I think I know what's going on: iputils[1] ping can't ping IPv6-mapped IPv4 addresses, but inetutils[2] ping can. And look inside the parens:
$ ping ::ffff:127.0.0.1
PING ::ffff:127.0.0.1 (::ffff:127.0.0.1) 56 data bytes
says the non-working one,
$ ping ::ffff:127.0.0.1
PING ::ffff:127.0.0.1 (127.0.0.1): 56 data bytes
says the working one. In Wireshark, the latter appears as ICMPv4 packets on the lo interface, whereas the former does not appear at all(?..). So overall this makes some amount of sense: you can write a TCP-using program that's agnostic to whether it's running on top IPv4 or IPv6, but you have to use different ICMP versions for IPv4 and IPv6. I actually don't know why it has to be that way.
(My initial confusion was because I thought 'o11c was saying they could ping ::ffff:127.0.0.1 but not .2. It makes much more sense for either both or neither to be pingable.)
The good thing is that verifying the other contact is invisible to the server in Signal. This means that it's stochastically sufficient that a few people do check their contacts in order to see whether there is any widespread MITMing going on.
It's less encrypted. E.g. you'd think that emoji reactions are end-to-end-encrypted (as they are in Signal). But they aren't[1]. I expect similar implementation issues wrt. the encryption in Matrix.
Some people get very emotional about the games that they play and will pay to have them DDoSed because of something or someone they're angry about. Others just love to cause chaos and will happily buy a DDoS attack to screw other people over. They even get to watch the outcome in real-time because of streamers.
reply