Plus, is he an abolitionist?

Slavery, abortion, prison, or guns?

ublock origin does not have this disclaimer. It works well and is widely trusted.

If you’re using Mozilla’s level of endorsement as a metric, note this prominent disclaimer on the addon’s page:

⚠️ This add-on is not actively monitored for security by Mozilla. Make sure you trust it before installing.

Yep. It works and it’s awesome. I use conversations on android devices and dino and gajim on desktops, various family members use siskin on iOS.

With zero app or server-software or provider lock-in, and an actual in-practice diversity of apps and providers, the whole thing seems pretty immune to enshittification.

Well within the budget of a private investigator or burglar or peeping-tom or abusive ex-partner.

No need to scale; plenty of privacy/security incursions don’t require mass-surveillance.

That said, I’d suggest that the attack does scale economically . Think war-driving but with one of these setups – cruising around in a van through a dense neighbourhood collecting short clips of cctv footage looking for something of interest.

[…] the attack is an extremely expensive nation state level operation that doesn’t scale.

About $250 at most. Quoting the linked page:

Below is a list of equipment we used for the experiments.

• (1) Software Defined Ratio (SDR): Ettus USRP B210 USRP, ~$2100.
• (2) Low Noise Amplifier (LNA): Foresight Intelligence FSTRFAMP06 LNA, ~$200.
• (3) Directional Antenna: A common outdoor Log-periodic directional antenna (LPDA), ~$15.
• (4) A laptop, of course.

Note that the equipment can be replaced with cheaper counterparts. For example, USRP B210 can be replaced with RTL-SDR that costs ~$30.

To reproduce the attack: our GitHub repository provides the codes and instructions for reproducing and understanding the attack. We have prepared a ready-to-use software tool that can produce real-time reconstructions of the eavesdropped videos with EM signal input from the USRP device.

I wonder when (if?) orbital radio receiver arrays (a la starlink) are sensitive and discriminating enough to be used for this type of attack.

Conversations can be a unified push distibutor: https://unifiedpush.org/users/distributors/conversations/

…and I’d trust it (battery-wise) with that. I have an old tablet with conversations running without battery restrictions on it, and if I’m not actually picking it up and using it it regularly goes 1-2 weeks on an 80% battery charge before it dies, the whole time giving audible notifications for XMPP messages/calls (which I attend to on other devices).

Cryptpad:

• Full-on google docs / office365 / libreoffice type replacement with collaboration.
• E2EE
• The complexity means it doesn’t work well on mobile, takes a while to load on a slow connection, more frequent bugs. (3.5 MiB page transfer)
• Self-hosting is complicated.

Etherpad:

• A competent collaborative rich-text editor. Doesn’t do spreadsheets or presentations or […].
• Not E2EE (you need to trust that the server a bit more).
• Lightweight, works on slower connections, works alright on mobile. (1.7 MiB page transfer)
• Self-hosting quite simple.

PrivateBin:

• Super-simple plain-text/markdown pastebin. No editing possible once saved.
• E2EE
• Very small. Works fine on slow connections and mobile. (0.2 MiB page transfer)
• Self-hosting very simple.