Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://suya.place/users/bogdan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>bogdan</span></a></span> anything that mandates <a href="https://infosec.space/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> and doesn't provide <a href="https://infosec.space/tags/TOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TOTP</span></a> or <a href="https://infosec.space/tags/HOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HOTP</span></a> support as per <a href="https://infosec.space/tags/RFC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RFC</span></a> but demand something like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> that are <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> should be outlawed.</p><ul><li>I can accept <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>-based 2FA as a compromise...</li></ul>
Recent searches
No recent searches
Search options
Only available when logged in.
nerdculture.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
Be excellent to each other, live humanism, no nazis, no hate speech. Not only for nerds, but the domain is somewhat cool. ;)
No bots in general. Languages: DE, EN, FR, NL, ES, IT
Administered by:
Server stats:
1.2Kactive users
nerdculture.de: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#phonenumbers
0 posts · 0 participants · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> no it's not.</p><ul><li>Otherwise <a href="https://infosec.space/tags/OrganizedCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OrganizedCrime</span></a> would choose <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> so hard, you'd be shutdown within weeks by the <a href="https://infosec.space/tags/FBI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FBI</span></a> and <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> would be forced to <em>"pull a <a href="https://infosec.space/tags/LavaBit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LavaBit</span></a>"</em> and face jailtime for obstruction of justice or snitch on users! </li></ul><p>Being a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solution subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> makes you inherently vulnerable <em>by your own choice</em> and thus trivial to shutdown compared to <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a></em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the keys and true <a href="https://infosec.space/tags/decentralization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>decentralization</span></a> as well as <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a> (i.e. <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME [see <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>deltaChat</span></a> et. al.] and <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> [see <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monoclesChat</span></a> et. al.]!)</p><ul><li>Plus neither of those <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">shill</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a>-<a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scams</span></a> <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" target="_blank">like</a> <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a>! </li></ul><p>And don't even get me started on you collecting <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> (espechally <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>) <em>for no valid reason</em>, (thus violating <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GDPR</span></a> & <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BDSG</span></a>)...</p><ul><li>Not to mention relying ob <a href="https://infosec.space/tags/charity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>charity</span></a> and being a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VCmoneyBurningParty</span></a> isn't sustainable to begin with!</li></ul><p>But yeah, I'll be patient to shout <em>"<a href="https://infosec.space/tags/ToldYaSo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ToldYaSo</span></a>"</em> to your annoying cult of fanboys!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@Andromxda" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Andromxda</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@mollyim" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mollyim</span></a></span> no it's not bs and fanboying <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" target="_blank">isn't going to change that</a>.</p><p>If <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> was secure it would be the #1 comms tool of organized crime...</p><ul><li>Yet I've only seen <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechIlliterates</span></a> shill it.</li></ul><p>Real professionals use <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a> capable, fully <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FLOSS</span></a>'d solutions like <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME & <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a>.</p><ul><li>Again: Demanding <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> and shilling a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> (<a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a>) makes Signal literally untrustworthy and if it doesn't for you then maybe your standards are just too low... </li></ul><p>It's just me reading the room: Cuz <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a> isn't done woth <em>"JuSt UsE sIgNaL!"</em> and everyone who claims so without pointing out <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> & <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a> is BSing hard.</p><ul><li>The cold hard truth is that <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechLiteracy</span></a> is irreplaceable and the only solution to it is to actually teach normies how to <em>"get gud"</em> with stuff like PGP.</li></ul><p>Fortunatelty, <span class="h-card" translate="no"><a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>thunderbird</span></a></span> and <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tails</span></a></span> / <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tails</span></a> and many other tools make that easier than ever before.</p><ul><li>So rather than <a href="https://infosec.exchange/@Andromxda/114232871558517461" rel="nofollow noopener noreferrer" target="_blank">vomiting insults against my intellect in my mentions</a>, go to the next <span class="h-card" translate="no"><a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cryptoparty@mastodon.earth</span></a></span> / <a href="https://infosec.space/tags/Cryptoparty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cryptoparty</span></a> / <span class="h-card" translate="no"><a href="https://chaos.social/@cryptoparty" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cryptoparty@chaos.social</span></a></span> and lend a hand.</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@pixelcode" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pixelcode</span></a></span> <span class="h-card" translate="no"><a href="https://fedi.feministwiki.org/users/taylan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>taylan</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> the <a href="https://infosec.space/tags/centralization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralization</span></a>, espechally without means to hide it's traffic via <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> makes it trivial to detect and track <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> / <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> users.</p><ul><li>Add to that the fact that Signal has <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> = <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> on them and the fact they are incorporated in the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a>, thus subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> and it's not a matter <em>if</em> they snitch on users but how many thousands if not millions got subopena'd to this day.</li></ul><p>And with no self-custody of keys it's trivial to <a href="https://infosec.space/tags/Room641A" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Room641A</span></a> the users if the devs get <em>"motivated"</em> under threat of spending the rest of theor lives in jail.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fedi.feministwiki.org/users/taylan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>taylan</span></a></span> <span class="h-card" translate="no"><a href="https://social.tchncs.de/@pixelcode" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pixelcode</span></a></span> also add tocthe fact that <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> collects and stores <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> It's not <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>disinfo</span></a> when one points out that you demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> aka. <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> from Users and that is literally a architectural vulnerability, alongside your <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a> & <a href="https://infosec.space/tags/Centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Centralized</span></a> <a href="https://infosec.space/tags/Infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infrastructure</span></a>.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> being a <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> <a href="https://infosec.space/tags/Solution" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Solution</span></a> is literally the reason why I consider it <a href="https://infosec.space/tags/insecure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>insecure</span></a>.</li></ul><p>Not to mention the lack of <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> support with an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> or the willingness to fulfill <a href="https://infosec.space/tags/cyberfacist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberfacist</span></a> <em>"Embargoes"</em> or shilling a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> named <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a>!</p><ul><li><a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KYC</span></a> <em>is</em> the illicit activity!!!</li></ul><p>And don't get me started on the <a href="https://infosec.space/tags/cyberfacism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberfacism</span></a> that is <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a>.</p><ul><li>If you were secure, criminals would've used your platform so hard, it would've been shutdown like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncroChat</span></a> and <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SkyECC</span></a>.</li></ul><p>I may nit have allvthe.evidence yet, but <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> stenches like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a>: <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Honeypot</span></a>-esque!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@jrredho" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jrredho</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@walkinglampshade" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>walkinglampshade</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fj</span></a></span> </p><p><em>Don't 'splain me, m8!</em></p><p>Their figleaf exuses are not legitimate and <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span>'s <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> knows that...</p><ul><li>After all, <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> doesn't require any <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> <em>at all</em> and they are in fact sustainable as in not requiring <a href="https://infosec.space/tags/donations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donations</span></a>, since they are user-financed (subscription)...</li></ul><p>Read criticisms before commenting...<br><a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=tJoO2uWrX1M</span><span class="invisible"></span></a></p><ul><li><a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KYC</span></a> (<a href="https://mastodon.world/@jrredho/114225013025088640" rel="nofollow noopener noreferrer" target="_blank">of any kind</a>, including <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>) IS THE ILLICIT ACTIVITY!*</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.tulsa.ok.us/@BalooUriza" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>BalooUriza</span></a></span> should be easy for <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> as they have their <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>!</p><p><a href="https://infosec.space/tags/sarcasm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sarcasm</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fj</span></a></span> I still think <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> has fundamental flaws like demanding <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> (<a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> can't be obtained anonymously around the globe <em>and</em> are trivial to track down to devices and thus users), being subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> as an <em>unnecessary & 100% avoidable risk</em> as well as <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> shilling (<a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a>) and it's <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> nature that makes it inferior to <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a></em> like <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME & <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://kolektiva.social/@licho" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>licho</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@osman" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>osman</span></a></span> provide evidence the code <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> released is actually being deployed.</p><ul><li>Whereas <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> has <a href="https://infosec.space/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ReproducibleBuilds</span></a> to the point that <span class="h-card" translate="no"><a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fdroidorg</span></a></span> literally pulls their <code>git</code> and builds it from source.</li></ul><p>Not to mention pushing a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> (<a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a>) disqualifies <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> per very design!<br><a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=tJoO2uWrX1M</span><span class="invisible"></span></a></p><ul><li>Given the collection of <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>, the ability to restrict functionality based off those and the fact that <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> is subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> make it inherently not trustworthy.</li></ul><p>And don't even get me started on the fact.it's not sustainable to run it as a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VCmoneyBurningParty</span></a>!</p><ul><li>As soon as Signal becomes a problem, it will be taken offline, and due to the fact that it is <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> that's trivial for authorities.</li></ul><p>Same as identifying users: They already got a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> which in many juristictions one can't even obtain without <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ID</span></a> legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to <a href="https://infosec.space/tags/SS7" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SS7</span></a> a specific number...</p><ul><li>All these are <em>unnecessary risks</em>, that could've been avoided, but explicitly don't even get remediated retroactively!</li></ul><p>Again: Signal has a <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Honeypot</span></a> stench, and you better learn proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a>, <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> and <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechLiteracy</span></a> because <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank"><em>corporations can't pull the 5th [Amendment] on your behalf</em>!</a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@osman" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>osman</span></a></span>, no because <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> is a <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/centealized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centealized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solution that demands <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> for no valid reason, is subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> and only continues to exist because it's convenient as a means to fo <a href="https://infosec.space/tags/BulkSurveillance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BulkSurveillance</span></a> and mark it's users as <a href="https://infosec.space/tags/PeopleOfInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PeopleOfInterest</span></a>.</p><ul><li>I'd rather donate to <span class="h-card" translate="no"><a href="https://anonsys.net/profile/ccc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ccc</span></a></span> for running <a href="http://jabber.ccc.de" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">jabber.ccc.de</span><span class="invisible"></span></a> <em>and</em> buy a <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> <a href="https://infosec.space/tags/subscription" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>subscription</span></a> instead!</li></ul>
Sanyam Khurana<p>🚀 Just released django-phone-verify v3.0.1!<br>Cleaner error handling, optional backend dependencies (like Twilio/Nexmo), and prep for phonenumberslite. 🛠️📞</p><p>🔗 <a href="https://pypi.org/project/django-phone-verify/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">pypi.org/project/django-phone-</span><span class="invisible">verify/</span></a><br>💻 <a href="https://github.com/CuriousLearner/django-phone-verify" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/CuriousLearner/djan</span><span class="invisible">go-phone-verify</span></a></p><p><a href="https://mastodon.social/tags/Django" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Django</span></a> <a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/Twilio" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Twilio</span></a> <a href="https://mastodon.social/tags/Nexmo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nexmo</span></a> <a href="https://mastodon.social/tags/phonenumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phonenumbers</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.io/@ckrypto" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ckrypto</span></a></span> if@signalapp@mastodon.world wasn't complying with <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a>, <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> would be in jail.</p><p>Not to mention even <em>if</em> Signal keeps their <em>"<a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a>"</em> code updated - which is <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M&t=887s" rel="nofollow noopener noreferrer" target="_blank">doubtful</a>, <em>NOONE</em> can actually <a href="https://infosec.space/tags/verify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>verify</span></a> that it's the code you actually use - regardless if <a href="https://infosec.space/tags/backend" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backend</span></a> / <a href="https://infosec.space/tags/Server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Server</span></a> or <a href="https://infosec.space/tags/client" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>client</span></a> / <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>App</span></a>! </p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> is as secure as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a>, otherwise it would've been shutdown ages ago.</li></ul><p>Also if Signal was designed for <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a>, it would've been <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>decentralized</span></a> as <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> and not demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> which oftentimes cannot be obtained anonymously in many juristictions <em>at all</em>!</p><ul><li>Only <a href="https://infosec.space/tags/MultiVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiVendor</span></a> & <a href="https://infosec.space/tags/MultiProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiProvider</span></a> standards can be secure, regardless if OMEMO or <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME. </li></ul><p>By comparison, <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>delta</span></a></span> doesn't require any PII, only an <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a> account, and <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> isn't a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VCmoneyBurningParty</span></a> but sustainable due to <a href="https://infosec.space/tags/subscription" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>subscription</span></a> and they don't even require any personal details for <a href="https://infosec.space/tags/payment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>payment</span></a>: <a href="https://infosec.space/tags/CashByMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CashByMail</span></a> and <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Monero</span></a> are accepted.</p><ul><li>Not to mention neither <a href="https://infosec.space/tags/DeltaChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeltaChat</span></a> nor <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monoclesChat</span></a> are <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M&t=424s" rel="nofollow noopener noreferrer" target="_blank">pandering</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scams</span></a> like <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a> that <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">don't work</a> even for <a href="https://infosec.space/tags/TechLiterate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechLiterate</span></a> <a href="https://infosec.space/tags/CryptoBros" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoBros</span></a>! </li></ul> <p>Again: It's Signal alone who have to evidence they are trustworthy, and all I get are <em>"<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TrustMeBro</span></a>!"</em> replies, which means they are not to be trusted.</p><ul><li>Not to mention, it's just not sustainable to run a <a href="https://infosec.space/tags/service" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>service</span></a> without <a href="https://infosec.space/tags/revenue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>revenue</span></a>, even if it's run entirely by unpaid volunteers and gets all it's <a href="https://infosec.space/tags/hosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hosting</span></a> and <a href="https://infosec.space/tags/costs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>costs</span></a> donated, someone has to pay for expenses due to <a href="https://infosec.space/tags/abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>abuse</span></a> of a service (which is an inevitability come mass adoption)...</li></ul><p>Whereas with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a> I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.</p><ul><li>Signal as a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> service is inevitable vulnerable to <a href="https://infosec.space/tags/RubberhoseCryptoanalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RubberhoseCryptoanalysis</span></a>, and <a href="https://infosec.space/tags/Meredith" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meredith</span></a> <em>will break</em> if not doing so means <a href="https://web.archive.org/web/20210226175949/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">jail for life until she does</a>!</li></ul><p>Whereas with XMPP & PGP/MIME <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a> I can layer <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> over it, make it an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> and keep that thing under my bed with a <a href="https://www.youtube.com/watch?v=F59iKSrx63c&list=PL2YepVFF1azEYo0c0HdYwykbp_AXchaIp" rel="nofollow noopener noreferrer" target="_blank">literal killswitch</a>...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@Avitus" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Avitus</span></a></span> <span class="h-card" translate="no"><a href="https://udongein.xyz/users/lispi314" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lispi314</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lauren</span></a></span> And if you think <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> is gonna defy a duely submitted warrant and doesn't store or;collect any <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> then you propably;also believe that <a href="https://infosec.space/tags/LoglessVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoglessVPN</span></a>|s <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">are real</a>...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lauren</span></a></span> I disagree as <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> <em>requires</em> a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> = <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> & cost barrier and they restrict access based off <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>.</p><ul><li>Plus it's illegal in an increasing number if juristictions to gmeven attempt to acquire a phone number or SIM anonymously.</li></ul><p>Whereas it's so easy and fast to get <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechIlliterates</span></a> setup with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> (which uninke <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> doesn't demand PII!) that I'd challenge you to a <a href="https://infosec.space/tags/speedrun" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>speedrun</span></a> <em>with step-by-step documentation for every <a href="https://infosec.space/tags/TechIlliterate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechIlliterate</span></a> to follow along</em> to setup Signal <em>from scratch</em> vs. me doing <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> on <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gajim</span></a></span>.</p><ul><li>Cuz I did that on <span class="h-card" translate="no"><a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cryptoparty</span></a></span> / <a href="https://infosec.space/tags/CryptoParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoParty</span></a> / <a href="https://infosec.space/tags/CryptoParties" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoParties</span></a> quite often.</li></ul><p>Also <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> being <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a> makes it as vulnerable as any other <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solution!</p><ul><li>Whereas even if <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monocles</span></a> were to shutdown, one could easily switch over to any other provider or <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a>.</li></ul><p>I'd not count on the <a href="https://infosec.space/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trump</span></a>-Regime not flexing <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> against anyone they deem undesireable!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lauren</span></a></span> no, because <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> is subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> (= incompatible with <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GDPR</span></a> & <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BDSG</span></a> if you ever care!) and collects <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> in the firirm of <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>, which are at best pseudonymous but trivial to track and at most means that people inviting others without their consent comitted an illegal disclosure if PII!</p><ul><li>Use <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a></em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the keys that isn't <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" target="_blank">a</a> <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solution that <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">peddles</a> a <a href="https://infosec.space/tags/shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shitcoin</span></a> <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scam</span></a>!</li></ul><p>Give <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> a shot: <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monocles</span></a> & <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gajim</span></a>.</p><p><a href="https://docs.monocles.eu/apps/chat.app/" rel="nofollow noopener noreferrer" target="_blank">1</a> <a href="https://docs.monocles.eu/services/chat.service/" rel="nofollow noopener noreferrer" target="_blank">2</a> <a href="https://docs.monocles.eu/account/account/" rel="nofollow noopener noreferrer" target="_blank">3</a> <a href="https://monocles.eu/more/#account-section" rel="nofollow noopener noreferrer" target="_blank">4</a> <a href="https://monocles.chat/login" rel="nofollow noopener noreferrer" target="_blank">5</a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Beggarmidas" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Beggarmidas</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@Em0nM4stodon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Em0nM4stodon</span></a></span> <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a> aside, I think <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> 's <a href="https://infosec.space/tags/architecture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>architecture</span></a> of being a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> "solution" that.collects <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> <em>will bite it in it's rear</em>, cuz I'd not count on <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> not breaking when facing <em>life in prison</em> under <em>torturous conditions</em> (by European Standards).</p><ul><li>Whereas <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monoclesChat</span></a>, <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gajim</span></a> and other <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> clients do <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a></em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the keys!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://lesbian.solutions/@vultureculture" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>vultureculture</span></a></span> except <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> falls under <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> and collects <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> and chooses to selectively disable apo functionality based off it.</p><ul><li>Consider <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> instead.</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@ck" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ck</span></a></span> <span class="h-card" translate="no"><a href="https://soc.hardwarepunk.de/profile/sven222" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>sven222</span></a></span> <span class="h-card" translate="no"><a href="https://social.tchncs.de/@kuketzblog" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kuketzblog</span></a></span> problem is <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> is a <a href="https://infosec.space/tags/Centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Centralized</span></a>, <a href="https://infosec.space/tags/Proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solution that falls under <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> and demands <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> in the form of <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a>.</p><ul><li>So even if we'd agree that <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> as implememented in <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monoclesChat</span></a> & <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gajim</span></a> is bad (and <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME over XMPP isn't good either) there are still better options than <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> (i.e. <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>deltaChat</span></a> which uses PGP/MIME & <a href="https://infosec.space/tags/IMAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IMAP</span></a>-Push aka. <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a>) that don't require a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a>, allow <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a> and are truly <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> with an <a href="https://infosec.space/tags/OpebStandard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpebStandard</span></a> that allows for <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a></em> as in <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the <a href="https://infosec.space/tags/Keys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keys</span></a>.</li></ul><p>Cuz all the <a href="https://infosec.space/tags/advertising" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>advertising</span></a> of Signal is close to <a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TrustMeBro</span></a> and I'd not trust in <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> to <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">risk jail for users</a>!</p><ul><li>But you do you... </li></ul><p><a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://possum.city/@tauon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tauon</span></a></span> </p><p>1) <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> is just <a href="https://infosec.space/tags/CyberFacism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberFacism</span></a>, look it up!<br><a href="https://en.wikipedia.org/wiki/CLOUD_Act" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">en.wikipedia.org/wiki/CLOUD_Act</span><span class="invisible"></span></a></p><ul><li>And with <a href="https://infosec.space/tags/Trumpism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trumpism</span></a> ravaging the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a> must be considered as <a href="https://infosec.space/tags/hostile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hostile</span></a> as <a href="https://infosec.space/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> and the <em>"P.R."</em> <a href="https://infosec.space/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>China</span></a> by anyone who takes <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a> seriously!</li></ul><p>-</p><p>2) <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> 's <a href="https://infosec.space/tags/Server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Server</span></a> code is proprietary and since it's centralized we can't trust that the code they release is what's running on their backend! </p><ul><li>Plus their <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>App</span></a> doesn't allow <a href="https://infosec.space/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ReproducibleBuilds</span></a> (if Signal was <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FLOSS</span></a> it would be on <span class="h-card" translate="no"><a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fdroidorg</span></a></span> / <a href="https://infosec.space/tags/Fdroid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fdroid</span></a>) but alas it isn't!</li></ul><p>-</p><p>3) <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> still demands <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> which are <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> either by association (<a href="https://infosec.space/tags/Number" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Number</span></a> => <a href="https://infosec.space/tags/ICCID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICCID</span></a> = <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SIM</span></a> = <a href="https://infosec.space/tags/IMSI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IMSI</span></a> => <a href="https://infosec.space/tags/IMEI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IMEI</span></a> => Location Data <a href="https://infosec.space/@kkarhan/113467346741876822" rel="nofollow noopener noreferrer" target="_blank">as I explained before</a><a href="https://infosec.space/@kkarhan/113878565911126519" rel="nofollow noopener noreferrer" target="_blank">twice</a>) or mandatory <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KYC</span></a> / <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ID</span></a> requirements (even on prepaid cards), which an increasing amount of juristictions <em>do</em>...</p><ul><li>They have no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> demanding said <a href="https://infosec.space/tags/PersonallyIdentifyingInformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PersonallyIdentifyingInformation</span></a> to begin with! </li></ul><p>-</p><p>But don't take my word for it.<br><a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=tJoO2uWrX1M</span><span class="invisible"></span></a></p><ul><li>Ask yourself if you'd trust someone <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">peddlibg</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scams</span></a> like <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a> with your data!</li></ul>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload