The first sentence was a response to you asserting voting is essential to democracy, which is false. The rest of the comment was a response to you not accepting Nemo@slrpnk.net’s argument.

If you can’t find an instance you agree with, and you have a mass of people who agree with you but are collectively too lazy to create a new instance, you would communicate your stance with words. Lemmy has a system for leaving text statements. You seem to be familiar. But there’s no mechanism to force the instance operator to obey you.

In a democracy, the community determines policy. Votes are orthogonal. If the community leaves when they disagree, by definition everyone that is remains agrees with the policy, making it a democratic policy. The friction to changing instance is very minimal, so it’s a good indicator of people’s opinions.

That’s very cool. What have you changed?

If they’re such precise shots, why did they miss 100000 times hitting random Palestinian children in the past two years?

If you divide it into thirds, it’s India and China at 34%, then the next 15 countries for another 33% (USA, Indonesia, Pakistan, Nigeria, Brazil, Bangladesh, Russia, Mexico, Japan, Philippines, Ethiopia, DR Congo, Egypt, Vietnam, Iran), and all other 188 countries make up the remaining 33%.

Ah yes, because the blue party are 5.2 Zionist, they think apartheid and ethnic cleansing is the birthright of whites on all days but Sundays, while the green party is 6.8 Zionist, they think apartheid and ethnic cleaning is the birthright of whites including Sundays.

The blue party actually wanted to dismantle Israel you guys, they were just waiting for the mortgage to be paid off.

You could watch two YouTube films at once. (No but seriously 2Mb/s is too low even for just YouTube. YouTube recommends 20Mb/s. And that’s probably assuming 30hz. So you probably actually want at double or more. https://support.google.com/youtube/answer/78358)

Surreal. Thank you.

Predicted by people who pretend USAid is charity.

I’m sorry, UAE SWAT world championships??

There’s no separate computer, it’s all in the monitor!

Gonna assume that museum has a lot more Nazi artifacts on display than from victims.

No, that’s just an assumption. It’s very standard. But they do, this is the code for it. https://github.com/signalapp/Signal-Android/blob/main/app/src/main/java/org/conscrypt/ConscryptSignal.java
That doesn’t confirm they send anything extra about your device, that’s an assumption as well.

If I share an IP with 100 million other Signal users

That’s already not very likely, but ignoring IP, you’re the only one with your SSL keys. As part of authentication, you are identified. All the information about your device is transmitted. Then you stop identifying yourself in future messages, but your SSL keys tie your messages together. They are discarded once the message is decrypted by the server, so your messages should in theory be anonymised in the case of a leak to a third party. That seems to be what sealed sender is designed for, but it isn’t what I’m concerned about.

daniel sent a user an image…

Right, but it’s not other users I’m scared of. Signal also has my exit node.

What you’re describing is (not) alarming (…) Signal’s security team wrote.

I mean if strangers can find my city on the secret chat app I find that quite alarming. The example isn’t that coarse, and Signal, being a centralised platform with 100% locked down strict access, they well could defend users against this.

What do you mean when you say “conversation” here?

When their keys are refreshed. I don’t know how often. I meant a conversation as people understand it, not first time contact. My quick internet search says that the maximum age for profile keys is 30 days, but I would imagine in practice it’s more often.

Even if we trust Signal, with Sealed Sender, without any sort of random delay in message delivery, a nation-state level adversary could observe inbound and outbound network activity and derive high confidence information about who’s contacting whom.

That is true, but no reason to cut Signal slack. If either party is in another country or on a VPN, then that’s a mitigating factor against monitoring the whole network. But then if Signal is sharing their data with that adversary, then the VPN or being in a different country factors has been defeated.

Here’s the blog post from 2017

I appreciate the blog post and information. I don’t trust them to only run the published server code. It’s too juicy of an honeypot.

I don’t have any comment on SGX here. It’s one of those things where there’s so many moving parts and so much secret information, and so much you have to understand and trust that it basically becomes impossible to verify or even put trust in someone who claims to have verified it. Sometimes it’s an inappropriate position, but I think it’s fine here: Signal doesn’t offer me anything, I have no reason to put so much effort into understanding what can be verified with SGX.

And thanks for the audits archive.

That’s cool! I’m really interested to know how many tokens per second you can get with a really good U.2. My gut is that it won’t actually be better than the 24VRAM+96RAM cache setup this user already tested with though.

How much do you need? Show your maths. I looked it up online for my post, and the website said 1747GB, which is completely in-line with other models.

https://apxml.com/posts/gpu-requirements-deepseek-r1

Thanks!

Can you link that post?

Running R1 locally isn’t realistic. But you can rent a server and run it privately on someone else’s computer. It costs about 10 per hour to run. You can run it on CPU for a little less. You need about 2TB of RAM.

If you want to run it at home, even quantized in 4 bit, you need 20 4090s. And since you can only have 4 per computer for normal desktop mainboards, that’s 5 whole extra computers too, and you need to figure out networking between them. A more realistic setup is probably running it on CPU, with some layers offloaded to 4 GPUs. In that case you’ll need 4 4090s and 512GB of system RAM. Absolutely not cheap or what most people have, but technically still within the top top top end of what you might have on your home computer. And remember this is still the dumb 4 bit configuration.

Edit: I double-checked and 512GB of RAM is unrealistic. In fact anything higher than 192 is unrealistic. (High-end) AM5 mainboards support up to 256GB, but 64GB RAM sticks are much more expensive than 48GB ones. Most people will probably opt for 48GB or lower sticks. You need a Threadripper to be able to use 512GB. Very unlikely for your home computer, but maybe it makes sense with something else you do professionally. In which case you might also have 8 RAM slots. And such a person might then think it’s reasonable to spend 3000 Euro on RAM. If you spent 15K Euro on your home computer, you might be able to run a reduced version of R1 very slowly.

Okay. But this method doesn’t address that the service doesn’t need the message to include the sender to know who the sender is. The sender ('s unique device) can with 100% accuracy be appended to the message by the server after it’s received. Even if we trust them on the parts that require trust, the setup as described by the blog doesn’t do anything to prevent social graphs from being derived, since the sender is identified at the start of every conversation.

If we trust them not to store any logs (unverifiable), then this method means they can’t precisely know how long a conversation was or how many messages were exchanged. But you can still know precisely when and how many messages both participants received, there’s just a chance that they’re talking to multiple people. Though if we’re trusting them not to store logs (unverifiable), then there shouldn’t be any data to cross reference to begin with. So if we can’t trust them, then why are we trusting them not to take note of the sender?

The upside is that if the message is leaked to a third-party, there’s less info in it now. I’m ignoring the Github link, not because I don’t appreciate you finding it, but because I take the blog-post to be the mission statement for the code, and the blog doesn’t promise a system that comprehensively hides the sender’s identity. I trust their code to do what is described.