What small, easy things can the average person do to start protecting their privacy today?
“Just do what you can without overburdening yourself. So, use #ProtonMail, use #Signal or #Threema, use #DuckDuckGo — these are very good alternatives. And whenever you can, say no to cookies.
@sergeant Solid advice 👍
@ilyess @sergeant When Protonmail sends you a notice that you have a msg waiting, there's apparently no way of knowing if the msg that's waiting is actually just an announcement from Protonmail themselves. So you could be forced through hoops like Protonmail's #CAPTCHA only to find spam waiting. CAPTCHA has ruined #Protonmail as far as I'm concerned. I wouldn't want to lead someone their CAPTCHA trap
@sergeant @ilyess #Signal is not a good recommendation either: https://github.com/privacytoolsIO/privacytools.io/issues/779 And #DuckDuckGo is also quite lousy: http://techrights.org/2021/03/15/duckduckgo-in-2021/
@sergeant @resist1984 you’re right. Unfortunately, as it stands today #Signal remains the best #privacy preserving messaging service out there for novice users. I’m thinking of users who just wanna put in their phone number and find all their contacts and start conversations, just like they did on Whatsapp.
We might not all agree with Signal’s move to introduce crypto but we don’t have proof that it makes the messaging service less secure or less private.
@ilyess @sergeant The mobile phone number requirement makes #Signal less secure than #Wire, #Jami, #Briar, & #Snikket. It creates a large & unpredictable attack surface in addition to expanding threat agents from the cryptocurrency. The worst part is it pushes an ultamatim on people: get mobile phone svc (huge can of worms) or be excluded.
@resist1984 That depends on your threat model, right? I don't think requiring a phone number makes #signal less secure, it makes it not anonymous for sure but the cryptographic strength of the underlying Signal protocol remains state-of-the-art.
Wire and Briar are not fair contenders here because the former is not free and the latter solves a different problem than Signal which comes with its set of feature limitations.
1/2
@ilyess It's the other way around. Your threat model depends on the threats. By inviting a new threat (by introducing cryptocurrency), you must expand your threat model. If you don't, your threat model simply suffers from being unfit for purpose. The phone number also makes Signal less secure because that's a needless vector for key recovery.
@resist1984 I disagree. Threats are different per individual. What consists a threat to you might not be one to me, and this is true regardless of the additional exposure the product we’re both using gains by onboarding new features. E.g.: if my only threat is my telecom company, as long as transport is properly encrypted and IPs obfuscated I’m good. If tomorrow, metadata start leaking on AWS because of a new feature, I’m still good because AWS is (and was never) a threat.
@ilyess Some threats vary by individual; some do not. You may not need targeted fbi surveillance in your threat model, but if mass surveillance isn't in your threat model then you're delusional. Mass surveillance is a threat to everyone & only absent from threat models of the naive. Bringing cryptocurrency onto the platform expands mass surveillance to an extreme that cannot be ignored.
@dhfir @ilyess @Hyolobrika there's a good discussion of it here: https://www.schneier.com/blog/archives/2021/04/wtf-signal-adds-cryptocurrency-support.html The feds are becoming diligent at tracking cryptocurrency. And if they were to hypothetically encounter a cryptocurrency where they couldn't see the ledger, they would simply cripple it by actions like banning its use, banning fiat exchanges with it, etc.
@Hyolobrika @ilyess @dhfir Not sure if you followed the big recent ransomware attacks on US infrastructure, but the ransom was paid and then US feds were able to follow the money and hack the recipients. The feds took the money back. Anyway, bringing cryptocurrency to a msging platform invites all kinds of unwanted attention from regulators who would happily atk msgs while they are there probing the money.
@dhfir @ilyess @Hyolobrika It's the money that brings various feds to probe Signal, who wouldn't normally be interested or funded if the platform were purely msgs.
@resist1984 @dhfir @ilyess Any technology that relies on adversaries not wanting to crack it instead of not being able to crack it is weak though.
Most things rely on making it not worth the effort of at least those who are interested.
@dhfir @ilyess @resist1984 Why is cryptocurrency worth the effort to crack but not encrypted messaging? And if its just cryptocurrency that they want to crack then why would they touch the rest of Signal while they are at it?
@Hyolobrika @ilyess @dhfir Different spy orgs and regulatory agencies have different motivations, financing, and scope. They are all collecting data that's in the slightest relevant to their mission. Bringing money into the mix more than doubles the snooping. Signal has made a big effort to minimize metadata to conceal who talks to who. Bring an open ledger into the mix just shit-cans all that benefit.
@dhfir @ilyess @Hyolobrika It weakens security. And it's not so much the chance that a payload will be /cracked/ (sure they are working on that, but it's actually not a big threat b/c even if they succeed they won't act on it & blow their secret unless it's to foil a terror plot). The biggest problem is that the ledger will reveal metadata which can fill the gaps on msging metadata.
@Hyolobrika @ilyess @dhfir Complexity is bad. Every time you increase the complexity a system, it inherently weakens the security of it because complexity is proportional to the number of defects. Bringing cryptocurrency onto #Signal obviously increases complexity & attack surface, & it also increases the quantity of threat agents as well as the skill & resourcefullness of threat agents.
@dhfir @ilyess @Hyolobrika Having both messages and money pass through the same platform makes it a juicy target. It's almost like the weakness of centralization. When too many eggs are in one basket, you have more risk for 2 reasons: more interesting for more attackers (gov & criminals both), and you have more to lose.
@resist1984 @Hyolobrika @dhfir I agree but I still don’t see how that’s gonna compromise the security of the Signal protocol. You’re worried the unwanted attention is going to find holes in the communication protocol and exploit them?
@dhfir @ilyess @resist1984 Including Monero?
@dhfir @ilyess @resist1984 Well, I specifically mentioned Monero and the conversation is about MobileCoin, which both have privacy features.
They haven't succeeded yet, but they're making progress.
>Bringing cryptocurrency onto the platform expands mass surveillance to an extreme that cannot be ignored.
I don't understand how. Especially if the CC in question is (supposedly) private (not saying there aren't other problems with it). Look into #Monero if you are interested in how a CC can be private.