Snapchat does not use end-to-end encryption for messages, so it doesn’t even belong in the conversation.

WhatsApp and FB Messenger are somewhat defensible choices since they at least use E2EE by default (Messenger did not until recently). However, there are a few good reasons to favor Signal:

1. It is open source. Interested parties can actually verify that Signal’s encryption claims are true. Interested parties can also audit new versions as they released.
2. Facebook/Meta, as a company, has a long history of tracking users, leaking user data, and even conducting psychological experiments on users without consent and in secret.
3. WhatsApp and Messenger only allow 6-digit PINs to secure your messages. With that PIN, you can decrypt those messages. Signal allows for longer alphanumeric passcodes.
4. Facebook makes no promises not to track your usage of Messenger or WhatsApp, only that the messages themselves are encrypted.

Additionally, you can set Android to use an ad-blocking DNS server without apps. In Settings > Network & Internet > DNS, select “Private DNS” and set the hostname to a custom server, like base.dns.mullvad.net (Mullvad’s DNS server is free to the public, does not require a VPN subscription).

The per-app controls sound neat! I might give that a try. Google killed the ability to restrict apps’ network access years ago, specifically so ads would always work. I’ve never tried a local VPN as a workaround.

It’s insane that this is even legal.

If the guesser wins routinely, this suggests that the thinker can access about 220≈1 million possible items in the few seconds allotted.

I’m not sure this premise is sound. Are there not infinitely more than 2^20 permutations of the game?

This would be true if the questions were preset, but the game, in reality, requires the guesser to make choices as the game progresses. These choices can be quite complex, relying on a well developed theory of mind and shared cultural context. Not all the information is internal to the mechanics of the game.

The unspoken rules of the game also require the thinker to pick something that can plausibly be solved. Picking something outlandishly obscure would be frowned upon. The game is partly cooperative in that sense.

If you were to reduce the game to “guess the number I’m thinking of between 0 and infinity”, then it wouldn’t be very fun, it would not persist across time and cultures, and you wouldn’t be studying it. But you might get close to a 0% win rate (or…maybe not?).

I’d guess that most of the “few seconds” the thinker spends is actually to reduce the number of candidates to something reasonable within the context of the game. If that’s true, it says nothing whatsoever about the upper bound of possibilities they are capable of considering.

Idea for further research: establish a “30 questions” game and compare win rates over time. Hypothesis: the win rate in 30 questions would fall to similar levels as with “20 questions” as players gained experience with the new mechanics and optimized their internal selection process.

our brain will never extract more than 10 bits/s

Aren’t there real recorded cases of eidetic memory? E.g. The Mind of a Mnemonist. I have not re-read that book with a mind toward information theory, so perhaps I am overestimating/misremembering the true information content of his memories.

Related feature on my wish list: I’d love a way to basically fork a feed based on regex pattern matching. This would be useful for some premium feeds that lump multiple podcasts together. For example, one of my Patreon feeds includes three shows: the ad-free main feed, the first-tier weekly premium feed, and the second-tier monthly premium feed.

I don’t want to filter them out because I DO want to listen to all of them, but for organizational purposes I don’t want them lumped together. I’d prefer to display these as two or three separate podcasts in my display.

Another example is the Maximum Fun premium BoCo feed. They include the bonus content for ALL their shows (which is…a lot) in a single feed. I only listen to about half a dozen, and even that is a bit of a mess in one feed!

They have a big IRL ad campaign in major US cities. See https://mullvad.net/en/blog/advertising-that-targets-everyone

These ads certainly aren’t the worst, but they’re still a bit misleading. Using a VPN is not going to prevent tracking in general. Your phone apps will still send GPS data to all the same places. Web sites will still use all the same cookies. Facebook is still gonna be Facebook. 🤷

That said, Mullvad does include domain-based ad and tracker blocking with their DNS server (which is free and available to the public, btw), and that’s also optional on the VPN, so it does help to a point.

(Pinging @countrypunk@slrpnk.net to avoid double-replying. )

Sure. I’m referring to the ones that run big ad campaigns, like Nord and Mullvad. They tend to overstate how a VPN can protect you, sometimes in ways that barely make sense. There is no epidemic of criminals stealing personal credit card information over insecure wi-fi, for example. The ads play into ignorance and fear.

That said, yeah, I’d rather be on a VPN when on a public wi-fi network. But I’m not really worried about someone sniffing my encrypted HTTPS traffic (which is pretty much everything nowadays; Firefox by default won’t even load unencrypted web sites).

Some VPNs allow multi-hopping, similar to Tor. I couldn’t give you an exhaustive list but most popular ones support this. Mullvad and Proton do, for example. There are also strategies to add noise into VPN traffic.

This is not a silver bullet, of course. Tor has similar problems as you describe if an adversary has visibility into enough nodes. As always, this comes down to your threat model.

On the one hand, I find the advertising of VPNs outright dishonest. On the other hand, I would trust any reputable VPN provider much more than I trust my ISP or cell carrier.

Great points, thanks.

Can you clarify what you mean by “local decryption”? I thought Proton and Tuta work pretty much the same way, but perhaps there’s a distinction I’m missing.

One thing I like about Tuta is that it has the option to cache your messages in localstorage in your browser so you can do full-text search. FWIW, I think Proton added a similar feature recently, though I have not tried it. I imagine neither would work very well with large mailboxes; probably better to configure a real email client.

Do they offer cloud storage now? From what I can see on their web site, it’s 500GB…just for email. I mean sure, that’s cool, but it would take me several lifetimes to accumulate 500GB of email so it’s not much of a selling point to me.

It’s a good email service, anyway. I’ve been using the free tier for a few years. Similar to Proton, and in theory Tuta is more private because they encrypt the headers as well as the message body.

Is this legit? This is the first time I’ve heard of human neurons used for such a purpose. Kind of surprised that’s legal. Instinctively, I feel like a “human brain organoid” is close enough to a human that you cannot wave away the potential for consciousness so easily. At what point does something like this deserve human rights?

I notice that the paper is published in Frontiers, the same journal that let the notorious AI-generated giant-rat-testicles image get published. They are not highly regarded in general.