified:

@rysiek @agturcz that's not how you fix #TechIlliteracy, espechally since things changed for the better.

@monocles / #monoclesChat & @gajim / #gajim are quite easy, whereas @signalapp / #Signal demands #PII in the form of a #Phone number which is more often than not not legally obtainable without "#KYC" aka. "forced #SelfDoxxing" all whilst being an extremely #centralized, #SingleVendor & #SingleProvider solution that falls under #CloudAct ant thus cannot adhere to #GDPR & #BDSG!

Otherwise we'd only perpetuate the #Enshittification-#Lifecycle as has happened with #AIM, #ICQ, #BBM and so many more...

  • Mark my words, cuz I've been proven correct up to this point.

If #Signal and @Mer__edith actually cared, they would've setup their system truly decentralized as an #OnionService over @torproject / #Tor!

Mastodon 🐘Michał "rysiek" Woźniak · 🇺🇦 (@rysiek@mstdn.social)@kkarhan@infosec.space I ran and hosted a bunch of XMPP servers a while back. It was a pain to use, and it was easy for users to make mistakes and accidentally send messages in the clear. You are making people les safe. Last time: please stop doing this in my mentions and replies. @agturcz@circumstances.run @torproject@mastodon.social
#THXBYE#EOD#ITsec
Replied in thread
Public
Kevin Karhan :verified:

@adhdeanasl also #Scammers can't really buy range like they can on #BillionaireSocialMedia:

#bots#boost#bot
ExploreLive feeds
About