supernova 
/e/
@supernova@social.privacytools.io
- Keybase
- super_nova
- Website
- https://securechatguide.org
- OpenPGP
- 9D18CA1BBF1BEF08E0CCB5E5EC2E8C8A2EAE5244
- KeyOxide Proofs
- https://keyoxide.org/9D18CA1BBF1BEF08E0CCB5E5EC2E8C8A2EAE5244
Security and privacy enthusiast, especially in personal communications. By day I am an IT administrator.
#privacy #microg #threema #encryption #nobot
Joined Apr 2019
@blacklight447 Also ephemerality in a properly designed system gives you some control over persistence of the data on other devices not in your control. I would disagree to call it snake oil.
@blacklight447 Yes all those measures you mention are important to take for proper data hygiene. However I see ephemeral messages as a "defense in depth" strategy which is more concerned about future use and access to the encrypted data. In 50 years your olm encrypted messages may be easily brute force decrypted. If they are archived somewhere in a server backup or intelligence agency repository those messages could be decrypted.
@infosechandbook@mastodon.at Should I make the title something like "Supplement to" or "Application of" the EFF guide?
@tari_alfaro@mastodon.technology @yozu @BurungHantu There is also the app Silence which encrypts messages and sends them over SMS. The person receiving the message also must be using Silence.
@tari_alfaro@mastodon.technology @yozu @BurungHantu Yes that is right. If you are able to send messages unencrypted in any way that is a possible opsec failure.
Ha, I just realized I meant to say "Don't be a Manafort"! He didn't use a platform that would prevent easy mistakes and opsec slipups.
Manafort, the only person jailed as part of the Mueller investigation, also tripped up after his “opsec fail” after prosecutors obtained a warrant to access his backed-up messages stored in iCloud.
https://techcrunch.com/2019/04/18/mueller-encrypted-messaging/
@BurungHantu No option for Vivaldi?
@nikolal Because you have so many different levels of computer competency in an organization MS Windows becomes the lowest common denominator to be usable for both the engineers and the ones who don't know where the power button is.
@blacklight447 @Mayana Well I think centralization of authentication is quite different than centralization of data. Can you imagine if there wasn't a root CA? How could you trust random decentralized CAs?
@Mayana It also has encrypted git and team sharing. But putting your provable online identities in one place is unique.
@one I blocked cloudflare and added nobot to my profile so hopefully that will be enough.
@OneSubtractOne Will do. I am also curious but unwilling to shell out big bucks for something that might not work well.
@one A thumbs up option just encourages agreement without actually contributing to the discussion. If someone wants to do that make it an effort for them to actually reply with just a "+1" 😆
I've gone the Stock Android > Copperhead > LineageOS > MicroG route, now I am pining for a good Linux phone.
PinePhone - PINE64
http://wiki.pine64.org/index.php/PinePhone
- Keybase
- super_nova
- Website
- https://securechatguide.org
- OpenPGP
- 9D18CA1BBF1BEF08E0CCB5E5EC2E8C8A2EAE5244
- KeyOxide Proofs
- https://keyoxide.org/9D18CA1BBF1BEF08E0CCB5E5EC2E8C8A2EAE5244
Security and privacy enthusiast, especially in personal communications. By day I am an IT administrator.
#privacy #microg #threema #encryption #nobot
Joined Apr 2019
