I’m trying to find out privacy settings behind the wifi chat offered by… Samsung? Its built into my S10e as an additional chat service with little to no information about it. It’s free and enables chat over WiFi and to groups of users who have the feature enabled. It also enables Android users to see when others who have the service are typing like on the iPhone.
My concern is privacy. If it’s free, how do I know that I’m not the product here?
The Stack Exchange app won’t let me upload a 256KiB image so I’ve added a URL for the screenshot: screenshot of new messages feature
In the specific example of PayJoin here: https://en.bitcoin.it/wiki/PayJoin the wiki equates a PayJoin transaction as indistinguishable from a regular transaction.
However the transaction example itself seems a little weird and potentially misleading. In a regular transaction, if I have a UTXO of 2 btc and another UTXO of 5 btc, an attempt to send that results in an output of either 3 or 4 btc would be best served by using the 5 btc input only, as this would create a smaller transaction than needlessly using inputs of 2 and 5 btc (it would also needlessly link two addresses); we can postulate a rational coin-holder would never construct a transaction with more inputs than required.
So it would seem that to make a PayJoin transaction genuinely indistinguishable from a regular transaction, one of the PayJoin outputs must be larger than any single input. If in the example the merchant and customer wished to exchange 5 btc, then outputs of 6 btc and 1 btc could be created, which would absolutely justify combining a 5 btc and another input of at least 1 btc.
A Mimblewimble blockchain relies on two complementary aspects to provide security: Pedersen Commitments and range proofs (in the form of Bulletproof range proofs). Bulletproofs do not require a trusted setup. They rely only on the discrete logarithm assumption, and are made non-interactive using the Fiat-Shamir heuristic.
Pedersen Commitments provide perfectly hiding and computationally binding commitments. Since Mimblewimble commitments are totally confidential and ownership cannot be proved, anyone can try to spend or mess with unspent coins embedded in those commitments. Fortunately, any new UTXO requires a range proof, and this is impossible to create if the input commitment cannot be opened.
A Mimblewimble blockchain grows with the size of the UTXO set. Using Bulletproofs, it would only grow with the number of transactions that have unspent outputs, which is much smaller than the size of the UTXO set.
CoinJoin is a technique to aggregate multiple payments from multiple senders into one unified transaction. Dash deployed an improved version of CoinJoin earlier. Mimblewimble can do CoinJoin non interactively and verifiably in public. Hence Mimblewimble can be viewed as a privacy preserving cryptocurrency approach using Non Interactive CoinJoin technique.
Is it possible to use Signal without sharing my phone number with others?
I personally use the Signal app on Android, but of course it applies to all versions, desktop and mobile.
With Telegram, for example, I can select a user name and then release it. And people can only contact me with this username. No phone numbers involved. Is this also possible with a signal? Or I do to have to provide my phone number when someone is asked to contact me via signal?
I realize that I have to use my phone at least once to register with Signal and set up an account. Once I do that, I want to contact other signal users or let other signal users contact me without providing my phone number.
I tried to encourage some people I know to install and use the COVIDsafe app. Some people have cited privacy concerns as a reason not to install the app (there are other concerns, such as allegedly interfering with diabetes apps). To the best of my knowledge, these people use smartphones with SIM cards and many apps installed.
I understand that data breaches can affect either the app's developer, malicious third parties, the Australian government, Amazon, and the U.S. government. However, I assume that the primary concern is the Australian government.
To what extent does the use of the COVIDsafe app provide the Australian government with data that it does not yet have from existing sources of information?
Please stop forwarding my questions to the unrelated, who doesn't answer my question at all. I've already read every answer there and it doesn't help at all. If so, why should I ask this much more specific question?
This has been a constant concern and problem for me for ages:
For practical and logical reasons, I am forced to trust some Third-party PHP libraries. These are installed, updated and managed Composerand live in C:PHP-untrusted-external, completely separate from my own PHP scripts that live in C:PHP-my-own.
The scripts in C:PHP-my-own involve and use the libraries C:PHP-untrusted-external.
Since no one, especially me, can ever review all of the third-party code and updates, I'm looking for a way to "secure" or "sandbox" them in some way, even if it's only partial.
Basically, I'm worried that one day changes will be made to an update, e.g.
I do not understand docker. I've tried countless times and it doesn't make any sense to me. I don't want Docker. I don't want to deal with containers. Correction: i tilt Deal with it. I tried but didn't understand. Multiple times.
I just want PHP to support this in itself, and it seems more than reasonable to me. Don't you feel reasonable?
The saying "at some point you have to trust other people" is far too general / vague to be used here. It circumvents the problem. I don't trust people at all and for good reason. It seems idiotic that we should (apparently) just sit around and wait for the disaster. At least if I could prevent the third-party scripts from doing anything to the filesystem and network, it would help mitigate this problem. It still won't make the scripts lie about the numbers / dates they return to me, but at least they can't "call home" directly or delete random files.
While I'm working on "Live" CLI PHP scripts that run regularly on my computer and interact with external services, e.g. B. Sending POST data to a website via HTTPS and generating the content, I often have the paranoid idea that when I do something, I make a mistake: Instead of failing with a syntax error, the source code of the script is in the POST -HTTPS request instead of the content sent by $buffer String that it builds.
Is that even possible? I can't imagine a situation myself. If I forget to add one ; here or a ( it won't run there at all. But maybe there is a situation where such a transient error would cause the script that runs at regular intervals to run before I can correct it and somehow interpret it as if I wanted to fill it out $buffer String variable with the source code of the script itself?
If you can imagine such a situation, I would very much like to hear about it. Again, it's not particularly about PHP; it is exactly what I am currently using. The exact same question can be asked for any other language.