Itβs like a medal of honor for a privacy preserving app π
this post was submitted on 10 Aug 2024
339 points (100.0% liked)
Privacy
789 readers
22 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Indeed. If whatsapp isn't on the list, then I have all the confirmation I need.
The Russian government has also allegedly begun preparations to block the WhatsApp messaging app.
https://kyivindependent.com/messenger-signal-blocked-in-russia-media-says/
Zucks check didn't clear yet.
Maduro uninstalled whatsapp live on television a few days ago
Smart move, considering Signal is a US-hosted centralized service that has to comply with US NSL laws.
These comments below seem to be unaware of all the issues privacy advocates have of signal.
I don't get it, are you really arguing that Russia and Venezuela are blocking Signal to protect their citizens from American snooping?
All countries should ban US-domiciled companies like signal, or any communication platform hosted in Five-eyes countries, and especially ones domiciled in the US, which has to adhere to National Security Letters.
Mass censorship is never good for civil liberties. Let people decide on there own.
Also Signal is cryptographically sound. Many other messagers use a similar protocol
As I commented below, US security forces aren't that interested in message content anyway, since they don't have time to parse through every message to construct meaning. Signal does require your phone number tho, as well as message timestamps, meaning they can build social graphs of real people. Tons of metadata living on a single US-based server.
It doesn't matter if it is US based. You shouldn't trust the server.
Signal has known issues. That doesn't mean it is entirely bad though. Saying things like Signal is insecure is simply untrue. It has weaknesses but it also has the benefit of protecting your messages completely and being well established.
My question was more about the motives in this case.
Well IMO all countries should have the motivation to prevent US spying on their country's populations. You generally don't know about honey pots before they get exposed.
The question of what should be done can be interesting, but that was not my question. It's obvious this is not the motive here.
If you are in your own country opposition it's better to use a foreign tool, even better if it's in a country that's not gonna collaborate with yours.
I imagine just using metadata you can look for people who are discontent, then provides list of those people to the opposition to contact and mobilize them and get them to protest.
Or target them with stories and bots to turn them into a revolutionary force, but that would be more useful for social media networks instead of signal.
they hated him because he spoke the truth smh
use matrix, briar, simplex in that order
also what email platforms + vpns do you recommend, out of curiosity?
load more comments
(2 replies)
Signal has strong cryptographic protocols that are not easily broken. It pioneered the use of double ratchet encryption. (Different keys for each message)
It does expose phone numbers to Signal and the US government but that may or may no be a concern depending on what your threat model is.
Would peer to peer apps be resistant to this sort of thing?
It depends. Somehow it has to discover the peers. Other than that, they could block traffic between residential IP addresses and there goes large part of the P2P network
Russia and Venezuela are huge hotbeds of piracy from populations without access or capital to access most forms of entertainment.
Breaking P2P in this manner would basically be getting rid of the circus part of bread and circuses. Not a good move for an authoritarian.
why telegram is not blocked? makes you think...
Telegram is not secure, I guess if you can listen to it better not block it.
I mean it was blocked before Signal was blocked. Russia somewhat famously badly broke their Internet trying to shutdown telegram... and eventually gave up.
I'm guessing Signal finally has enough market share to get the Russian government's attention but not enough market share that they think the web of proxies that kept Telegram online will keep Signal online.
and eventually gave up
or maybe they came to an agreement on mutually beneficial terms
load more comments
(1 replies)
It isn't private
Honestly I would've expected it to be blocked much earlier
matrix stays winning
Probably mostly because almost nobody uses it.
Matrix isn't secure depending on how you use it. It also doesn't protect individual identities terribly well.
Simplex Chat would be the better option however the main Simplex Chat server and matrix server could end up blocked as well.
Matrix is entirely self-hostable, and you can turn off both federation, and the requirements for any linkable identifiers.
Signal by contrast requires your phone number, isn't self-hostable, and is based in a five-eyes country.
Matrix doesn't protect metadata, which is arguably just as (if not more) important than message data. Signal by contrast does protect metadata and proper implements Perfect Forward Secrecy for all chats. I do think Signal's centralized design and phone number requirements problematic, but Signal still has many merits. Such as its massive user base for a AGPL-only project.
Matrix also implements Perfect Forward Secrecy, and that's been the case for a very long time: https://security.stackexchange.com/questions/162773/are-matrix-messages-encrypted-using-perfect-forward-secrecy
What do you mean by AGPL-only? Synapse is also AGPL. And you can only guarantee that there won't be projects with other licenses if you prevent them from existing.. which is not something to be desired
load more comments
(5 replies)
for a AGPL-only project.
Citation needed. It is undisputed that the software that runs on their servers is not identical to the code they release; if they release at all because sometimes they just stop for a year, until people complain π«
load more comments
(2 replies)
plenty of servers for both though
Couldn't they block them too? Monitor the domains people connect to, check if it's a Matrix server and block it if it is.
load more comments
(5 replies)
The overwhelming majority of users are on the main servers. It also impacts self hosted Matrix servers that use the matrox.org identity server.
load more comments
(1 replies)
Why countries that do not prosecute political dissent bock apps used by political dissenters? /s
they figured it out that it's CIA :)
view more: next βΊ