@signalapp I disagree because your platform is #proprietary, #SingleVendor, #SingleProvider and doesn't allow for #SelfHosting, #SelfCustody of all the Keys and you demand #PII in the form of a #PhoneNumber which can be used.to track users down!
@froge @fj I'm not replacing @signalapp with "random tools" but good options.
Like @delta & @thunderbird as well as @monocles / #monoclesChat & @gajim which owrk flawlessly over @torproject / #Tor using @tails / @tails_live / #Tails and @guardianproject / #Orbot respectably.
Considering the costs of even acquiring and upkeeping an #anonymous #SIM, I'd rather pay €2 p.m. for #XMPP+#OMEMO and #PGP/MIME-supported #eMail with thr option of self-custody than $2,50+ p.m. just to keep a phone number.
Or is anyone here expecting @Mer__edith to risk jail for life amd not comply with #CloudAct?
It stenches like #ANØM, because NOTHING IS FOR FREE and running a #VCmoneyBurningParty is expensive...
Also the blatant dismissal of absolitely basic #OpSec & #ComSec is just flabberghasting.
Only #decentralized, #OpenSource & #OpenStandards can actuall survive long-term and remain #secure.
It's the same reasons we use #PGPG/MIME & #SSH and not #X400 & #X25!
IOW: Think "How can you weaponize Signal?" and see what you csn do just holding key people in contempt...
The less #info a provider has, the less they can be forced to snitch upon customers.
"#JustUseSgnal!" is a form of dangerous "#TechPopulism" aimed at bamboozling #TechIlliterates who don't know better, abusing information asymetry to pull rank instead of investing the time and effort to *explain "how" and "why" this is indeed a good or bad idea.
The only ones that have a chance to beat that are @delta / #deltaChat but that's just #PGP/MIME #eMail in a nice UI...
@anelki the only ones that believe in "#SecureEmail" after #DNMX, #SkyECC, #EncroChat, #ANØM aka. #OperationIronside aka. #OperationTrøjanShield are #TechIlliterates!
Use #OfflinePGP-Method or @tails_live / @tails / #Tails or don't even bother!!!
@CCC Das wird dem Wüst aber nix nützen, denn sie können nix anfangen, mit den Daten. Der einzige Grund für den Irrsinn ist, dass die Polizei zu langsam ist. Das ist sie, weil sie im Verfahrensirrsinn gefangen ist. (zertifiziert in 3facher Ausfertigung).
Anstatt positive Lehren aus #Encrochat zu ziehen, kommen die Herren Ahnungslos mit der Überwachungsgiesskanne, die ihnen von irgendwelchen Appartschiks eingeflüstert werden.
Das Risiko für Demokratie wird erhöht ohne wirklichen Gegenwert.
Another successful French/Dutch (via #Europol) infiltration of an encrypted messaging service, using the same Joint Investigation Team procedure as against #Encrochat. I wonder how they technically targeted the service this time — another weakness in the updating mechanism or other client software; handset vulnerability… 
We’ll find out when the first trials take place! https://www.europol.europa.eu/media-press/newsroom/news/international-operation-takes-down-another-encrypted-messaging-service-used-criminals
This goes back to the Trojan Horse & its warning.
Yes, making a horse that soldiers can hide in and then spring out of is ingenious.
But it’s useless unless you can make your enemy accept the thing you’ve primed. Coordinated & wholesale.
And orgs should know better.
See also: cops using EncroChat to catch whole drug dealing and organised crime networks.
I mean come on people.
#Encrochat #Cybersecurity
https://www.newyorker.com/magazine/2023/04/24/crooks-mistaken-bet-on-encrypted-phones
@EUCourtPress's decision on the #Encrochat case was a missed opportunity to protect the fundamental rights to #privacy & #DataProtection.
Read the legal analysis of the decision, co-authored by Hugo Partouche & @edri's @chlobemy, published by @StevePeers 
https://eulawanalysis.blogspot.com/2024/07/mass-hacking-and-fundamental-rights.html
The French version of this article is available to read in the June 2024 edition of AJ PÉNAL.
@leitmedium ich halte das für Geschwätz seitens @signalapp und @Mer__edith im speziellen, weil die sich bisher nirgendwo zurückgezogen haben.
Ich garantiere dir dass wenn mit Beugehaft bedroht jede*r bei Signal deren User doxxed - so wie's VPN-Anbieter taten und tun.
Wenn Signal wirklich auf #Sicherheit und #Privatsphäre fokussiert wäre, dann hätten diese einfach nen #XMPP + #OMEMO - Server im @torproject / #Tor - Netzwerk aufgezogen und auch das gesamte #Backend #dezentralisiert!
Things that #UK still exchanges data about and works alongside #EU post #Brexit
* #weather forecasting and monitoring (including climate research)
* #RoadSafety and traffic regulations
* #drugs prohibition (during EU membership UK was viewed as a source of good practice, especially for testing of drug use by drivers)
* law enforcement and #surveillance in general (consider the fallout from #Encrochat )
so the gammons have gained exactly 0 extra freedoms, and are even angrier..
One of the key leaders of #EncroChat extradited to #France with the support of #Eurojust
source: https://www.eurojust.europa.eu/news/one-key-leaders-encrochat-extradited-france-support-eurojust
> … supplying or transferring a cryptologic device without integrity control or prior declaration to the authorities.
Did you know that a cryptographic device could be illegal? Doesn’t that apply to almost every good messenger that you can easily download?
In a similar vein, make sure that things like your fingerprints aren't easily shown in any photos you share online. Take this almost hilarious example from a couple years ago as to why you should be careful about including your fingerprints in photos you upload.
A drug dealer was identified because of a picture of a block of cheese he posted online, and was subsequently arrested. In the photo, it clearly showed his fingerprints thanks to modern camera technology allowing for higher image resolutions.
If law enforcement is able to capture a person's fingerprint reliably through a photo, then so can anyone else. With enough time and skill, a bad actor use it for nefarious purposes and potentially even unlock your phone with a rubber mold.
Remember, you can always change a password, but you can't change your fingerprint.
https://www.theverge.com/tldr/2021/5/24/22451278/cheese-encrochat-drug-dealer-jailed-conviction
@enno not that surprising given that every #SingleVendor / #SingleProvider "solution" for communications will inherently have #Govware #backdoors, otherwise they'd be illegal!
That's why noone who takes #ITsec, #InfoSec, #OpSec & #comSec 100% seriously will use them for anything but posting public info.
That's how the drug dealers using #EncroChat & #ANØM got caught and why noone should trust any #VPN or #Messenger!
https://www.youtube.com/watch?v=WVDQEoe6ZWY
https://twitter.com/thegrugq/status/1085614812581715968
@AnarchoNinaWrites OFC!
In fact, all those services stench like the #Honeypots they are and I'd call LEAs to be "criminally incompetent" if they didn't sabotage it [#EncroChat] or did actually run it from day 0 [#ANØM]...
Cuz when push comes to shove, they'll all rat out their users!
https://www.youtube.com/watch?v=QCx_G_R0UmQ
https://twitter.com/thegrugq/status/1085614812581715968
Busted ‘secure’ EncroChat messaging service leads to over 6,500 arrests by police.
@AnonNewsDE Nach der Logik dürften keine*r der Nutzer*innen von #encroChat und #ANØM strafrechtlich verfolgt werden!
@terraboop same for me...
It's like people that want #WhatsApp 
but don't trust #Facebook / #NSAbook 
and then fall for shitty #SingleVendor & #SingleProvider options like @threemaapp, @signalapp, #EncroChat & #ANØM...
And we all know what happened to those that used EncroChat and #ANOM:
https://www.youtube.com/watch?v=qq9wnMXvgOc
https://en.wikipedia.org/wiki/ANOM
Okay, this is just embarrassing...
Whoever thinks any #SingleVendor / #SingleProvoider solution can be good, should read this teardown of #Converso:
#TLDR: Compare to that #ANØM was an engineering Masterpiece and #EncroChat gave all their shits to protect users.
@atomicpoet @zakiuem even Signal and Briar ain't good.
All #centralized and/or #SingleVendor / #SingleProvider Messenger Services are inherently insecure as they'll be obligated to comply with #Govware #backdoor requirements aka. " #LawfulInterception "...
Otherwise they'd be illegal and forcibly shut down by LEAs - just like #EncroChat was [which was also #insecure for the aforementioned reasons + being #CCSS and not #FLOSS thus not auditable]...
