🌞 Alexander Daychilde 🌞

I guess …x. means NOTHING to you… ;-)

= 0.21

;-)

Bothers me that you wouldn’t go for 1.21.1 but you got the freedom to be WRONG. WRONG WRONG WRONG^[1] if you want.

There’s a difference between trusting something written for general purpose use not to have harmful code vs. something written specifically for communications people want to keep private that would therefore be a target.

So either I felt I was making a valid point for consideration that I thought was valuable to make, or I’m a troll wasting everyone’s time.

I know what I am. And I’m starting not to care what you or others think. Go blindly and trust whatever you want, it’s no skin off my back. Frankly, I use Telegram because none of my comms are particularly sensitive, and I have no problem with that. I’d rather my private conversatiosn not be actively posted somewhere, but in the case of a breach, it wouldn’t be the end of my world. So I’ve no problem trusting Telegram thus far, personally, in my case.

Anyway, have a nice time. Understand my point or don’t.

You can take your rudeness and bugger off. I’m done with you.

Make all the accusations you want. You think you’re smart, but you are not.

If you are not auditing the source code, you are trusting those that are.

Precisely.

And it’s worth repeating here - the level of trust needed is affected by the nature of what you might lose if that trust is broken. For non-important things, trusting a third-party company is probably fine. If you’re in a country and being found out might mean you get put to death, though, the stakes are a bit higher.

Frankly, I have trouble believing that you don’t understand the difference here and are making your argument in good faith.

Let’s back up to what I replied to in the first place:

You don’t have to trust anybody

I even took the time to quote that, because it’s important.

Of course there are different levels of trust. But what you said is flatly wrong and misinformation, if you want to get technical about it. Arguing in bad faith? I beg your fucking pardon, friend.

Just becuase it’s less likely to find nefarious code in open source doesn’t mean it doesn’t exist. There ahve been multiple cases of it found in open source code. Blindly trusting something because it’s open source or you host it on your own server is a very very false sense of security, especially in the context of the larger discussion, which came about in regard to what information is exposed by certain messaging clients.

It’s also a matter of the importance of what you’re doing.

I wrote a little CRUD app a while back to track me giving my cat medication. I sanitized inputs, but I left it open without a login on my server, just an obscure URL that didn’t get published anywhere. All you could do was click a button to indicate the cat had been medicated, or another button to delete the latest entry. That was plenty of security for that. If I was writing a banking app, I’d use a bit more.

So yes, in the same way as that, hosting something you use to chat with friends about whatever is one thing; trying to communicate secretly from a country where your comms might lead to being put to death is quite another. And in the latter case, it’s important to know that no matter what you use, unless you wrote it or read all the source code, you are trusting others with your life. Perhaps you feel comfortable doing that, but you should be aware of it.

So no, this is not a discussion in bad faith at all, it is valuable on multiple levels.

Sure… and my point is that you have to trust those services that aren’t hosted in the USA. It’s a choice you have to make. I’m not judging either way, just pointing out because what I responded to in the comment to which I replied was:

The problem is that you just have to trust them

Which is true of open source unless you read the code and can verify nothing nefarious exists; which is true if you use a service in a country you trust; which is true no matter what you’re doing.

Not all entities are deserving of the same level of trust - some are more trustworthy than others - but you are still making a decision to trust someone unless you write the code yourself or verify the code yourself.^[1]

But again, you either read the source to confirm there’s nothing nefarious, or… you trust the programmers.

Which is not a problem, but it is a choice to trust. All I’m pointing out. :)

You don’t have to trust anybody when you run your own server,

You have to trust the people that wrote the code.

or you use a server that doesn’t collect information it has no business collecting.

Again, you’re trusting the authors of the code.

Which is fine, but it’s a choice to trust them.

And that is the problem with anything you don’t write yourself. And for anything you do write yourself: Are you smarter than the three-letter agencies?

Are you… just talking about stuff like pictures and videos and important documents? I mean, I would have thought the context was clear that that’s not really what’s being discussed. But if not, then sure, if you just have files backed up, then all you need to worry about is making sure you have enough copies of that as you need to not lose it.

Hmm. I’d better explain that.

Anywhere you have data that exists in one place, it is a matter of time before it dies. Who knows how long it’ll be, but it will eventually die.

If you have data in two places, then when it dies in one of those places, as long as it also hasn’t died in the other place, you have one copy and it will eventually die unless you replicate it somewhere else.

And many people find that when they go to read those burnded discs or read that backup external drive - oops, it’s damaged or dead. And then that data is gone.

So for unimportant things, a single backup somewhere is probably fine. But is that backup in your house with your computer that it’s also on? If your house burns, those two places are gone and your data is gone. Is that worth the tiny risk? Up to you. You know how much yo ucare about your data.

If you really want to make sure something valuable like important documents and family pictures, then ideally you want at least one copy offsite. If it’s important, it’s no bad thing to have two copies of it offsite along with perhaps one backup locally so it’s convenient. While you don’t need ten copies of data, it’s surprising how quickly 1-2 copies can go bad at the same time, or one goes bad and you don’t replace it and another goes bad and… quickly you run the risk of data loss.

For a home user who doesn’t want to lose their files,

That’s not the topic at hand, which one might’ve been able to tell from context clues.

two local backups and a cloud one.

That is a pretty good minimal setup. Not disparaging, that’s better than probably 95% if not more like 99% of people do.

Just give me anxiety?

No, you’re the one in a conversation that’s really not about your type of situation.

We’re talking about businesses who have servers - internet servers, internal servers. These run software. They have databases with largre amounts of data. They have programs that have lots of settings, configured in various ways. Servers set up to run services on the LAN and/or WAN and/or across the internet.

On your home computer, you can reinstall Windows, install Office, install Adobe, all the other software you use. And you can take the annoying time to re-customize everything to get it set up to your liking. Then copy all your documents over. You won’t have everything ready-to-go unless you use a fancy backup and restore method (that starts to touch on the subject being discussed here - that restore is not guaranteed unless you’ve tested it. It’s amazing how often that goes wrong), but it’s okay, you have time.

In a corporate environment, if something breaks and you need to restore that data and software, you need it up and running ASAP.

Now, you’d think it would be as simple as getting the hardware, installing the OS, installing the software, and restoring the data - but that’s not necessarily the case. Not the same version of the software? Data formatting might’ve changed. Settings might’ve changed. Does every version of everything work together? Underlying pieces f the system are different? Might cause things to break.

I won’t get into the technical details beyond that, but the point is that we’re not talking about just some pics and docs.

So that’s th egenesis of the misunderstandings here. It’s a wholly different topic than what you’re dealing with.

But yeah, for you, you’ve got a good backup system going. I personally have two different cloud providers for the data I want to keep the most, but that’s not all the pics and such, just for a subset of it.

Does the newly set up environment exactly match the previous? Same software versions?

And when the restoration of that data fails?

Are you being willfully ignorant or obstinate? Or do you not understand the concept that even with the data there, restoration of that data can fail in many ways?

A couple of times I needed to restore sites from backup, it failed. Not because the data wasnt there. Heh

Having the data is useless when the restoration process fails, which it can do due numerous reasons.

Would explain why there were that many reindeer, though. lol

That would be awesome. :)

My brain skipped over “herder” the first time and I was very very confused.