So contributions require folks create accounts with Microsoft for GitHub? That’s a bit contradictory, but here you are telling folks to raise “Issues” exposing themselves to Microsoft’s ToS & data collection machine. Not to mention all they are doing with Copilot.
You’re not required to contribute. I went with GH because it doesn’t require creating a new account on an obscure Git provider, which would kill the chwnces of anyone contributing.
Git provides itself, so forges aren’t even required (the d is distributed version control). Issue trackers don’t need to be attached to the code forge. Even if you like someone else hosting it & an sidecar of integrated bug tracking, it should not require an account with Microsoft if privacy is the end goal—and there’s a host (pun not intend) of other options.
PRISM Break, Calyx live on GitLab (not obscure, supports SSO). Many free software projects like Freedesktop, GNOME, KDE, DivestOS, Briar, Jami self-host the community edition of GitLab. Privacy Tools & Awesome Privacy mirror to Codeberg as well as MS GitHub, presumably to have an escape hatch to the megacorporate bubble & to practice what they preach about privacy. LibreWolf is exclusively Codeberg. Cwtch self-hosts Gitea. Prosody self-hosts its Mercurial server. Choosing not Microsoft GitHub puts you in good company.
If a mailing lists alternative isn’t your thing, Forgefed, federation protocol for software forges, would apply for anyone with a Fediverse account (so Lemmy) could submit issues with Forgejo building it in along with others soon (GitLab expressed interest).
Choosing proprietary tools and services for your free software project ultimately sends a message to downstream developers and users of your project that freedom of all users—developers included—is not a priority.
Mailing lists are for old fat unix guys. Who uses email anymore? I can’t even remember the last time I opened my inbox, maybe a month ago for a 2FA code?
I’ll stick with GitHub because its what I know. If you don’t want to use GitHub, then you can still view the spreadsheet, just dont click the GitHub or Datasets links in the fop left.
You’re in a privacy-related space that values keeping data away from the corporations—that’s why your response has a worse ratio. If you don’t want your messaging data with data with Meta or Google, why would you be okay with Microsoft for your code? I like that instead of acknowledging the multitude of options you would have that puts your project in better position for contributor privacy, you chose to attack the one you disliked the most, mailing lists, & dismissed everything else. It’s really not any more difficult to pick up something like Codeberg & the UI loads faster too.
If someone said “WhatsApp is what I know, why should I care about your $MESSAGING_APP?” would you not, like, send them the output of your project to explain how their digital privacy is at risk? Consider building another list comparing code forges & see that you get little extra from MS GitHub being closed, proprietary, centralized, for-profit/publicly-traded, requires accepting Microsoft ToS to create an account, search locked behind auth, slow to load, slow to fix bugs, has outages constantly, locks out all users from Yemen et al. due to US sanctions, plays ball with capitalists (such as following record label demands to take down youtube-dl), pushes ‘social’ features (massive can of worms), tries to monopolize the developer space on the network effect, etc.
Telegram was launched in 2013 by the brothers Nikolai and Pavel Durov. Previously, the pair founded the Russian social network VK, which they left in 2014, saying it had been taken over by the government. Pavel sold his remaining stake in VK and left Russia after resisting government pressure.
The Moscow Times reported that the investments included $75 million from a joint partnership between an Abu Dhabi state fund and a Kremlin sovereign wealth fund.
You got some errors for XMPP e2ee: the popular mobile clients all enable it by default, it has perfect forward secrecy and a/v calls are usually also e2ee and of course data is encrypted in transit.
Yep. Really need to compare the best-practice XMPP clients (e.g. Conversations, Siskin), not half-developed clients more suited to the XMPP landscape of 20 years ago. – Just as Matrix’s ranking in the table is high because only the state-of-the-art clients are considered – there are plenty of Matrix clients which don’t support e2ee, for example.
This list of mistakes isn’t exhaustive, but extending from poVoq’s mentions, here are some things XMPP(conversations) does actually have positive findings for:
Provider can scan for illegal content [If you send content unencrypted, otherwise no different to Matrix/Signal]
I’m not sure there’s much differentiation between any apps when it comes to “What can the apps hand to police?”; if the police have physical access to your device and app, they have access to everything you do on that device/app.
Lets be honest, its not much different from China. They both make social media companies censor, and they both track citizens to predict their likliness of committing a crime in the future.
USA is atleast 100x worse than China, if you cared to look at Snowden and Assange leaks, and Wikipedia page for USA surveillance programs since the formation of NSA in 1960s. Assange is getting drugged and tortured as we speak, and that is not happening in China. Snowden can never go back to his home unless he wants to be “mysteriously dead”.
I wouldn’t say worse than China, but I’d say they’re both equal, in their own way.
It’s the nature of state politics and security. I’d bet even money every government on the planet is equally bad, up to the resources they have at their disposal.
Remember, all governments are collections of individuals, and individuals range in their morality.
Certain types are attracted to certain opportunities…like the power of government.
Its not Google Sheets. It was initially generated with the tool because I like the formatting, but its HTML running on Cloudflare Pages. The source code is here
If you see errors or hwve suggestions, please submit an issue on GitHub, they’re easier to track than here
Add comment