est.social

2 postitusega2 osalejaga0 postitust täna

Kevin Karhan :verified:<a href="https://snikket.de/social/menel" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@menel</a> <a href="https://retro.social/@patrick" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@patrick</a> and <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> despite their <a href="https://infosec.space/tags/FUD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FUD</a> and <a href="https://infosec.space/tags/MarketingLies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MarketingLies</a> is a very <a href="https://infosec.space/tags/cebtralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cebtralized</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvieer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvieer</a> system relying on <a href="https://infosec.space/tags/GAFAMs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GAFAMs</a> and their <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a>|s as well as neither allowing <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> nor <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosting</a>.<ul><li>Given the risks if being bound to <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#US</a> law (incl. <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a>) it's just not an option.</li></ul>Not to mention it's <a href="https://infosec.space/@kkarhan/114234551915193036" rel="nofollow noopener noreferrer" target="_blank">toxic followers that avt like cultists</a>!

Kevin Karhan :verified:<a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> no it's not.<ul><li>Otherwise <a href="https://infosec.space/tags/OrganizedCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OrganizedCrime</a> would choose <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> so hard, you'd be shutdown within weeks by the <a href="https://infosec.space/tags/FBI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FBI</a> and <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Mer__edith</a> would be forced to "pull a <a href="https://infosec.space/tags/LavaBit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LavaBit</a>" and face jailtime for obstruction of justice or snitch on users! </li></ul>Being a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centralized</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> solution subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a> makes you inherently vulnerable by your own choice and thus trivial to shutdown compared to real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the keys and true <a href="https://infosec.space/tags/decentralization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#decentralization</a> as well as <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosting</a> (i.e. <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME [see <a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@delta</a> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#deltaChat</a> et. al.] and <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> [see <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@monocles</a> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#monoclesChat</a> et. al.]!)<ul><li>Plus neither of those <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">shill</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Shitcoin</a>-<a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scams</a> <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" target="_blank">like</a> <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MobileCoin</a>! </li></ul>And don't even get me started on you collecting <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> (espechally <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhoneNumbers</a>) for no valid reason, (thus violating <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GDPR</a> & <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BDSG</a>)...<ul><li>Not to mention relying ob <a href="https://infosec.space/tags/charity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#charity</a> and being a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VCmoneyBurningParty</a> isn't sustainable to begin with!</li></ul>But yeah, I'll be patient to shout "<a href="https://infosec.space/tags/ToldYaSo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ToldYaSo</a>" to your annoying cult of fanboys!

Kevin Karhan :verified:<a href="https://social.vivaldi.net/@ueeu" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ueeu</a> I think crucial parts is looking at it's components, dependencies, size and for apps permissions.<ul><li>Also make shure it uses <a href="https://infosec.space/tags/OpenStandards" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenStandards</a>, because <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> can be just a "smoke grenade" when it's a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centralized</a>, <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#proprietary</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> solution.</li></ul><a href="https://infosec.space/tags/ReproduceableBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReproduceableBuilds</a> for example are important, so the actually released source code is what people actually get served as basis.<ul><li>Both of the latter points are something that <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@monocles</a> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#monoclesChat</a> does perfectly and that <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> completely fails at!</li></ul>Plus in terms of <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>, choose *real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the <a href="https://infosec.space/tags/Keys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Keys</a>!

Kevin Karhan :verified:<a href="https://mastodon.social/@bdf2121cc3334b35b6ecda66e471" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@bdf2121cc3334b35b6ecda66e471</a> <a href="https://social.glitched.systems/@froge" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@froge</a> <a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fj</a> maybe but it's better than a <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#proprietary</a>, <a href="https://infosec.space/tags/SingleBendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleBendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> solutiom as it just works even on <a href="https://infosec.space/tags/throttled" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#throttled</a>, sub-<a href="https://infosec.space/tags/2G" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#2G</a> speeds over <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tor</a>...<ul><li>And you get real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the Keys!<a href="https://infosec.space/@kkarhan/114223266562515116" translate="no" rel="nofollow noopener noreferrer" target="_blank">https://infosec.space/@kkarhan/114223266562515116</a></li></ul>

Kevin Karhan :verified:<a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fj</a> I still think <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> has fundamental flaws like demanding <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> (<a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhoneNumbers</a> can't be obtained anonymously around the globe and are trivial to track down to devices and thus users), being subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a> as an unnecessary & 100% avoidable risk as well as <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Shitcoin</a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scam</a> shilling (<a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MobileCoin</a>) and it's <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#proprietary</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> nature that makes it inferior to real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> like <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME & <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a>!

Kevin Karhan :verified:<a href="https://kolektiva.social/@licho" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@licho</a> <a href="https://hachyderm.io/@osman" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@osman</a> provide evidence the code <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> released is actually being deployed.<ul><li>Whereas <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@monocles</a> has <a href="https://infosec.space/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReproducibleBuilds</a> to the point that <a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fdroidorg</a> literally pulls their <code>git</code> and builds it from source.</li></ul>Not to mention pushing a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Shitcoin</a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scam</a> (<a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MobileCoin</a>) disqualifies <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> per very design! <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=tJoO2uWrX1M</a><ul><li>Given the collection of <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhoneNumbers</a>, the ability to restrict functionality based off those and the fact that <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> is subject to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a> make it inherently not trustworthy.</li></ul>And don't even get me started on the fact.it's not sustainable to run it as a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VCmoneyBurningParty</a>!<ul><li>As soon as Signal becomes a problem, it will be taken offline, and due to the fact that it is <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centralized</a>, <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#proprietary</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> that's trivial for authorities.</li></ul>Same as identifying users: They already got a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhoneNumber</a> which in many juristictions one can't even obtain without <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ID</a> legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to <a href="https://infosec.space/tags/SS7" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SS7</a> a specific number...<ul><li>All these are unnecessary risks, that could've been avoided, but explicitly don't even get remediated retroactively!</li></ul>Again: Signal has a <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Honeypot</a> stench, and you better learn proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a>, <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> and <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechLiteracy</a> because <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">corporations can't pull the 5th [Amendment] on your behalf!</a>

Kevin Karhan :verified:<a href="https://hachyderm.io/@osman" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@osman</a> If your <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpSec</a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a>, <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ComSec</a> and/or <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITsec</a> relies on <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> and/or <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Mer__edith</a> <a href="https://web.archive.org/web/20210908180219/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">risking jail or worse</a>, you fucked up!<ul><li>If <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> was secure, it would've been shutdown like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EncroChat</a> & <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SkyECC</a>. </li></ul>Seriously, to me <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> stenches <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Honeypot</a> like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ANØM</a> & <a href="https://infosec.space/tags/CryptoAG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoAG</a>. <ul><li>All Signal fans do is <a href="https://infosec.space/tags/FUD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FUD</a> <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME and#XMPP+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> which are truly <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#decentralized</a> and allow real <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosting</a> as well as <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> for complete control of all the data and keys...</li></ul>That's why I get people setup with it!

Kevin Karhan :verified:<a href="https://meow.social/@Catwoman69y2k" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Catwoman69y2k</a> <a href="https://dragonchat.org/@dragonfriend" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@dragonfriend</a> most importantly:Only with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the keys, <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosting</a> of the entire infrastructure and everything being <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>, one can assure (and [let it be] audit[ed] independently) that the <a href="https://infosec.space/tags/advertised" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#advertised</a> <a href="https://infosec.space/tags/promises" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#promises</a> are in fact true.<ul><li>All <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#centralized</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> and/or <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a> solutions - and yes that includes <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> as well (!!!) - are inherently insecure because they can be forced into "cooperation" - may it be with <a href="https://infosec.space/tags/Cyberfacism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberfacism</a> like <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a> or <a href="https://web.archive.org/web/20210908180219/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">listeally a gun to their head</a>...</li></ul>Cuz not expecting <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Mer__edith</a> to break is the same level of "<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TrustMeBro</a>!" assurances as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ANØM</a>, <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EncroChat</a>, <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SkyECC</a>, <a href="https://infosec.space/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WhatsApp</a> etc. do <a href="https://www.youtube.com/watch?v=8PW3O2mqTn8" rel="nofollow noopener noreferrer" target="_blank">in their</a> <a href="https://infosec.space/tags/advetising" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#advetising</a> <a href="https://infosec.space/tags/lies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lies</a>! <ul><li>Remember: Corporations/Foundations/non-profits/... don't have a right to be silent , only individuals, and even then there are certain juristictions that have <a href="https://infosec.space/tags/KeyEscrow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KeyEscrow</a> laws (i.e. <a href="https://infosec.space/tags/France" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#France</a>, <a href="https://infosec.space/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a>, <a href="https://infosec.space/tags/KSA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KSA</a>, <a href="https://infosec.space/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#China</a>, <a href="https://infosec.space/tags/India" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#India</a>, <a href="https://infosec.space/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UK</a> , ...) in the books!</li></ul>

Kevin Karhan :verified:<a href="https://social.chinwag.org/@FediThing" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@FediThing</a> <a href="https://pouet.pas.la/@nicoco" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nicoco</a> <a href="https://mstdn.social/@fabiscafe" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fabiscafe</a> <a href="https://linuxmom.net/@vkc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@vkc</a> nodds in agreement"Perfect" would be <a href="https://infosec.space/tags/OneTimePad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OneTimePad</a>, but that's just not in the cards - period!<a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> & <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME are the next-best options that are documented, multi-vendor & multi-provider standardsband offer <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the keys.<a href="https://infosec.space/@kkarhan/114177752291377549" translate="no" rel="nofollow noopener noreferrer" target="_blank">https://infosec.space/@kkarhan/114177752291377549</a>

Kevin Karhan :verified:<a href="https://linuxmom.net/@vkc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@vkc</a> nodds in agreementThe only safe comms are real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> as in <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> or <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the keys!

Kevin Karhan :verified:<a href="https://infosec.exchange/@catsalad" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@catsalad</a> <a href="https://infosec.exchange/@Em0nM4stodon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Em0nM4stodon</a> +9001%My Energy is: "<a href="https://infosec.space/tags/UnsupervisedChildren" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnsupervisedChildren</a> will be given free <a href="https://infosec.space/tags/USB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USB</a> Flashdroves with <a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@tails_live</a> / <a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@tails</a> / <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tails</a> on and taught proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PGP</a>/MIME, <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a>, <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> as well as the concept of <a href="https://infosec.space/tags/STFUfriday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#STFUfriday</a>!"<ul><li>And yes, I mean it!</li></ul><a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@cryptoparty</a> / <a href="https://infosec.space/tags/CryptoParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoParty</a> NOW!

Kevin Karhan :verified:<a href="https://furry.engineer/@soatok" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@soatok</a> still, in that case one should invest in proper <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITsec</a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpSec</a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ComSec</a>!<ul><li>Learn real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the keys!</li><li>Have contingencies and protocils in place to deal with forced disappearrance of personnel and theft of IT assets.</li></ul>

Kevin Karhan :verified:<a href="https://corteximplant.com/@m4ra" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@m4ra</a> which is why having real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the Keys is vital!<ul><li>Only you can then control access and thus refuse to (self-) incriminate!</li></ul>

Kevin Karhan :verified:<a href="https://mastodon.social/@truls46" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@truls46</a> Ein gutes Gegenbeispiel zu <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> ist <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@monocles</a> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#monoclesChat</a>:<ul><li>Es werden keine persönliche Daten verlangt!</li><li>Es wird ein offener Standard (<a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a>) genutzt, sodass <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> und <a href="https://infosec.space/tags/Datenhoheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Datenhoheit</a> gewährleistet ist!</li><li>Der Dienst ist zwar kostenpflichtig (€2 p.m.), aber komplett anonym bezahlbar (inkl. <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Monero</a> & <a href="https://infosec.space/tags/CashByMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CashByMail</a>)!</li><li>Nutzung von <a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@torproject</a> <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tor</a> wird nicht verhindert oder blockiert; <a href="https://social.librem.one/@guardianproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@guardianproject</a> / <a href="https://infosec.space/tags/Orbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Orbot</a> wird unterstützt!</li><li>In <a href="https://infosec.space/tags/Deutschland" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Deutschland</a> gibt's immernoch <a href="https://infosec.space/tags/Rechtsstaatlichkeit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rechtsstaatlichkeit</a>, anders als in den <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USA</a>!</li><li>Anders als <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> ist <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#monocles</a> <a href="https://docs.monocles.eu/services/chat.service/#limitations_and_known_issues" rel="nofollow noopener noreferrer" target="_blank">ehrlich, was Sicherheit und Datenschutz angeht</a>...</li></ul>Ich denke mal das sollte hinreichend meine Argumebte darlegen.<ul><li>Kernpunkt ist und bleibt: Signal ist bestenfalls gemeingefährlich-inkompetent oder ein <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Honeypot</a>!</li></ul>

Kevin Karhan :verified:<a href="https://chaos.social/@erebion" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@erebion</a> <a href="https://mastodon.online/@inaruck" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@inaruck</a> es gibt <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" target="_blank">soviele Gründe</a> weshalb Mensch nicht <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> vertrauen sollte.Aber um es nochnal klar zu erklären:<ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> verlangt <a href="https://infosec.space/tags/Telefonnummer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Telefonnummer</a> = <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> (Persönlich identifizierbare Informationen). [Und nein, sich irgendwo zwielichtig ne Nummer als Ausrede greift nicht!]</li><li>Signal ist zentralisiert & <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleVendor</a> sowie <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SingleProvider</a>!</li><li>Signal fällt wegen Sitz in den <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USA</a> unter <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a> = inhärent mit <a href="https://infosec.space/tags/DSGVO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DSGVO</a> & <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BDSG</a> inkompatibel!</li><li>Signal erlaubt keine <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> aller Keys und ist deshalb für Einige Angriffsmethoden offen!</li></ul>Nur echte <a href="https://infosec.space/tags/Dezentralisierung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Dezentralisierung</a> wie bei <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> kann <a href="https://infosec.space/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Datenschutz</a>, <a href="https://infosec.space/tags/Informationssicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Informationssicherheit</a> und <a href="https://infosec.space/tags/Vertraulichkeit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vertraulichkeit</a> sicherstellen.<ul><li>Anders als Signal kann <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@monocles</a> nicht gegen Nutzer basierend auf Herkunft (<a href="https://infosec.space/tags/Rufnummer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rufnummer</a>!) diskriminieren und anders als Signal funktioniert XMPP+OMEMO problemlos über <a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@torproject</a> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tor</a> und kann als <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OnionService</a> <a href="https://infosec.space/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosted</a> werden, für maximale <a href="https://infosec.space/tags/Privatsph%C3%A4re" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Privatsphäre</a> und <a href="https://infosec.space/tags/Datenhoheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Datenhoheit</a>!</li></ul>Die strukturellen Probleme von Signal machen es angesichts einer <a href="https://infosec.space/tags/gleichgeschaltet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#gleichgeschaltet</a>|en <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USA</a> ein absolut unnötiges <a href="https://infosec.space/tags/Risiko" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Risiko</a>, denn ich garantiere <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Mer__edith</a> wird für keine*n User*in lebenslange <a href="https://infosec.space/tags/Beugehaft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Beugehaft</a> riskieren!<ul><li>Genauso wie's <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">keine</a> "<a href="https://infosec.space/tags/LoglessVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LoglessVPN</a>|s" gibt!</li></ul>Und <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Signal</a> ist sehr wohl in der Lage <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Govware</a> - <a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Backdoors</a> zu integrieren, denn sonst wären die wegen <a href="https://infosec.space/tags/ITAR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITAR</a> bereits geknastet worden, weil diese <a href="https://infosec.space/tags/Nutzer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nutzer</a>*innen aus <a href="https://infosec.space/tags/Kuba" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kuba</a>, <a href="https://infosec.space/tags/Nordkorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nordkorea</a> und <a href="https://infosec.space/tags/Russland" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russland</a> haben!

Kevin Karhan :verified:<a href="https://toot.io/@ravi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ravi</a> <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> for real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> if all the Keys!

Kevin Karhan :verified:<a href="https://infosec.space/@voxel" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@voxel</a> <a href="https://mastodon.world/@SignalUpdateInfo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@SignalUpdateInfo</a> The fact that <a href="https://infosec.space/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trump</a> gasn't flexed <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudAct</a> against <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@signalapp</a> is not worth a sigh of relief!<ul><li>Migrate to <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OMEMO</a> for real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfCustody</a> of all the Keys!</li></ul>

Viimatised otsingud

Otsimisvalikud

Administraator:

Serveri statistika:

#selfcustody