Great "Adam Ruins Everything" episode about this: https://www.youtube.com/watch?v=CAeHuDcy_bY

I ended up using the exact same solution! The only annoying thing is that I want "untrusted apps" to open external links in a new DEFAULT tab so that I don't carry over the whitelisted cookies but that requires manual "right click > open in" with the default setup.

Is end-to-end encryption going to be part of a modern IRC experience? Please, this is an absolute must. And don't make it optional if possible. Make non-e2ee optional.

These specifications just capture how the IRC protocol currently operates, so that isn't described here (isn't widespread afaict, and there isn't a clear 'winner' in terms of implementations/mindshare). The issue with something like E2E encryption is getting rough consensus with all the vendors, which is what the IRCv3 WG focuses on: http://ircv3.net/

There's been a number of E2E encryption methods proposed in the past such as SSL/TLS DCC (which doesn't do certificate verification from what I've seen, so that's not too useful here), FiSH and OTR are already used decently out there but I'm not aware of any widely-available, simple-to-implement specification for clients to look at. There's another interesting proposal here, but it hasn't gained traction as of yet: http://blog.bjrn.se/2009/01/proposal-for-better-irc-encrypti...

What's the point if anyone can just publish the log?

What's the point of any encryption if any of the participating parties can publish the plaintext?

I keep having the feeling like Google is making its sites unusable on FFX. Same with FB, for example with Chrome m.facebook.com & mbasic.facebook.com serve different pages whereas Firefox gets the dumbed down mbasic content on both domains. I think there are several examples out there where Google does the same.

Signal is about _privacy_ not necessarily anonymity. Understand the difference?

edit: And anyways, if you read their blog posts you can see how you phone number is only required to make it easy to connect for the masses. You already have your social graph in your contact book.

https://www.startpage.com gives you Google results but proxied.

and freakin' Tinder. damn it

What are you talking about? It's owned by Rakuten, a Japanese company.

WhatsApp also had a session at F8 about e2ee spam filtering...

https://developers.facebook.com/videos/f8-2017/how-whatsapp-...

I'd really love to support ProtonMail but one thing I can't swallow is that there's no server-side search of email bodies (only to/from & subject) because it's encrypted. This kills the possibility of searching through years of newsletters & stuff :/

[I'm stupid they have 2FA, ignore this comment.]

Another huge problem is the lack of two-factor authentication. How can a security-oriented service not offer TOTP or even SMS 2FA.

2FA has been out for almost 6 months.

Oops, my Google-fu is worse than I thought.

You will be able to use the upcoming ProtonMail IMAP/SMTP bridge to do fulltext search locally.