@Mer__edith I can't enforce your promises against @signalapp , thus they are #MarketingLies of the "#TrustMeBro!"-kind thus and worth diddly-piss!
@Mer__edith I can't enforce your promises against @signalapp , thus they are #MarketingLies of the "#TrustMeBro!"-kind thus and worth diddly-piss!
@renardboy @derekmorr depends...
Did you have to remotely onboard someone onto a secure communication stack whilst they are on the run from the authorities and blood relatives due to "living while trans" with a literal "dead or alive" bounty on their head whilst stuck in a besieged city that's being shelled?
@signalapp is evidently a solution appealing to #TechIlliterates with dangerous 'semi-knowledge' who are willing to accept a "#TrustMeBro!" by @Mer__edith and #MoxieMarlinspike before her.
Parroting the same #propaganda doesn't make it any less wrong.
Once you've calmed down you can come back and apologize.
Meanwhile @signalapp's @Mer__edith can blast all the #Advertising #lies they want, that doesn't make their #Security better than the "#TrustMeBro!" claims of #NSAbook's #WhatsApp!
https://www.youtube.com/watch?v=8PW3O2mqTn8
Consider the #timeout an olive branch.
@silhouette @richi @signalapp @torproject
1.
You completely miss the points! There is no "#TechnicalNecessity" to demand #PII like a #PhoneNumber - espechally for a "#privacy"-focussed messenger!
2. & 3.
#Signal is able and willing to comply with #Cyberfacism and pushing a #Shitcoin (#MobileCoin) makes it trivial to criminalize the App for "illegal & unregilated banking". If #Moxie or @Mer__edith cared they'd yeet that thing (or didn't even integrate it to begin with!) to avoid the attention. And yes Signal does restrict the App functionality when using a phone number from #Russia & #Iran (among other nations), thus affecting not only those in need of safe comms but by sending a verification code to them, earmarking them for police & intelligence. Which bings.me to the 1st agrument.
4.
#Tor has a stellar record in terms of stability, integrity and censorship circumvention. DIY'ing something instead if following almost two decades of solid progress is absurd and violates "don't roll your own crypto" as a rule!
5.
Only with #SelfCustody can you protect your own data. Or do you really expect Staff from Signal to not talk when facing lifetime in jail? If they have the keys, they can decrypt it, thus their #E2EE is just a "#TrustMeBro!" concept. I mean, what prevents them from being forced into backdooring all comms to @icij as per #NSL? Any "guarantee" without self-custody is worthless by virtue of being unenforceable!
Signal pushing #TechPopulism instead of teaching folks that their #ComSec is worth diddly-piss wothout.#OpSec, #InfoSec & #ITsec is dangerous!
Not to mention there are better options that don't do that shite (i.e. demand PII) and just work. @monocles / #monoclesChat & @delta / #deltaChat for example can adapt way better to said risks and ain't run by a #VCmoneyBurningParty!
@funbaker @geist ich habe immer #SelfCustody umgesetzt weil alles andere ist "#TrustMeBro!"
@dazo @MarionDonnelly @murena @e_mydata @red_rooster @georgetakei not to mention #Apple is not only capable but willing to shove in #Govware #Backdoors.
So their claims re: #privacy and #security are "#TrustMeBro!" at best if not blatant lies.
Remember: #AllGAFAMsAreBad and #KerckhoffsPrinciple demands #transparency!
@europesays why would anyone want #Shitcoins that combine the #disadvantages of #fiat and #cryptocurrencies without any redeeming qualities?
So why would anyone want that instead of #Monero???
@phreaknerd @melsdung @nocci bis darauf dass #Signal auch unter #CloudAct fällt und genauso zentralisiert ist wie #Telegram und genauso #TrustMeBro in Sachen Nicht-Kooperation agiert...
@pixelcode @taylan that is simply not true.
@signalapp is #centralized and there's no way one can verify the code released for the servers is what they actually run.
Unlike your replies my criticisms ain't founded based off "#TrustMeBro!" but systemic issues I highlight which #Signal refuses to address or take seriously!
@Catwoman69y2k @dragonfriend most importantly:
Only with #SelfCustody of all the keys, #SelfHosting of the entire infrastructure and everything being #OpenSource, one can assure (and [let it be] audit[ed] independently) that the #advertised #promises are in fact true.
Cuz not expecting @Mer__edith to break is the same level of "#TrustMeBro!" assurances as #ANØM, #EncroChat, #SkyECC, #WhatsApp etc. do in their #advetising #lies!
#whatsapp is getting real desperate now texting all users in the Netherlands the equivalent of #trustmebro.
I actually do believe WhatsApp to be #e2ee but that is not the criticism. WhatsApp has access to your #metadata and can see who and when you are messaging and for example has access to your profile picture, and names of the groups you are in.
@ckrypto if@signalapp@mastodon.world wasn't complying with #CloudAct, @Mer__edith would be in jail.
Not to mention even if Signal keeps their "#OpenSource" code updated - which is doubtful, NOONE can actually #verify that it's the code you actually use - regardless if #backend / #Server or #client / #App!
Also if Signal was designed for #security, it would've been #decentralized as #XMPP+#OMEMO and not demand #PII like #PhoneNumbers which oftentimes cannot be obtained anonymously in many juristictions at all!
By comparison, @delta doesn't require any PII, only an #eMail account, and @monocles isn't a #VCmoneyBurningParty but sustainable due to #subscription and they don't even require any personal details for #payment: #CashByMail and #Monero are accepted.
Again: It's Signal alone who have to evidence they are trustworthy, and all I get are "#TrustMeBro!" replies, which means they are not to be trusted.
Whereas with #XMPP I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.
Whereas with XMPP & PGP/MIME #eMail I can layer @torproject / #Tor over it, make it an #OnionService and keep that thing under my bed with a literal killswitch...
another day another $50 million crypto theft involving a stablecoin even i have never heard of called #0xinfini.
will it be #NorthKorea this time? (it's usually North Korea, an inside job, or a "highly profitable trading strategy")
the project devs have tweeted to assure their users that everything will be fine bc "trust me bro", but only from their personal accounts. there is no acknowledgement of the theft on the official 0xInfini X account.
somewhat hilariously the "project" tweeted a self congratulations about reaching $50 million in deposits just yesterday. 100% of that is gone now.
https://x.com/officer_cia/status/1893879231257440657
@sparfindig @silvan @nakal @kuketzblog Dann habt ihr halt ne höhere Tolerabz zu "#TrustMeBro!" als es rational wäre..
@compl4xx @Layer8 @nick @kuketzblog @marcel @mspro
Meine Rede...
Oder um es einfach zu erklären: Warum gibt es #HTTP(S) & #HTML sowie #eMail ( #IMAP & #SMTP) bis heute und keiner nutzt mehr #AOL, #MSN, #ICQ?
Wenn @signalapp / #Signal wegen #CloudAct geflipped wird wie #EncroChat, #ANØM & #SkyECC dann stehen Leute alternativlos in der shice ubd die ganzen "Sicherheitsversprechen" lösen sich in "#TrustMeBro!" und #Lügen auf.
Ich nutze meinen XMPP-Account seit Ewigkeiten und habe drölfzig Clients durch. Aber Kontakte erreichen mich darüber Problemlos!
@silvan @nakal @kuketzblog #Threema hat dieselben Probleme wie #EncroChat, #SkyECC & #ANØM:
@ck @lk108 @kuketzblog Ich halte die #Sicherheitsversprechen von #Signal für "#TrustMeBro"-#Werbelügen alla #WhatsApp!
Wer Leuten eine anonym registrierte (e)SIM [aus dem Ausland] beschaffen kann, kann Leuten auch nen @monocles / #MonoclesStarter - Account für €2 p.m. aufsetzen und betreiben: Ne ALDI TALK -#SIM aktiviert halten kostet mehr!
@ck @sven222 @kuketzblog problem is @signalapp is a #Centralized, #Proprietary, #SingleVendor & #SingleProvider solution that falls under #CloudAct and demands #PII in the form of #PhoneNumbers.
Cuz all the #advertising of Signal is close to #TrustMeBro and I'd not trust in @Mer__edith to risk jail for users!