Mastodawn

@geant That sadly doesn't solve the problem, but just normalizes indirect "#KYC" similar to how even before 07/2017 #PhoneNumers weren't anonymous as it's trivial to go from phone # -> SIM (ICCID) -> IMSI -> IMEI -> Location, Time, Date, Vendor, Model in terms of deanonymization.

The collection or even demand for said data IS The Illicit Activity to begin with!

The very few cases where this is "reasonable" won't settle for your solution.
In the rest there's no guarantee authorities or state-sponsored actors will just hold personnel at gunpoint (potentially literally) and force them to hand ovet data or face jail until they snitch on people.

See "#logless #VPNs"… ¹

thaddeus e. grugq on Twitter

“I’m gonna tell you a secret about “logless VPNs” — they don’t exist. Noone is going to risk jail for your $5/mo https://t.co/Q2aOQJkG4g”

Twitter

Show thread

Kevin Karhan

Nov 4

@ArneBab Not really, all it does is increase the cost for legitimate users, as spammers and fraudsters just see this as a cost of operation.

And since @signalapp doesn't seem to have #AbuseReporting ready that means they only use it to collect #PII and thus make it trivial to earmark users for targeted surveillance!

#PhoneNumers are PII because more often than not they require #KYC!

And it's not always feasible or even possible.to provide users with a fresh & untained number, because inactive numbers get recycled!

Stop the Escalating Commitment to Schemes that fall flat on the face outside of #EliteProjection from #SiliconValley...

#Signal could use a #WebOfTrust and require invites socthat reputation would be linked...

But that too is a #privacy invasion!

Kevin Karhan

Jan 4, 2025

@zdl @evacide that any the fact that @signalapp is incorportated in the #USA, making them susceptible to #GDPR & #BDSG-incompatible #cyberfacist bs like #CloudAct.

If #Signal cared, they'd completely #OpenSource #backend and #frontend as well as #decentralize and refuse to collect any #PII (like #PhoneNumers) at all!

Remember: #KYC IS THE ILLICIT ACTIVITY when it comes to #Communication!

To me Signal has a stench like #CryptoAG (aka. #MINERVA / #RUBIKON), #EncroChat and espechally #ANØM (aka. #OperationIronside / #OperationTrøjanShield)...

Compare that to @monocles / #monoclesChat which don't demand any PII or KYC and allow people to pay for their services with #Monero and #CashByMail besides #SEPA #WireTransfer, #Stripe & #PayPal whilst supporting both decentralization (#XMPP is not a #SingleVendor / #SingleProvider solution!), implementing real #SelfCustody (#OMEMO, #OTR & #PGP is supported out of the box) for all the keys, and proper #Anonymitiy (using @torproject / #Tor & @guardianproject #Orbot for #privacy), so in case they ever get a duely sumitted warrant by a court they'd have to comply with, they'll most likely have no data whatsoever on clients that could allow identification.

And that is a good thing, because whilst very unlikely, one cannot exclude the non-zero chance of i.e. #MLAT|s being filed with knowingly false information by 3rd countries.

Also having no PII is a matter of reducing #liability in the sense of #DataProtection: All data requested and by #monocles is the bare minimum mandated for #accounting (i.e. only linking a payment like a #TxID / Transaction-ID to an account and then adding up validity/activation period).

And since running a #Service costs money, the low #subscription to their #Services makes them independent from #ads, #crawling / #espionage against #customers and depending on #grants and #donations to keep the lights on, making it a #sustainable #business...