eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

223
active users

#SingleProvider

0 posts0 participants0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@martinsteiger" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>martinsteiger</span></a></span> Welche?</p><p>Weil ich sehe nur <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> &amp; <a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> in Benutzung...</p><p>Aber vielleicht sind jene Personen naiv genug <a href="https://infosec.space/tags/propriet%C3%A4r" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietär</span></a>|en <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> - Lösungen auf den Leim zu gehen?</p><p><a href="https://infosec.space/@kkarhan/114701389295661772" translate="no" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1147013</span><span class="invisible">89295661772</span></a><br>infosec.space/@kkarhan/114697690127511140</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@pascal_f" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>pascal_f</span></a></span> <span class="h-card" translate="no"><a href="https://social.tchncs.de/@kuketzblog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kuketzblog</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.net2o.de/@forthy42" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>forthy42</span></a></span> <span class="h-card" translate="no"><a href="https://bonn.social/@ulrichkelber" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ulrichkelber</span></a></span> </p><p>Eben! Ich betrachte es ferner als naiv angesichts <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a>, Anbietern proprietärer <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> / <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a>-"Lösungen" wie <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> das vertrauen zu schenken!</p><ul><li>Und wenn das bedeutet dass Leute <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows11</span></a> &amp; Co. rausschmeißen dann ist dem so.</li></ul><p>Gerade weil <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> zusammenhängen und nur zusammen funktionieren...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://nrw.social/@my_millennium" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>my_millennium</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@dbrgn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dbrgn</span></a></span> <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> Ist trotzdem <a href="https://infosec.space/tags/zentralisiert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zentralisiert</span></a> (<a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a>) und damit <a href="https://infosec.space/tags/propriet%C3%A4r" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietär</span></a> und untauglich, weil gegen <a href="https://infosec.space/tags/KeckhoffsPrinzip" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeckhoffsPrinzip</span></a> und grundlegende <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> verstoßend!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hear-me.social/@debby" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>debby</span></a></span> <a href="https://infosec.space/tags/Mumble" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mumble</span></a>, <a href="https://infosec.space/tags/IRC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IRC</span></a>, <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a> (+OMEMO = <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a>) &amp; <a href="https://infosec.space/tags/Linphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linphone</span></a> (<a href="https://infosec.space/tags/SIP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIP</span></a> / <a href="https://infosec.space/tags/VoIP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VoIP</span></a>) are the better options. <a href="https://infosec.space/tags/NextcloudTalk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NextcloudTalk</span></a> also exist and <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> as well as <span class="h-card" translate="no"><a href="https://mstdn.social/@Stuxhost" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Stuxhost</span></a></span> offer that.</p><ul><li><p><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and <a href="https://infosec.space/tags/Session" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Session</span></a> are <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solutions!</p></li><li><p>And <a href="https://infosec.space/tags/Matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Matrix</span></a> is just a shittier <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>. Give <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/DeltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeltaChat</span></a> a try instead.</p></li></ul><p>OfC <a href="https://infosec.space/tags/JitsiMeet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JitsiMeet</span></a> and <a href="https://infosec.space/tags/WebCall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebCall</span></a> are also great!</p><p><a href="https://webcall.timur.mobi" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">webcall.timur.mobi</span><span class="invisible"></span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> It's not <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disinfo</span></a> when one points out that you demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> aka. <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> from Users and that is literally a architectural vulnerability, alongside your <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a> &amp; <a href="https://infosec.space/tags/Centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Centralized</span></a> <a href="https://infosec.space/tags/Infrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infrastructure</span></a>.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> being a <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> <a href="https://infosec.space/tags/Solution" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Solution</span></a> is literally the reason why I consider it <a href="https://infosec.space/tags/insecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>insecure</span></a>.</li></ul><p>Not to mention the lack of <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> support with an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a> or the willingness to fulfill <a href="https://infosec.space/tags/cyberfacist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberfacist</span></a> <em>"Embargoes"</em> or shilling a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a> named <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileCoin</span></a>!</p><ul><li><a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a> <em>is</em> the illicit activity!!!</li></ul><p>And don't get me started on the <a href="https://infosec.space/tags/cyberfacism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberfacism</span></a> that is <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a>.</p><ul><li>If you were secure, criminals would've used your platform so hard, it would've been shutdown like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> and <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a>.</li></ul><p>I may nit have allvthe.evidence yet, but <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> stenches like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a>: <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a>-esque!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> I disagree because your platform is <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a>, <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> and doesn't allow for <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a>, <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the Keys and you demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in the form of a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> which can be used.to track users down!</p><ul><li>If <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> was as secure as claimed, it would've been shut down like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a>, <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a> &amp; others...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.vivaldi.net/@ueeu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ueeu</span></a></span> I think crucial parts is looking at it's components, dependencies, size and for apps permissions.</p><ul><li>Also make shure it uses <a href="https://infosec.space/tags/OpenStandards" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenStandards</span></a>, because <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> can be just a <em>"smoke grenade"</em> when it's a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solution.</li></ul><p><a href="https://infosec.space/tags/ReproduceableBuilds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReproduceableBuilds</span></a> for example are important, so the actually released source code is what people actually get served as basis.</p><ul><li>Both of the latter points are something that <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> does perfectly and that <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> completely fails at!</li></ul><p>Plus in terms of <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a>, choose *real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the <a href="https://infosec.space/tags/Keys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keys</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@dalias" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dalias</span></a></span> I <em>sincerely disagree</em> because none of my claims got debunked and no evidence against <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> have come up to me as of today.</p><ul><li><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> being a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solution subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> by virtue of being located in the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a> <em>WILL NOT JUST BLOW UP IN PEOPLES FACES, BUT GET PEOPLE KILLED</em> under <a href="https://infosec.space/tags/Trumpism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trumpism</span></a>!</li></ul><p>I hope to be proven wrong, but up until now I've always been at the position of <a href="https://www.youtube.com/watch?v=SBgeCZW3upg" rel="nofollow noopener" target="_blank">saying</a> <a href="https://infosec.space/tags/ToldYaSo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ToldYaSo</span></a>!</p><ul><li>Whereas with <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> you have way stricter <a href="https://infosec.space/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a> (cuz there are no <a href="https://infosec.space/tags/DataProtevtionLaws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtevtionLaws</span></a> in the <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a> that actually get enforced, otherwise <a href="https://infosec.space/tags/Musk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Musk</span></a>'s minions.would've been jailed of not killed for trespassing and hacking critical systems!) <em>AND</em> unlike <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a>, <a href="https://monovles.eu" rel="nofollow noopener" target="_blank">monocles</a> doesn't demand any <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> whatsoever! <a href="https://infosec.space/@kkarhan/113999675511028742" translate="no" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1139996</span><span class="invisible">75511028742</span></a></li></ul><p><span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span> no, because <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> is subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> (= incompatible with <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> &amp; <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BDSG</span></a> if you ever care!) and collects <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in the firirm of <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a>, which are at best pseudonymous but trivial to track and at most means that people inviting others without their consent comitted an illegal disclosure if PII!</p><ul><li>Use <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a></em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the keys that isn't <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener" target="_blank">a</a> <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solution that <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener" target="_blank">peddles</a> a <a href="https://infosec.space/tags/shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shitcoin</span></a> <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a>!</li></ul><p>Give <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> a shot: <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monocles</span></a> &amp; <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gajim</span></a>.</p><p><a href="https://docs.monocles.eu/apps/chat.app/" rel="nofollow noopener" target="_blank">1</a> <a href="https://docs.monocles.eu/services/chat.service/" rel="nofollow noopener" target="_blank">2</a> <a href="https://docs.monocles.eu/account/account/" rel="nofollow noopener" target="_blank">3</a> <a href="https://monocles.eu/more/#account-section" rel="nofollow noopener" target="_blank">4</a> <a href="https://monocles.chat/login" rel="nofollow noopener" target="_blank">5</a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.social/@rysiek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rysiek</span></a></span> <span class="h-card" translate="no"><a href="https://circumstances.run/@agturcz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>agturcz</span></a></span> that's not how you fix <a href="https://infosec.space/tags/TechIlliteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliteracy</span></a>, espechally since things changed for the better.</p><p><span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> &amp; <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gajim</span></a> are quite easy, whereas <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> / <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> demands <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in the form of a <a href="https://infosec.space/tags/Phone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phone</span></a> number which is more often than not not legally obtainable without <em>"<a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a>"</em> aka. <em>"forced <a href="https://infosec.space/tags/SelfDoxxing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfDoxxing</span></a>"</em> all whilst being an extremely <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solution that falls under <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> ant thus <em>cannot</em> adhere to <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> &amp; <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BDSG</span></a>!</p><ul><li>Sorry, but <em>"<a href="https://infosec.space/tags/TechPopulism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechPopulism</span></a>"</em> alike <a href="https://mstdn.social/@rysiek/113869169340313254" rel="nofollow noopener" target="_blank"><code>"JuSt UsE sIgNaL !"</code></a> won't fix <a href="https://infosec.space/tags/TechIlliteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliteracy</span></a> but rather provide false sense of security to <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> when the <em>correct solution</em> is to teach <em>proper</em> <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechLiteracy</span></a> like <span class="h-card" translate="no"><a href="https://chaos.social/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cryptoparty@chaos.social</span></a></span> / <span class="h-card" translate="no"><a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cryptoparty@mastodon.earth</span></a></span> / <a href="https://infosec.space/tags/CryptoParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoParty</span></a> does...</li></ul><p>Otherwise we'd only perpetuate the <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittification</span></a>-<a href="https://infosec.space/tags/Lifecycle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lifecycle</span></a> as has happened with <a href="https://infosec.space/tags/AIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIM</span></a>, <a href="https://infosec.space/tags/ICQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICQ</span></a>, <a href="https://infosec.space/tags/BBM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BBM</span></a> and so many more...</p><ul><li>Mark my words, cuz I've been proven correct up to this point.</li></ul><p>If <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> <em>actually cared</em>, they would've setup their system <em>truly decentralized</em> as an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a> over <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a>!</p><p><a href="https://infosec.space/tags/THXBYE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>THXBYE</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EOD</span></a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> <a href="https://infosec.space/tags/DigitalSnakeoil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalSnakeoil</span></a> <a href="https://infosec.space/tags/FakeSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FakeSec</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@ClickyMcTicker" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ClickyMcTicker</span></a></span> <span class="h-card" translate="no"><a href="https://fedi.rrr.sh/@pearl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>pearl</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@geerlingguy" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>geerlingguy</span></a></span> </p><p><em>From scratch</em> should (and would) be possible if said <a href="https://infosec.space/tags/configuration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>configuration</span></a> isn't just proprietary bs but actually following a documented syntax akin to any proper <a href="https://infosec.space/tags/configuration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>configuration</span></a>.</p><ul><li>I assume this is <em>NOT</em> the case cuz otherwise you'd not offer said job.</li></ul><p>Not to mention <a href="https://infosec.space/tags/vendors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vendors</span></a> prefer <a href="https://infosec.space/tags/siloing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>siloing</span></a> amd <a href="https://infosec.space/tags/Enshittifying" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittifying</span></a> products, so having <a href="https://infosec.space/tags/InterchangeableFormats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InterchangeableFormats</span></a> goes against their primary <a href="https://infosec.space/tags/commercial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>commercial</span></a> interests.</p><ul><li>We can see this peak with <a href="https://infosec.space/tags/Cisco" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cisco</span></a> &amp; <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> pushing both proprietary <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> standards, <a href="https://infosec.space/tags/patenting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>patenting</span></a> the implementation (i.e. <a href="https://infosec.space/tags/VRRP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VRRP</span></a>) and sueing everyone who wants to implement them (i.e. <a href="https://infosec.space/tags/CARP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CARP</span></a> had to do a shitton of redundant work!) whilst also refusing to follow <a href="https://infosec.space/tags/Standards" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Standards</span></a> (i.e. <a href="https://infosec.space/tags/Posix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Posix</span></a> <a href="https://en.m.wikipedia.org/wiki/Newline" rel="nofollow noopener" target="_blank">new line</a> ) &amp; <a href="https://infosec.space/tags/Conventions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Conventions</span></a> (I've seen literal CISCO &lt;=&gt; <a href="https://infosec.space/tags/IETF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IETF</span></a> dictionaries!)...</li></ul><p>Sadly it's more <a href="https://infosec.space/tags/unrealistic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unrealistic</span></a> to see such standardization to happen than <a href="https://infosec.space/tags/YAML" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YAML</span></a> being replaced <a href="https://github.com/greyhat-academy/YADL" rel="nofollow noopener" target="_blank">by</a> <a href="https://infosec.space/tags/YADL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YADL</span></a>...</p>
Kevin Karhan :verified:<p>You use XMPP+OMEMO because you think it's neat.</p><p>I use XMPP+OMEMO because all centralized, single-vendor and/or single-provider messengers are inherently garbage, collect PII like <a href="https://infosec.space/@kkarhan/111968251463697943" rel="nofollow noopener" target="_blank">phone numbers</a> for no <em>"legitimate reason"</em> and don't offer proper End-to-End - Encryption with self-custody of all the keys, making them either honeypots or prime targets for warrants.</p><ul><li><em>We are not the same!</em></li></ul><p><a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a> <a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> <a href="https://infosec.space/tags/WeAreNotTheSame" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WeAreNotTheSame</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> <a href="https://infosec.space/tags/Centralization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Centralization</span></a> <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> <a href="https://infosec.space/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encryption</span></a> <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> <a href="https://infosec.space/tags/Warrant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warrant</span></a> <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a> <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationIronside</span></a> <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationTrøjanShield</span></a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://freiburg.social/@ditol" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ditol</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@samueljohn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>samueljohn</span></a></span> <span class="h-card" translate="no"><a href="https://23.social/@linuzifer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>linuzifer</span></a></span> </p><p><em>THIS</em> is where I disagree...</p><p>You may think it's elitist, but if people are too lazy to learn even fundamentals like how to use <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tails</span></a> then maybe they should just not do <a href="https://infosec.space/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> at all?</p><ul><li>Like: We expect people to show at the every least theoretical proficiency in terms of <a href="https://infosec.space/tags/TrafficCode" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrafficCode</span></a> and <a href="https://infosec.space/tags/VehicleSafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VehicleSafety</span></a> in +every juristiction I'm aware of* and literally mandated <a href="https://infosec.space/tags/DrivingLicense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DrivingLicense</span></a>|s for that reason.</li></ul><p>I'll gladly teach <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> but I won't waste my time on <a href="https://infosec.space/@kkarhan/113344834546549105" rel="nofollow noopener" target="_blank">people that spread disinfo</a>...</p><p>It's 2024: <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails</span></a></span> has been out for over a decade and there are a shitload of guides ranging from written documentation to Zoomer-friendly TikTok-Style shorts on how to get started.</p><ul><li><p>I don't expect people to do <a href="https://infosec.space/tags/airgapped" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgapped</span></a> <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank">pffline-PGP</a> but with <span class="h-card" translate="no"><a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>thunderbird</span></a></span> including <a href="https://infosec.space/tags/Enigmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enigmail</span></a> and not requiring any external dependencies like the god-awful <a href="https://infosec.space/tags/GPG4Win" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG4Win</span></a> stuff's easier than ever.</p></li><li><p>Same with <a href="https://infosec.space/tags/mobile" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mobile</span></a>: <a href="https://infosec.space/tags/Appls" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Appls</span></a> like <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> are so easy, I've been able to onboard literal tech-illiterates remotely with few steps and <a href="https://docs.monocles.eu/apps/chat.app/" rel="nofollow noopener" target="_blank">simple instructions</a>. </p></li></ul><p>FOR THE LAST TIME: </p><p>*STOP MAKING EXCUSES TO JUSTIFY ESCALATING COMMITMENT TO EVIDENTLY BAD SOLUTIONS!"</p><ul><li>Cuz <a href="https://web.archive.org/web/20240000000000*/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank">when push comes to shove</a> <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> herself would introduce a <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> into <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> when faced with indefinite jailtime...</li></ul><p>Whereas with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the keys as well as <a href="https://infosec.space/tags/ReproduceableBuilds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReproduceableBuilds</span></a> and <em>real</em> <a href="https://infosec.space/tags/decentralization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralization</span></a>, this would be evidently impossible even if all the devs wanted to comply honestly and not just because they could be held at gunpoint.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> is not your friend. It's merely a tax-exempt <em>"non-profit"</em> corporation, and corporations are explicitly nobodys friend - espechally when they demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/@kkarhan/111968251463697943" rel="nofollow noopener" target="_blank">phone numbers</a> for useage.</li></ul><p>Compare that to <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monocles</span></a> where you do pay like €2 p.m. but in return get <a href="https://infosec.space/tags/standard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>standard</span></a> <a href="https://infosec.space/tags/protocols" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>protocols</span></a> like <a href="https://infosec.space/tags/IMAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IMAP</span></a>, <a href="https://infosec.space/tags/SMTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMTP</span></a> &amp; <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a> and <a href="https://monocles.eu/more/#payment-section" rel="nofollow noopener" target="_blank">can pay anonymously</a> and not have to provide any PII whatsoever!</p><ul><li>And unlike <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> they ain't dependent on <a href="https://infosec.space/tags/VC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VC</span></a> funding and <a href="https://infosec.space/tags/grant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grant</span></a> money to keep the lights on.</li></ul><p>Make of that what you will, but just like allowing flatearthers to roam freely without caretaker supervision doesn't make the world less round, so won't the facts change about <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>. </p><ul><li>The only reason Signal is still online and not <a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pwned</span></a> like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> is because it's either a Sting op like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> aka. <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationIronside</span></a> aka. <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationTrøjanShield</span></a> or they have already backdoored their <a href="https://infosec.space/tags/backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backend</span></a> so hard that all their <a href="https://infosec.space/tags/marketing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>marketing</span></a> is just <a href="https://infosec.space/tags/lies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lies</span></a> like <a href="https://infosec.space/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a>...<br></li></ul><p>Because all <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solutions are bad, and if they don't even allow for <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> then they are just a <a href="https://infosec.space/tags/grift" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grift</span></a> to <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> tech-illiterates that don't know and/or don't care! </p><p><a href="https://infosec.space/tags/thxbye" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thxbye</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EOD</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@samueljohn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>samueljohn</span></a></span> <span class="h-card" translate="no"><a href="https://freiburg.social/@ditol" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ditol</span></a></span> <span class="h-card" translate="no"><a href="https://23.social/@linuzifer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>linuzifer</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> I disagree cuz in <em>both</em> cases they demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> for no legitimate reason <em>AND</em> they are still <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solutions where <a href="https://infosec.space/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> is <em>"<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustMeBro</span></a>!"</em> level re: <a href="https://infosec.space/tags/Backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backend</span></a>!</p><ul><li>Whereas with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> &amp; <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME one can not only <a href="https://infosec.space/tags/SelfHost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHost</span></a> and choose their clients of choice <em>but</em> they also respect <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> and deliver proper security through proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> &amp; <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the keys...</li></ul><p>Seriously, it's 2024 and there's no valid reason to not use like <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> + <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Orbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Orbot</span></a> &amp; <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails</span></a></span> / <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tails</span></a> + <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/Gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gajim</span></a> for <a href="https://infosec.space/tags/secure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secure</span></a> &amp; <a href="https://infosec.space/tags/anonymous" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>anonymous</span></a> <a href="https://infosec.space/tags/comms" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>comms</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.social/@rysiek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rysiek</span></a></span> also <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a> - like <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> - demand and collect <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> which ain't possible to acquire anonymoisly in more and more juristictions.</p><ul><li>Plus, both are <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solutions that don't allow for <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the keys nor <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> and thus violate <a href="https://infosec.space/tags/KerckhoffsPrinciple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KerckhoffsPrinciple</span></a>, meaning they are inherently <a href="https://infosec.space/tags/insecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>insecure</span></a>.</li></ul><p>Using <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> by contrast is secure and adding <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> to tunnel it makes it even more anonymous.</p><ul><li>So don't expect any messenger to cover your 6, but instead go out of your way so that <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank">even when held at gunpoint</a>, they can't decrypt comms!</li></ul><p>Cnsider every <a href="https://infosec.space/tags/Messenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Messenger</span></a> that doesn't <a href="https://infosec.space/tags/decentralize" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralize</span></a> and support <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> oit of tue box to be insecure!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.glitched.systems/@froge" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>froge</span></a></span> <span class="h-card" translate="no"><a href="https://toot.io/@methuselah" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>methuselah</span></a></span> <span class="h-card" translate="no"><a href="https://social.cryptography.dog/@ansuz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ansuz</span></a></span> I disagree to an extent </p><ul><li>It's as <em>"shit"</em> as <a href="https://infosec.space/tags/T38" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>T38</span></a> aka. <a href="https://infosec.space/tags/Fax" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fax</span></a> over <a href="https://infosec.space/tags/SIP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIP</span></a> and <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME on eMail but it's way better than *every single proprietary aka. <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> and/or <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> alternative...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://tldr.nettime.org/@leitmedium" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>leitmedium</span></a></span> ich halte das für Geschwätz seitens <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> und <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> im speziellen, weil die sich bisher <em>nirgendwo</em> zurückgezogen haben.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> ist bestenfalls auf dem <em>"<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustMeBro</span></a>!"</em>-Level von <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> und wahrscheinlich ein gigantischer <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> alla <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> weil die nicht nur ein <a href="https://infosec.space/tags/zentralisiert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zentralisiert</span></a>|er <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> - Messenger sind, sondern <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> wie <a href="https://infosec.space/tags/Telefonnummern" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telefonnummern</span></a> erfassen und speichern.</li></ul><p>Ich garantiere dir dass wenn mit Beugehaft bedroht jede*r bei Signal deren User doxxed - so wie's <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank">VPN-Anbieter taten und tun</a>.</p><ul><li>Aber das ist <a href="http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/084b1e1084343fc37c4e/#c-228d7ba7660c592e5a" rel="nofollow noopener" target="_blank">nicht meine Meinung</a> sondern <a href="https://infosec.space/tags/UnbequemeWahrheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnbequemeWahrheit</span></a>...</li></ul><p>Wenn Signal wirklich auf <a href="https://infosec.space/tags/Sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sicherheit</span></a> und <a href="https://infosec.space/tags/Privatsph%C3%A4re" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privatsphäre</span></a> fokussiert wäre, dann hätten diese einfach nen <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a> + <a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> - Server im <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> - Netzwerk aufgezogen und auch das gesamte <a href="https://infosec.space/tags/Backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backend</span></a> <a href="https://infosec.space/tags/dezentralisiert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dezentralisiert</span></a>!</p><ul><li>Wäre Signal so sicher wie diese behaupten, dann wäre der Dienst qua <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> lange verboten und das Personal in Haft!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@kuketzblog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kuketzblog</span></a></span> alle <a href="https://infosec.space/tags/zentralisierten" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zentralisierten</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> - Lösungen sind shice.</p><p>Egal ob <a href="https://infosec.space/tags/Threema" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Threema</span></a>, <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a>, <a href="https://infosec.space/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WhatsApp</span></a> oder <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@pixelcode" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>pixelcode</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@alshafei" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>alshafei</span></a></span> again: That is mitigateable by having plausible deniability of said identities <em>and</em> using <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> to connect to said services.</p><p>In fact, just using <a href="https://infosec.space/tags/Orbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Orbot</span></a> and <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> allows you to connect to <a href="https://github.com/greyhat-academy/lists.d/blob/6baa1cd666a4d41874b00e86b41ef0aede9d5719/xmpp.servers.list.tsv" rel="nofollow noopener" target="_blank">any XMPP Service</a>, including those that have an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a>.</p><p>It takes mere seconds to get someone setup and ready to go!</p><p>Whereas with <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a> &amp; <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> / <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> services, your only security is said provider/vendor saying <em>"<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustMeBro</span></a>!"</em>...</p><p>Espechally tying accounts to <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> is a big no-go IMHO because that's trivial if not already being spied upon by LEAs and in more juristictions than ever before it's basically illegal to acquire any <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIM</span></a> without <em>"identification"</em> aka. self-doxxing towards the provider!</p><p>And if you really need like an organization group chat, self-hosting <a href="https://infosec.space/tags/Zulip" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zulip</span></a> is an option, as the messages are kept on the server and you just kick user accounts if they get arrested or their equiment confiscated.</p><p><a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> &amp; <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> necessitate proper <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> &amp; <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> anyway...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@evacide" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>evacide</span></a></span> NO, YOU CANNOT USE @signalapp@mastodon.world WITHOUT A PHONE NUMBER!!! *</p><p>They still require a phone number as they still do restrict the functionality of their App based off the phone number given!</p><p>Also we've all seen that <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solutions are inherently bad - so why should anyone use <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> over <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> or XMPP+<a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME ???</p><p><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a>, like every provider in the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a>, is subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> ** and will obviously hand over the <a href="https://infosec.space/tags/metadata" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metadata</span></a> they collected without legitimate interest if told to do so. ***</p><p>After all, clients like <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> ' <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> **** make XMPP w/ OMEMO and PGP/MIME extremely user-friendly...</p><p>Im many juristictions, you cannot legally obtain an anonymous prepaid SIM legally! *****<br> <br> <br>- - -<br> <br>Sources:</p><p>* <a href="https://social.tchncs.de/@kuketzblog/111968247576555678" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">social.tchncs.de/@kuketzblog/1</span><span class="invisible">11968247576555678</span></a></p><p>** <a href="https://en.wikipedia.org/wiki/CLOUD_Act" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.wikipedia.org/wiki/CLOUD_Ac</span><span class="invisible">t</span></a></p><p>*** <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2022011202</span><span class="invisible">0000/https://twitter.com/thegrugq/status/1085614812581715968</span></a></p><p>**** <a href="https://f-droid.org/en/packages/de.monocles.chat/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">f-droid.org/en/packages/de.mon</span><span class="invisible">ocles.chat/</span></a></p><p>*****<br><a href="https://infosec.space/@kkarhan/111968383793566135" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1119683</span><span class="invisible">83793566135</span></a></p>