resist1984 @resist1984@social.privacytools.io

@tao forcing ppl to have mobile phones also puts them at risk for wrongful convictions, as it recently turns out: https://www.theguardian.com/world/2019/sep/12/denmark-frees-32-inmates-over-flawed-geolocation-revelations

@tao right but the problem is that by forcing users to do 2FA by SMS, you force them to have a mobile phone and thus force them to be vulnerable to this attack (certainly if in Europe, and Americans who choose GSM over CDMA are vulnerable)
.

@tao I can't log into a bank account because the idiots impose 2FA SMS. This hack adds to my case against them.

@tao So when a service like a bank or a school forces users to have GSM service for 2FA, they also make them vulnerable to these SMS attacks. OWS #Signal is guilty of this, as well as Twitter, LinkedIn, etc.

@glitcher32 (i'm assuming playstore services is part of com.google.android.gsf)

@glitcher32 BTW, i believe playstore services must be installed, but they can be disabled. Looking at my notes, I disabled various dodgy things but looks like I never ran "pm disable --user 13 com.google.android.gsf"

@glitcher32 consequences

@glitcher32 as I said I backed out of it and did not enter a PIN (not even sure what PIN it wanted). The fact that Wire continued working anyway suggests that perhaps #Wire ignored my refusal. It's fucked up that the Wire APK download would use gplay, not warn us about it in advance, not state what the purpose is, and not give any feedback after a user backs out of the PIN prompt as to the

@glitcher32 i should also mention that the message was bogus. I was asked to enter a PIN to access Playstore (not sure why it would be a PIN when google accounts are normally userid and pw), but I backed out and #Wireapp functioned anyway. I hope the nag doesn't persist.

@glitcher32 i also installed the APK from their website. But note that I never login to Google or use Google's services, and I disable the Google tools that come preinstalled.

@vickysteeves @skarabrae #Github has recently started imposing forced chronic 2FA logins, which is absurdly cumbersome & disproportionate to the risks considering a compromised account does not imply a compromised GPG key. A dozen or so other reasons to condemn GH: https://github.com/privacytoolsIO/privacytools.io/issues/843

⚠ #wireapp says "#wire will not run unless you update Google Play Services". WTF.. what are we trusting Google Play Services to do for us?

@vickysteeves @gdroid for a service replacement, codeberg.org and notabug.org are reasonably ethical

@gdroid @vickysteeves Gitlab.com is actually quite evil. Endorsing #gitlab s/w alone is fine but it's important to condemn the gitlab.com #walledgarden service at the same time.

@skarabrae @vickysteeves Whether you blame Microsoft or you blame the US, the remedy is the same: stop using #github.

I'm happy to see yet another reason to get ppl off github.

@lightweight Now Condaleeza Rice is forever mentally linked to a cat taking a shit. And rightly so.

@rms tried to follow your bostonglobe.com link but it was jailed in a #walledgarden ("You're using a browser set to private or incognito mode. To continue reading articles in this mode, please log in..")