You’d need write access to the user’s home directory, but doing something with desktop notifications on modern Linux is as simple as

dbus-monitor "interface='org.freedesktop.Notifications'" | grep --line-buffered "member=Notify\|string" | [insert command here]

Replacing the Signal app for that user also doesn’t require elevated privileges unless the home directory is mounted noexec.

I don’t recall Signal ever claiming their desktop app provided encryption at rest.

I’m not sure if they’ve claimed that, but it does that using SQLCipher.

If someone can read my Signal keys on my desktop, they can also:

• Replace my Signal app with a maliciously modified version
• Install a program that sends the contents of my desktop notifications (likely including Signal messages) somewhere
• Install a keylogger
• Run a program that captures screenshots when certain conditions are met
• [a long list of other malware things]

Signal should change this because it would add a little friction to a certain type of attack, but a messaging app designed for ease of use and mainstream acceptance cannot provide a lot of protection against an attacker who has already gained the ability to run arbitrary code on your user account.

Kiwi Browser runs nearly every extension that runs on desktop Chromium, including uBlock Origin.

Signal should change this, but it’s typical of the traditional desktop OS security model in which applications running under the user’s account are considered trustworthy. Security-oriented software like Signal should take a more hardened approach, but this is not some glaring security hole.

One of the things I like about Slashdot’s system is that it requires a reason for a downvote. Of course that doesn’t prevent people from downvoting disingenuously, but it nudges users away from downvoting just because they disagree.

I think for most social systems, the UI I’d use is a report or flag button that pops up a second step with a list of reasons, and like Slashdot, show the most selected reason next to low-ranked posts.

The law doesn’t say they can’t make it difficult to service, just that they can’t deny your warranty because you did.

Signal has offered custom stickers for years, but it’s up to the user to generate them.

I’m mostly against downvoting without explanation, so here it is: expressing this sentiment in this community without a really solid explanation of why you think it would actually help seems like trolling.

The relevant section of the DMA imposes restrictions on designated gatekeepers. It does not apply to websites that are not designated as gatekeepers.

That behavior might be questionable under the GDPR though.

It seems like at least some people view apps that come preinstalled on their phone differently from other apps, but I’m not sure why.

A quick web search for third-party coverage information tells me that Wanaque has good coverage from Verizon and poor coverage from T-Mobile. It’s easy to guess why T-Mobile might be motivated to change that situation.

Federated systems are one option for this. On one of my sites, the only way people can leave comments is with ActivityPub. They must have a (probably pseudonymous) account on a server to use that, and I hope that most servers have moderation I find acceptable. I can block those that do not.

More sophisticated options for sharing reputation between servers would help here. If, for example five servers I trust block another server as a source of harassment, I’d like to block it as well, automatically.

most people see messaging apps like Signal, WhatsApp and other third party apps for personal use only.

In Europe, businesses, especially small businesses often use WhatsApp, to the point of putting its logo next to their phone number on signs. I wonder what creates the perception where you are that messaging apps are for personal use, not business.

Signal, being owned by a nonprofit has a bit more resistance to that than most.

That’s the main reason I recommend it over alternatives with similar technical capabilities, such as WhatsApp.

Google had the chance to make its Hangouts messaging app dominant when it was, briefly the default SMS client on Android devices. They threw that away following pushback from carriers.

I’m glad Google doesn’t have the dominant messaging service, but I find it bizarre anybody still uses SMS when there are so many internet-based options. I have six, and if somebody really wants to use another, I’ll probably add it.

I’m sure Apple shares a lot of the blame, but holy shit how is this not solved in 2024. I shouldn’t have to resort to spam filled shitware from Meta to get remotely modern messaging cross platform

There’s no shortage of options; the problem is getting the people you’re talking to to agree on one you like. I find Signal strikes a good balance between goodness and ease of use, and many people I know who aren’t tech or privacy nerds use it.

My (self-hosted) Mastodon server seems unable to view profiles on Threads. As far as I can tell, there’s nobody to talk to about that.

I don’t have high hopes about Meta having good intentions here, but I am eager to see platforms that would have previously been walled gardens open up to the federated model. I do think we have some work to do on the open source side to manage the potential massive increase in exposure once Threads users can follow users of other software.

Of course you can pick a server that blocks Threads if you just don’t want to deal with that.

I’m not surprised they could. I’ve worked on things that send SMS messages and I’m aware that carriers filter for spam and scams (perhaps not as effectively as one might hope).

I’m surprised to hear of messages being blocked for mere profanity.

Anyway, SMS sucks, default to something else and fall back to SMS as a last resort. Gently encourage your contacts to use Signal.

SMS fallback. A feature which you can use with any app on Android

SMS fallback is not a common feature of internet-based messaging apps on Android. Signal used to do it, but does not now. I don’t think WhatsApp or Telegram ever did.