@bjoern da schließe ich mich an...

Gobt allerdings weitaus beschissenere Ungleichheit.

Z.B. #MobileCoin, der #Shitcoin - #Scam von @signalapp wo effektiv 100% davon pre-mined wurden und wo MobileCoin 100% der "Miner" (eigentlich Validatoren aber ist dafür egal!) besitzt und damit zentralisierter als #Euro - #Bargeld ist!

@adisonverlice tell me if I'm wrong but AFAIK @signalapp, unlike @delta doesn't get sued by #Russia into handing over #data and is able to argue that it cannot provide data by virtue of not having said data in the first place!

• Which #Signal evidently has and #deltaChat doesn't have…

Cuz how else is Signal able to "comply with sanctions" for their #Shitcoin known as #MobileCoin?

@artfulmodder last time I checked @signalapp still demanded #PII in.the form of a #PhoneNumber, still peddled the #MobileCoin #Shitcoin #Scam and didn't move out of the #Cyberfacist #USA despite #CloudAct being nothing new!

• Not to mention #Signal is both able and willing to discriminate against users based off said PII. Just because they do it for "#Sanctions #Compliance" diesn't mean they ain't gonna change that nor that @Mer__edith (or anyone else at Signal) could be bribed or threatened to do so.

They are #centralized #SingleVendor & #SingleProvider and are thus a #SinglePointOfFailure per design!

• Unlike @delta (which is #PGP/MIME in a different UI) or #XMPP+#OMEMO (which you can use via @torproject / #Tor and connect to a Server that is an #OnionService.

IMHO "memory tagging" is the least of Signal's problems. To me they stench "#ControlledOpposition" just as hard as #ANØM and incompetence as hard as #EncroChat!

@derekmorr

Let it go, already. No one uses MobileCoin. You can’t even find an exchange to buy it.

Then why does @signalapp still have that shit in it? @Mer__edith could've pulled that #Shitcoin yet refuses to do do!

The Cloud Act is a non-issue. Signal doesn’t have data on users, so they can’t be forced to disclose it.

That's literally wrong!

• #Signal not only collects #PII in the form of a #PhoneNumher but explicitly is able and willing to use that to dsicriminate against users and restrict app functionality based off their presumed juristiction. There is no "legitimate interest" for.doing so nor any legal mandate to do so (unless we excuse the ehole #MobileCoin-#Scam!)

It’s been 30 years, and no one uses xmpp. Let it go.

Wrong again. Otherwise there wouldn't be thriving ecosystems and Apps to this day. It's just that corporate shills refuse to acknowledge that Signal - like all centralized, proprietary, #SingleVendor and/or #SingleProvider kessengers before and after - will inevitably die as their business model is not sustainable. Sake with #ICQ really. The only exceptions are those that abolish #privacy for #profit, integrate actually working payments or sellout to a #cyberfacist #government (all those apply to #WeChat!)

It’s shocking that people who claim to care about security and privacy push niche apps with terrible UX and no PFS like Delta or XMPP instead of the only private messenger with any real market share, Signal.

You know what's shocking to me: People who are unable or rather unwilling.to acknowledge that Signal is garbage and it's requirement for a #PhoneNumber kills any #privacy benefits it may have on paper by virtue of being at best pseudonymous (assuming the userd don't live in a juristiction that demands "#KYC" for even prepaid #SIM cards (ime. #Germany) or god forbid even #IMEI|s (i.e. #Turkey has a literal allowlist that'll kick any device off it's MNOs after 90 days within 365 days.

• The #UScentric approach to #privacy and #threats makes Signal absolutely useless in many cases, and I do speak here from experience.

I'd rather help people onboard #XMPP+#OMEMO like @monocles and/or @gajim or #PGP/MIME like @delta & @thunderbird (incl. setting them up with #Orbot / #TorBrowserBundle / @tails_live so their traffic gets through @torproject and doesn't provide any useable IP addresses.

• I've literally been there and done that!

As for #Sustainability, providers like https://monocles.eu finance themselves by subscriptions (starting at €2 p.m.) which people can pay fully anonymous using #CashByMail and #Monero on top of common payment methods (i.e. SEPA wire transfer)...

• So even if you think "#monocles is a #honeypot" that is mitigateable ciz unlike with Signal you can choose your own client, choose a different provider & exervise self-custody of all tue keys!

@forthy42 @pascal_f @ulrichkelber selbst dann würde ich nicht darauf vertrauen dass der #DRM-Trick den @signalapp nutzt dauerhaft funktionieren wird.

• #Microsoft könnte dies auf allowlisted Apps bzw. bekannte Checksums/Programme limitieren oder explizit für #Signal deaktivieren.

Alle #API|s und #ABIs unter #Windows sind reine Bitten: Es gibt kein Anrecht (weder dokumentierte "MUST" capabilities noch juristisch) aufbZugriffe und Funktionen!

Wenn Signal kein #Shitcoin-#Scam (#MobileCoin) und #VCmoneyBurningParty unter #CloudAct wäre dann würden diese aktiv #Windows11 (und alle anderen Windows-Versionen) aussperren und stattdessen #SelfCustody, #Dezentralisoerung, #Tor und #Datensparsamkeit umsetzen!

https://infosec.space/@kkarhan/114695158410619458
https://infosec.space/@kkarhan/114695449755257786

@Mer__edith yet @signalapp still demands #PII and refuses to pull out of the #USA putting it's users at risk as per #CloudAct.

• Either go #SelfCustody & #decentralized like #XMPP+OMEMO ( i.e. @monocles & @gajim ) or #PGP/MIME ( i.e. @delta & @thunderbird ) or don't, cuz a #VCMoneyBurningParty that shills #Shitcoin - #Scams like #MobileCoin is never to be trusted!

https://www.youtube.com/watch?v=0DSGq9FQKU4

@cryptgoat @signalapp @Mer__edith I sincerely doubt that.

• Just like #Signal doesn't ditch #MobileCoin or the demand for a #PhoneNumber for good...

@colinstu @gregly @garrwolfdog besides #KISSprinciple, it's also a matter of #security, #privacy, #efficiency and #professionalism.

• Otherwise one gets shitty #SaaS with #Shitcoin-#Scams like @signalapp (and it's #MobileCoin) which are way worse than @monocles / #monoclesChat or @gajim and #Monerujo or #FeatherWallet for the same purposes.

@silhouette @richi @signalapp @torproject

1. You completely miss the points! There is no "#TechnicalNecessity" to demand #PII like a #PhoneNumber - espechally for a "#privacy"-focussed messenger!

2. & 3. #Signal is able and willing to comply with #Cyberfacism and pushing a #Shitcoin (#MobileCoin) makes it trivial to criminalize the App for "illegal & unregilated banking". If #Moxie or @Mer__edith cared they'd yeet that thing (or didn't even integrate it to begin with!) to avoid the attention. And yes Signal does restrict the App functionality when using a phone number from #Russia & #Iran (among other nations), thus affecting not only those in need of safe comms but by sending a verification code to them, earmarking them for police & intelligence. Which bings.me to the 1st agrument.

4. #Tor has a stellar record in terms of stability, integrity and censorship circumvention. DIY'ing something instead if following almost two decades of solid progress is absurd and violates "don't roll your own crypto" as a rule!

5. Only with #SelfCustody can you protect your own data. Or do you really expect Staff from Signal to not talk when facing lifetime in jail? If they have the keys, they can decrypt it, thus their #E2EE is just a "#TrustMeBro!" concept. I mean, what prevents them from being forced into backdooring all comms to @icij as per #NSL? Any "guarantee" without self-custody is worthless by virtue of being unenforceable!

Signal pushing #TechPopulism instead of teaching folks that their #ComSec is worth diddly-piss wothout.#OpSec, #InfoSec & #ITsec is dangerous!

• And yes claiming "JuSt UsE sIgNaL!" is dangerous in the era of #Trump's #cyberfacist regime acting as it does (like with the #ICC)!

Not to mention there are better options that don't do that shite (i.e. demand PII) and just work. @monocles / #monoclesChat & @delta / #deltaChat for example can adapt way better to said risks and ain't run by a #VCmoneyBurningParty!