A more accurate title could be "Privacy is Priceless, but Centralization is Expensive": with the era of cheap money coming to an end, grows a lot of uncertainty regarding the future of some large internet services. Signal is no exception and this emphasises the importance of federated alternatives (XMPP, fediverse, …) for the good health of the future internet.

People don't choose, people use whatever most people around them use. Whatsapp and telegram are both centralized, and shouldn't be trusted because, by the nature of it, they can (and eventually will) turn user-hostile.

Messengers come and go, if we really want to make some progress in this area, we should embrace federated and p2p protocols as the logical evolution. Anything else is just wasting time and user privacy.

Or, you know, just use key auth only and fail2ban. Putting sshd behind another port only buys you a little time.

Before this devolves into a flame war, here's for you the introductory paragraph

Disclaimer: I’m aware that Richard Stallman had some questionable or inadequate behaviours. I’m not defending those nor the man himself. I’m not defending blindly following that particular human (nor any particular human). I’m defending a philosophy, not the philosopher. I claim that his historical vision and his original ideas are still adequate today. Maybe more than ever.

That said, I only see valid points here. For a long time, I too had a preference for MIT-style of licenses, thinking that they would "at least give a chance for a major business to embrace and extend, for the benefit of the open-source world", win-win, right?

Fast-forward, it's now pretty clear how the corporate world used the open-source movement to consolidate its monopoly, common good shouldn't get privatized, and large corporations don't have your best interest at heart.

IMO Scala is one of the best programming languages out there. I know it might sound like zealotry because Scala is already way past its hype curve, and the "Through of disillusionment" already caught a fair bunch in ways that more recent and hyped languages haven't yet, but it's not only still very relevant today, but more and more so (IMO).

So, what's to like about Scala? Like most of things, those are two-edged swords:

1- multi paradigm

To my knowledge Scala is the only language that unifies object oriented programming and functional programming so seamlessly. You can pick the right tool for the job, opting for imperative-style where it's fit and choosing elegant composable/curried when appropriate, without having to bend your mind as much as you would with Haskell/clojure/OCaml/F#/… where things are more one-sided. The downside is that different programmers will have different takes and preferences as to what's the most adequate style might be, and a same codebase might look very different from one place to the other.

2- type system

Scala has one of the most advanced type system. Nothing Rust or Kotlin might match any time soon, or ever. Scala's implementation of GADTs, combined with its powerful pattern matching enables concise and idiomatic abstractions. Many of which are zero-cost thanks to things like opaque types, inlining, tail recursion, … There is a whole area of the Scala community striving to make invalid states irrepresentable (your code won't compile if your instance of a pizza is missing a topping), which makes such libraries self-documenting and easy to use. The downside is that nothing prevents you from climbing the abstraction ladder and encoding everything in the type system when all you need is a simple trait/generic, and that's a human/complexity management problem tooling and the language can hardly mitigate.

3- scalable

The author of Scala (who was a long-time Java compiler architect) wanted Scala to scale from shells one liners to complex multi-cluster distributed systems, and delivered on that. You can start small with a scala-cli proof of concept, transition to a mid-scale "python with types" kind of project, and grow up to very large and complex projects. Beyond the JVM, you can target the browser with scala-js and share models and validation logic between the front and back ends. You can target native binaries for instant startup/low footprint executables that are cheap to spin-up as microservices.

4- has a foothold in academics

A whole team at the EPFL is pushing boundaries of programming languages and using Scala and its compiler as a ground for experimentations. Scala 3 has a proven sound type system thanks to its foundations on the DOT calculus. Effects and Capabilities are being researched as part of the project Caprese to offer a solution to "what color is your function" (mixing sync and async), of memory management/lifecycles (more generic than rustc's), of pure/side-effectful code, etc. The downside is that this gives an impression that Scala's development lacks focus, but arguably those happen in distinct development branches and by different people.

Anyway, feel free to continue the discussion on: !scala@programming.dev

!scala@programming.dev

😂

If you are curious, you should give XMPP a shot, it's equivalent to Signal in terms of encryption, but anyone can host their own. Signal is ideologically opposed to anyone but themselves being in control of your account, and because of that I don't want to trust them.

That's absolutely true in the physical sense, but in the "commercial"/practical sense, most respectable companies' QA process would shave off a large part of that first bathtub slope through testing and good quality practices. Not everything off of the assembly line is meant to make it into a boxed up product.

As soon as you put something up online, you will de facto become a target with nowhere to hide except offline. Your IP will be known and constantly hammered by more or less serious threats.

If you don't know the basics of Linux system administration and typical security measures, I would propose 2 approaches: you can go "the NAS way" and purchase something turnkey like a Synology (or anything on which you can easily spin up containers to host your services). You can expect a large part of the administration to be taken care of with sound default settings.

Another approach is to use a beginner friendly distro like https://yunohost.org/ , perhaps more involving, more risky, bit more rewarding.

Also, don't put anything up there like personal or valuable information (except if encrypted with local-only keys), expect to be hacked, expect to be wiped, and think early on about (off-site) backups.

Last time this came up, people were quick to bring up brother, and others (and that was new) to mention that brother started to do the same crap (limiting 3rd party toners). So I really don't know what to think of them anymore.

I could be in the market for a b&w laser printer/scanner soon so I'll keep an eye on replies here.

Signal isn't a federated protocol, so even if they were incentivized to release all the server bits and pieces, it would not help. You could run your own, but wouldn't be able to reach-out to your friends running theirs.

Rule of thumb for kubernetes, if you are learning it "for fun" or on your own, you are not gonna need it :)

Also, fun fact, Facebook messenger was XMPP compatible at some point, and just like Google, they eventually shut down federation to the detriment of the XMPP users as soon as they became close enough to a monopoly

https://news.ycombinator.com/item?id=9266769

Happy to report that XMPP is alive and kicking 🙂

This isn't the 70's anymore, when the U.S. military last had an edge over the rest of the world on the subject. Now, every current device that support GPS also reads from GLONASS, Beidou and Galileo, which all offer better precision and accuracy thanks to their more recent design. GPS losing dominance is last-century news.

PWA, like most web stuff, has a low barrier to entry but is extremely hard to make look and feel right. Check out the other comment about controls flashing. Native apps do not just have better development tools, they save you from having to reinvent whole kinds of wheels.

How is the Russian propaganda attempting to frame that? "Ukrainians are Nazis and so we took over their nuclear power plant because we (though we) could. Now they want to destroy it, incurring an immense ecological impact to mostly themselves, because if they can't have it, better be dead too"?

If you wonder about raw performance, the two were benchmarked by phoronix recently

https://www.phoronix.com/review/raspberry-pi-5-benchmarks

Can we have a policy here of not rewriting/making up titles? I'm not interested on personal takes before reaching the comments section.

Until i can give a laptop with linux to my neighbour without also needing to also provide support, its not there yet.

I mean, isn't your neighbor already getting Windows support from his son or nephew anyway? Let's not pretend that there exists a magical and perfect OS for those who don't want to learn one. Some learning is required, whichever the OS, and I would be hard to convince that a current preinstalled Linux is more difficult to handle than a current preinstalled Windows.

Windows has for itself that it's a devil most people know/got exposure to (thanks to Microsoft schemes and monopolistic practices), there is nothing inherently better or easier about it (and arguably quite the opposite).

"Sliding sync" is Matrix's own admission that the protocol is too complex and taxing on clients to be practical, and shifts the burden further onto already overwhelmed servers for what's essentially bouncers marketed as new tech. And it's still a mess.

use… bookmarks? And if it's a concern that the pages you want to bookmark might disappear, you can use something like wallabag: https://github.com/wallabag/wallabag

They both qualify as "open, federated messaging protocols", with XMPP being the oldest (about 25 years old) and an internet standard (IETF) but at this point we can consider Matrix to be quite old, too (10 years old). On the paper they are quite interchangeable, they both focus on bridging with established protocols, etc.

Where things differ, though, is that Matrix is practically a single vendor implementation: the same organization (Element/New Vector/ however it's called these days) develops both the reference client and the reference server. Which incidentally is super complex, not well documented (the code is the documentation), and practically not compatible with the other (semi-official) implementations. This is a red herring because it also happens that this organization was built on venture capital money with no financial stability in sight. XMPP is a much more diverse and accessible ecosystem: there are multiple independent teams and corporations implementing servers and clients, the protocol itself is very stable, versatile and extensible. This is how you can find XMPP today running the backbone of the modern internet, dispatching notifications to all Android devices, being the signaling system behind millions of IoT devices, providing messaging to billion of users (WhatsApp is, by the way, based on XMPP)

Another significant difference is that, despite 10 years of existence and millions invested into it, Matrix still has not reached stability (and probably never will): the organization recently announced Matrix 2 as the (yet another) definitive answer to the protocol's shortcomings, without changing anything to what makes the protocol so painful to work with, and the requirements (compute, memory, bandwidth) to run Matrix at even a small scale are still orders of magnitude higher than XMPP. This discouraged many organizations (even serious ones, like Mozilla, KDE, ...) from running Matrix themselves and further contributes to the de-facto centralization and single point of control federated protocols are meant to prevent.

How's that different from outpainting, which has been a thing for a very long time?

https://openai.com/blog/dall-e-introducing-outpainting

https://stable-diffusion-art.com/outpainting/

Nextcloud. It's definitely overkill for photos alone, but since you are likely to want it for other stuff anyway, why not use its gallery (which is decent) as well?

I personally use it for backup and sharing, and do the bulk of my photos/collections management in digikam (reading from a fast network storage).

Or , with, you know, federation?

public Matrix server

Let's see how long before it bankrupts you

Don't spread FUD about XMPP, please 🙂. It works wonder, it's in fact everything I've ever wanted for personal/family chats and large IRC chatrooms alike. It also happens to be one of the easiest things I ever had to self-host thanks to how wonderful and batteries included ejabberd is. I have developed several clients and bots/integrations in several languages thanks to how versatile it is.

Fun fact, it has a PubSub component which is (IMO) technically superior to the fediverse more lightweight and more flexible.

If one thing, the great XMPP rediscovery is overdue if you ask me 😉

I want to add "federated" to your list, as the only thing that actually matters long term. Signal checks your requirements but has already started to turn user-hostile (e.g. it mandates its own client so you get to have crypto payments whether you like it or not), and, as the single point of control, is an easy target and a single major liability.

Remember the days when WhatsApp was nice to its users? There is no technical guarantee that other centralized systems won't go the same path, which is largely mitigated when the network is made of smaller interoperable actors (i.e. a federation).

I would love to see XMPP be rediscovered and massively adopted as that next gen messenger. I don't trust Matrix to ever be reliable or get past their neverending funding troubles.

Without SMS verification, spam would be so much worse that they've been kind of obliged to keep it, even though it defeats/undoes most of the privacy features they like to advertise about

I'd like to share your optimism, but what you suggest leaving us to "deal with" isn't "AI" (which has been present in web search for decades as increasingly clever summarization techniques...) but LLMs, a very specific and especially inscrutable class of AI which has been designed for "sounding convincing", without care for correctness or truthfulness. Effectively, more humans' time will be wasted reading invented or counterfeit stories (with no easy way to tell); first-hand information will be harder to source and acknowledge by being increasingly diluted into the AI-generated noise.

I also haven't seen any practical advantage to using LLM prompts vs. traditional search engines in the general case: you end up typing more, for the sake of "babysitting" the LLM, and get more to read as a result (which is, again, aggravated by the fact that you are now given a single source/one-sided view on the matter, without citation, reference nor reproducible step to this conclusion).

Last but not least, LLMs are an environmental disaster in the making, the computational cost is enormous (in new hardware and electricity), and we are at a point where all companies partaking in this new gold rush are selling us a solution in need of a problem, every one of them having to justify the expenditure (so far, none is making a profit out of it, which is the first step towards offsetting the incurred pollution).

Why bring China here? This has been contentious for years and across many groups, both locals (e.g. japanese fishermen) and foreign (I don't see what gives China precedence over these concerns than any of these groups).

Though I'm no more of a nuclear waste expert than the next shitposter here, last I checked, the amount of radiation was well within safe levels (otherwise this option wouldn't be on the table), water is damn good at shielding against the effects of radiation (hence why almost all the fissile fuel is stored in some form of pool or another), and the active radioisotopes had a very short half-life (meaning that whatever impact it might still have today, it will be marginal a decade from now).

If that holds up against fact checking and scientific evidence, then by all means!

we hated studying that shit

It's a more than fine functional programming language if you ask me. Was that the functional aspect that you disliked? Or the syntax? Because in one case like the other I've got some bad news for you about what's to come in the programming languages landscape :)

Who tf uses OCaml.

The rust compiler (initially), large financial companies, the energy sector, etc: practically anywhere functional programming shines

written by a Scala programmer

You can add https://xmpp.org/extensions/xep-0156.html to the list :)

Decentralisation would just spread the costs

...the costs and the risks: let's jump forward a few years into financing issues, at what point does Signal become a liability and start operating against their stated mission, if the alternative is that they cannot survive? We are witnessing enough contemporary examples of enshittification to know that it's a real possibility, and that all centralized providers, but in particular the ones not charging for service, are at risk.

Some would even argue that this has already started in the case of Signal with their crypto payments and blocking of 3rd party clients which are clearly user-hostile.

Those individuals would have to collect contributions from their respective communities.

Perhaps, or perhaps not. Running costs get exponential with scale. You can host 1000 users on a shoebox computer/raspberry pi, but delivering a service for millions requires datacenter-level infrastructure and tons of engineering know-how.
Most people into self hosting or having a NAS at home can already accommodate their families, friends and more, which means millions of potential users, without the problem of trust from a single organization

Covering up a bloated protocol by a faster language has its limits though, and in the case of Matrix, well, a faster language only buys you little

No idea what the heck casaOS, but here you get your turnkey XMPP servers (if you really don't want to use a distro that packages prosody/ejabberd, which are all the ones worthy to be used anyways?):

• https://snikket.org/

• https://www.process-one.net/en/ejabberd/downloads/

Well, if SMS is dead then RCS is what we get instead, and there's no difference to us (and probably higher costs for Signal & al.)

And there are wayyyy too many things that depend on SMS for it to be dead any time soon, too :)

I will get shit for writing that, but Matrix in its current form shouldn't have seen the light of the day, nor should have been let to spread with close to no technical scrutiny and based on empty promises/hype like it did.

Just to be clear, I'm absolutely encouraging, in fact, actively promoting federated alternatives to things like WhatsApp, Messenger, Signal, Telegram, …
But I don't believe for a second that the foundations on which Matrix is built make sense, can be made to work well in practice, nor represent a problem worth spending so much time and effort solving. This article does a good job at introducing the "behind the scenes" of the protocol: https://telegra.ph/why-not-matrix-08-07

The whole history of Matrix can be summarized as:

• "let's do this because it's cool"

• "shit, it's hard/slow, but we will figure it out"

• "I have a breakthrough, here comes a new version of the protocol/client/…" (the ecosystem reboots)

(rinse and repeat)

Matrix has seen more incompatible reincarnations of itself in the last 5 years than XMPP in the last 20. Arathorn, its lead contributor and evangelist will keep apologizing, promising that this time they have their stuff in order, that whatever buzzword will solve this or that aspect of the problem, while the elephant still is in the room. You practically can't tell apart arathorn's messages of 2015 from those of 2022 and that would be funny if it wasn't so sad.

IMO Matrix is broken beyond repair, while XMPP is quietly used by millions of users. I wish Matrix could carry its own weight and be so unambiguously better that we wouldn't need competing alternatives there. To me, the better XMPP is XMPP itself, and I'd be happy to elaborate on that.

Mercurial* and no, GitHub never supported hg, that was kind of the distinguishing feature of bitbucket back in the glory days of VCS plurality.

Now if you need mercurial hosting, heptapod (a friendly fork of gitlab with mercurial support) is a great way to go