- Joined
- Dec 3, 2023
Signal and Black Boxes - Free software secures less than you might think
- Thread starter ShooterOfCum
- Start date
-
🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.
- Joined
- Jan 4, 2021
also obviously kiwifarms DMs and sneedchat are the best most secure messaging services
- Joined
- Apr 21, 2021
I'm currently trying to convince my coworkers of this but these CATTLE insist on sms!
- Joined
- Oct 13, 2022
Tox is private/secure, in that outsiders cannot look into your conversations. It's not anonymous, as you connect directly to the person you're chatting with, and thus they can determine your IP address.
Session is a fork of Signal that gets rid of the phone number requirement, in favor of cryptographically generated hashes for user IDs.
On Simplex, you have no user ID unless you choose to generate a persistent user ID. Otherwise, Simplex generates a new random user ID for every new friend request.
- Joined
- Dec 13, 2022
Simplex is pretty unbeatable in terms of the lack of usernames for privacy,
but the signal algorithm (née Axolotl) is itself unmatched with perfect forward secretary and other niceties
but the signal algorithm (née Axolotl) is itself unmatched with perfect forward secretary and other niceties
- Joined
- Sep 24, 2023
Russian media and Roskomnadzor mention extremism and terrorism prevention as the official reason for the ban.
Source: https://ria.ru/20240809/signal-1965278021.html
Translation:
MOSCOW, Aug 9 — RIA Novosti. In Russia, Signal messenger was blocked due to unauthorized access, which made it possible to obtain information from Roskomnadzor.
"Access to Signal messenger is limited due to violation of the requirements of Russian legislation, the fulfillment of which is necessary to prevent the use of the messenger for terrorist and extremist purposes," the ministry said.
Users began to report a malfunction in the messenger. According to the service "Сбой РФ" (Sboy RF is a website similar to DownDetector), at 19:58 Moscow time there are about 2.2 thousand complaints.
Last year, journalist Tucker Carlson said that the US National Security Agency found out about his plans to interview Vladimir Putin after he discussed the idea with his colleague via Signal. According to Deputy Anton Gorelkin, this may indicate that American intelligence agencies have access to all correspondence.
In May 2023, Roskomnadzor banned the transfer of payment documents and personal data of Russians through nine foreign services subject to the law "On Information, Information Technology and Information Protection": Discord, Snapchat, Skype, Microsoft groups, Threema, Viber, WhatsApp, WeChat and Telegram.
Source: https://ria.ru/20240809/signal-1965278021.html
Translation:
MOSCOW, Aug 9 — RIA Novosti. In Russia, Signal messenger was blocked due to unauthorized access, which made it possible to obtain information from Roskomnadzor.
"Access to Signal messenger is limited due to violation of the requirements of Russian legislation, the fulfillment of which is necessary to prevent the use of the messenger for terrorist and extremist purposes," the ministry said.
Users began to report a malfunction in the messenger. According to the service "Сбой РФ" (Sboy RF is a website similar to DownDetector), at 19:58 Moscow time there are about 2.2 thousand complaints.
Last year, journalist Tucker Carlson said that the US National Security Agency found out about his plans to interview Vladimir Putin after he discussed the idea with his colleague via Signal. According to Deputy Anton Gorelkin, this may indicate that American intelligence agencies have access to all correspondence.
In May 2023, Roskomnadzor banned the transfer of payment documents and personal data of Russians through nine foreign services subject to the law "On Information, Information Technology and Information Protection": Discord, Snapchat, Skype, Microsoft groups, Threema, Viber, WhatsApp, WeChat and Telegram.
- Joined
- Oct 31, 2023
Forgot to mention this:
(((Meredith Whittaker))) - Ex-Google woke Jewess that designed censorship algorithms for over a decade for the far-left extremists at Google, and now serves as the CEO of the Signal Foundation. The one responsible for bringing in Katherine Maher (pro-censorship, ex-Wikipedia and current CEO of NPR (US government funded news outlet) demoness and a major blight on human civilisation) to serve as the chairman of the board at the Signal Foundation.
Well, she had something to say about the recent Signal Messenger ban in Russia:
Blog post (archive)
It's so obvious, yet searches on popular engines are constantly littered with praise for her apparent 'anti-censorship' stance with Signal Messenger.
I hate the antichrist.
(((Meredith Whittaker))) - Ex-Google woke Jewess that designed censorship algorithms for over a decade for the far-left extremists at Google, and now serves as the CEO of the Signal Foundation. The one responsible for bringing in Katherine Maher (pro-censorship, ex-Wikipedia and current CEO of NPR (US government funded news outlet) demoness and a major blight on human civilisation) to serve as the chairman of the board at the Signal Foundation.
Well, she had something to say about the recent Signal Messenger ban in Russia:
Blog post (archive)
It's so obvious, yet searches on popular engines are constantly littered with praise for her apparent 'anti-censorship' stance with Signal Messenger.
I hate the antichrist.
- Joined
- Jan 16, 2024
- Joined
- Jun 12, 2020
Would be cool if you could provide some information rather than dumping links like this.
Anyway it's a method of attempting to de-anonymize somebody by baiting their client into loading a Cloudflare cached resource then enumerating through all Cloudflare datacenters to figure out which one cached the item. The logic being that whichever datacenter happened to have the asset cached is one nearby your target.
It's not as exciting as the title suggests as it does presume the target isn't using a VPN endpoint far away from them, the routing to Cloudflare is good and actually using the nearest datacenter, and it does involve interacting with the target by sending them an image attachment.
Stupid as fuck that Signal is using Cloudflare.
- Joined
- Jan 16, 2024
I apologize, was too lazy to make a summary of this. But I posted here because it is another sign Signal might not be as safe as declared. Who knows, they untentionally left this, but like you said, cloudflare isn't known to be privacy friendly so kind of weird to use their service.
Regular_Non_Spy_Phone
kiwifarms.net
- Joined
- Jan 29, 2024
Snowden believes the official 9/11 narrative... He's an op like the rest. They all promote the same information in concert: GrapheneOS, Signal, mainstream narratives, controlled opposition narratives - and none ever stray. Of course mainstream movies were made about them and the international intelligence community couldn't catch them in HK or Moscow (what a joke)! Amazing that people just bought Pamela Anderson visiting Julian Assange... Everyone knows women can't resist whistleblowers (and people who shoot others point blank in the face downtown NYC)! /sarcasm
To be clear, reproducibility does exist and can work for Signal, but last time I checked you need to get the app manually to do so (which excludes Apple store). I don't feel like looking it up again because I've no interest in using (((Signal))). That is, "reproducibility" can let you know that you are running the same code you think that you are... https://reproducible-builds.org/
I tried Session for a while but it sucks too hard. Matrix is also a steaming pile. Telegram has the best UX but can't be trusted either. It would be good if some other geeks help us look into Wire (wire.com). Features:
- in F-DROID
- can be self-hosted (even has docs on how to do so with k3s)
- has a federation effort so you won't need a separate app to get started communicating with anyone using it.
- does not require a phone number
- if you self host, then you can supply a custom installation method for your users so they defaultly have access to both your server and the main server
This is too much for the non-technical, but unfortunately the best I've seen so far.
Revolver Salesman
kiwifarms.net
- Joined
- Dec 16, 2022
A self-hosted privacy app made by a company that had the means and the cash to secure a four letter .com domain?
https://en.wikipedia.org/wiki/Wire_(software)
https://en.wikipedia.org/wiki/Wire_Swiss
I don't know, seems like a funny deal.
Regular_Non_Spy_Phone
kiwifarms.net
- Joined
- Jan 29, 2024
They don't nearly have as much cash as the competition - and that isn't really proof of anything. They've never been promoted by the famous supposed whistleblowers like Signal was (and still is). If it is audited and FOSS, then it is a lot better than the competition if you can federate and make sure all of your personal projects and family messages are stored on your own servers instead of in plaintext on the company servers (Telegram) or E2EE with likely backdoors (WhatsApp). Another significant thing Wire has for it is having their app in F-DROID (which serves as a gate for privacy violations which even the GrapheneOS project seems to hate). Even Signal & Telegram won't allow their clients to pass the privacy preserving bars that F-DROID requires. Yes, there are some independent projects that got forks of Telegram into F-DROID, which is good.