-
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
-
-
Yes, end-to-end encryption is possible. It just needs support in clients, as well as a common protocol to do it.
Mastodon has actually done some work towards that but I don't think it's useable yet, see https://github.com/mastodon/mastodon/pull/13820
> No for micro-blogging, but Mastodon supports direct messaging, and if you support direct messaging, you should support end-to-end.
No other microblogging service with DM support has e2e anything. Because they're websites. To have meaningful e2e you need to have key exchange and device keys, and if you have a website you can look at your DMs on then the website has to have a key. If the website has a key the owner of the website can look at your DMs. This is just fundamental to hosted web services, and it's why if you use icloud messaging with imessage you're no longer guaranteed e2e, and why signal just doesn't even have a website for you to use.
> Sure, but I trust https://letsencrypt.org/ more than I trust some random running a server.
LE has nothing to do with this? The key exchange I'm talking about is the end keys. User keys. LE doesn't provide those. For e2e IM systems a server has to manage user/device:key mappings, and are a central point of trust. They can potentially inject a "listening key" into your recipient list without you knowing and tap you or even impersonate you (but only in a forward way).
E2E is not a panacea, but it's also largely irrelevant to websites.
Calling it dystopian is a bit harsh. Some degree of moderation is unavoidable or you end up with 4chan (actually, even 4chan had moderation, I think; it's just unavoidable).
Ultimately of course you're supposed to choose a server that you like and trust. At least here you have that choice. On Twitter or Facebook you don't.
Of course it should have had end to end encryption. It sounds like a massive omission. I found a discussion about adding that to ActivityPub[0] where someone points out that if you don't want server admins able to read messages, you can't store private keys on the server, which sounds to me like it would hurt usability. Makes you wonder how unbreakable the end-to-end encryption of other systems really is. I'm not enough of an encryption guru to say how big of a problem this really is.
[0] https://github.com/w3c/activitypub/issues/225
If it's planned for 2024, why does https://qbix.com/ecosystem put it front and centre? Between that and the mouse pointer twinkles, most people are probably going to bounce right away; the site clearly sends the message that this is not something to be taken seriously, and may well be an outright scam.
There are a few other things that immediately put me off as well, though they may be just wording/messaging. Let me dissect just half of the first sentence from https://github.com/Qbix/Platform, and what springs to mind reading it:
> Our company spent 10 years building a decentralized Social Operating System for the web
Who is the nameless "Our company"? Even if we know who they are, building on open source projects controlled by a single company is often a bad idea. How did you spend 10 years on this? Is it the open-sourced corpse of a failed commercial endeavour? Also bad to rely on. Or is it new?
Unless they decline to publish their source code for over a year, again. https://github.com/signalapp/Signal-Android/issues/11101
Related posts
-
does anyone else feel inferior to all the attractive people here? 😞😓
-
Why Every Website Needs an SSL Encryption
-
Ask HN: What do you think about a subscription based social media?
-
Alt Text box can't fit one screenshot of text
-
Setting Up a Kubernetes Cluster on AWS EKS With Eksctl and Deploying an App