@TheFuzzStone@fosstodon.org i still don't trust signal. moxie is an egomanic who spreads fud about federated services, signal is US based, the server is defacto closed source and this may as well be a psyop.

@bonifartius @TheFuzzStone it's funny but this is 99.99% a psyop, probably organized because more people have been catching onto signal's role, i think it's obvious moxie works for some kind of government or corporate (insofar as there is a difference these days) surveillance operation, and his behavior makes no sense unless he is insane or actively attempting to sabotage peoples' privacy. i suspect the latter because there is a very clear pattern to his tactics: keep people trapped in the Google ecosystem where they're vulnerable, refuse to use fdroid or other package managers that implement actual security precautions, keep everyone centralized around a single, easily-subverted app, prevent federation, identify users through their most critical PII short of their social security number (and normally just as easy to tie to their irl legal identity, unless they went to all the effort of buying a burner in cash), and so on. at this point it would be madness not to assume bad faith.

any actually important data (social graphs and phone numbers, which signal obviously has access to -- they're lying under oath (i.e. committing perjury) if they claim otherwise to the FBI in legal documents, and if the FBI meekly accepts those lies, that will be the strongest evidence we're going to get that this is just more prolefeed, because i don't believe the FBI is already so braindead that they don't have anyone on staff who understands how cryptographic hashing works) would be transferred to USG either informally or under the auspices of an NSL (there is a reason signal does not have a warrant canary, i imagine). no way it would ever happen in public and reveal that capability to the people who haven't been able to see through moxie's aura of obfuscating bullshit

@velartrill if signal isn't a complete honeypot run by spooks, it at least is "tolerated" because said spooks might be very well able to just do timing attacks etc. at the borders of their network.

remember that there were cryptographic curves weakened "by accident". that's the level of sophistication one has to think about.

why signal is tolerated, but tor isn't and node operators are constantly harassed. maybe one of them works and the other doesn't.

@TheFuzzStone@fosstodon.org

@bonifartius @TheFuzzStone i mean Tor is a CIA project and the CIA relies on its existence for the sake of its operatives overseas, the FBI is just willing to take down drug markets and pedophiles when they get the chance. (shutting down pedo dens is just about the only admirable thing the FBI still does)

@velartrill @TheFuzzStone@fosstodon.org @bonifartius at this point I use signal because I dragged my friends there and they'll throw a fit if i try to drag them somewhere else

(tbh I'm not even sure what credible alternatives there are, telegram seems even worse)

at least the CIA/FBI is a smaller set than everyone that zuckerberg sells whatsapp data to

@skells @TheFuzzStone @bonifartius > credible alternatives

what are you trying to accomplish? what is your threat model? why are your messages sensitive, who are you concerned about spying on them, what are the possible consequences if they are disclosed? what non-security-related features do you need, like file transfer or inline images? (these are rhetorical questions, obviously don't answer them)

there are various decentralized privacy-respecting messenger apps like briar, as well as protocols like IRC (kinda sorta but not really federated) or tox (decentralized, privacy-focused). they all have different properties and use various different technologies -- IRC is ephemeral and can be protected with TLS, but you need to trust the server not to log shit so it's best to run your own. tox and briar have perfect forward secrecy and use modern crypto based on keypairs, but there's no multi-device support, which makes it a pain to use (although you really shouldn't be using cell phones for sensitive comms in the first place). XMPP has various security plugins but the protocol itself is a mess and hard to get working; i don't generally recommend it to anyone. then there's matrix ofc, but i think that's just as suspect as signal, and nobody should be using it for anything sensitive.

anything that uses a single corporate-controlled server or network (zoom, facetime, until recently matrix, disord) should be completely out of the question as far as secure comms is concerned. if you can't easily host your own isolated server, assume it's compromised.

signal is pushed as a "silver bullet" one-size-fits-all solution to privacy and security, and this is just another way you can tell it's bullshit, because there is never any such thing. most people would be better off just using SMS for non-sensitive comms simply because it doesn't put themselves and their friends in extra danger by getting their names on government lists.

@velartrill @TheFuzzStone@fosstodon.org @bonifartius

thanks for the recommends, will check them out

as i say, for day to day comms, at least signal isn't known to indiscriminately sell data to corporate as a revenue stream

@skells @TheFuzzStone @bonifartius just to be clear, i'm not "recommending" ANY of those apps or protocols at all, altho i do use several of them myself at time. i'm just listing them as examples that may work better than signal for certain people in certain contexts. the same software that saves one activist or operator's life could get another killed (e.g. signal itself is probably fine if you're working with CIA-funded terrorists overseas to try and undermine the chinese government, less so if you're organizing protests of vax mandates in a blue state). you have to weigh the tradeoffs for each individual use case. infosec is nothing without opsec

@skells @TheFuzzStone @bonifartius *myself at times

@velartrill just my 2 cents, i don't want a heated discussion: matrix is open source and you can host your own element and turn off integrations support. or just use a different client like fluffychat. or just build your own. server side dendrite seems to be running quite well.
there is quite valid criticism of some parts of the matrix ecosystem, but the protocol is just git on speed in the end. libolm is reviewed crypto, having well designed multi device group chat crypto is really a killer feature.

@TheFuzzStone@fosstodon.org @skells

@bonifartius @TheFuzzStone @skells matrix was sending vast amounts of metadata to the name-brand homeserver for years (yes, even if you "hosted your own"). and this from a project that bragged on its security. on its own, that evidence is enough to make it utterly irrational to *ever* trust matrix with anything sensitive ever again. there are plenty of tools available that don't have histories of such obvious and shocking bad behavior (and aren't involved with sketchy people), and using matrix instead of those is simply not a security-conscious decision.

sure, an unrelated team could fork matrix and try to make a trustworthy spinoff - but why bother, we already *have* better tools and that effort could go into improving them instead!

imagine a secret agent hiring a dual citizen who's been to prison for high treason twice to carry highly sensitive messages overseas -- you wouldn't do that no matter how much he swore he had changed or how many rehabilitation programs he had completed with flying colors, simply because there is no earthly reason to ever take such a risk.