@Sascha woe gut dass ich meine nie veröffebtlicht habe, weil es einfach nen absolutes Unding ist.

- Dieser Shice wird ne Menge Sexarbeiter*innen gefärden!

#Amazon #Doxxing #SelfDoxxing #Wishlist

@electric_gumball yes and I stick with it.

• And I expect others to #RefuseToComply to #Cyberfascist demands like "#AgeVerification" aka. State-mandated #SelfDoxxing!
  • I'll never forgive nor forget those that don't!

#dlDoxxing #Cyberfascism #Privacy #PII #HumanRights #CivilRights #ITsec #InfoSec #OpSec #ComSec

@lackthereof it's not a "strange complaint", but a massive problem, because it creates dependency on a proven insecure network that is more often than not controlled if not run by hostile actors…

• Also #eMail, like #XMPP+#OMEMO, is based around #OpenStandards so you ain't forced to use any provider that is subject to #CloudAct nor known to snitch on customers without a valid domestic warrant…
  • And if you trust noone, you can just host your eMail Server on a Rasberry Pi at home. It'll certainly be less convenient and more expensive but the you also get all the benefits of it being not possible to seize it without breaking into your home.

@signalapp mandating #PhoneNumners is a huge red flag because at best any #PhoneNumber is pseudonymous like a #Shitcoin-Wallet and that any #privacy is broken the moment it has any (even remotely circumstantial) connection to someone.

• Because even if you ain't forced into #SelfDoxxing to obtain a #Prepaid - #SIM (aka. "#KYC") and/or Phone Number it is still a bad design.
  • Not to mention that this conpletely twarts their "#Metadata - #FUD" completely.

Not to mention #Signal's #App is a huge shitshow…

@krutonium @eff @torproject "Know Your Customer" aka. mandating people to self-d0x to use a service!

• It spread well beyond the [admittedly false!] pretense of "combatting #MoneyLaundering and Terrorism Financing"…
  • *"#AgeVerification"- (which cannot be done without #SelfDoxxing!) is just the latest cancerous growth on that idea!

@neil IMHO It's overdue that #Android #developers press charges for #extortion and #blackmail against #Google and that @EUCommission bans this #coercion of #SelfDoxxing, because Google has NO "legitimate interests" (and #Enshittification is not a legitimate interest worth protection by regulators!)…

• #NotLegalAdvice but to me it's clear that only #LawEnforcement and #Judges hamfisting #ConsumerRights will work at this point...

@seabass thanks for the info.

Personally, I use @fdroidorg / #Fdroid exclusively and think that their approach for their own repo (pull the #git sources for any #App and compile the release version before signing it with F-Droid's key) is sufficiently secure.

• OFC one can add 3rd party repos to it and those could be malicious as similar to #Linux package managers like apt, they've to provide their own signatures and knowingly adding malicious repos will enable #malware…

Personally, I hope @EUCommission and other #regulators will tell #Google that this is unacceptable and I hope developers will instead file charges for #blackmail and #extortion against Google rather than #SelfDoxxing!

@adisonverlice the problem is that this is mandatory "#SelfDoxxing" and puts genuine #developers at risk whilst also empowering malicious actors.

• In fact I know multiple developers that'll refuse to do this shit as a matter of principle - myself included!

IDK if you've read and/or understood the original post by Google, but this will apply to EVERY ANDROID DEVELOPER regardless if they ever put their #Apps on #GooglePlay or prefer to distribute manually (requiring device owners to manually "allow 3rd party app sources") or whatever.

• It's the sheer principle!

I'm not shure if @LineageOS / #lineageOS, @e_mydata / #eOS or @GrapheneOS / #GrapheneOS will go out of their way to disable this since I assume this is enforced with the "#GooglePlay Services Framework" but I'm convinced #Google will mandate it for every Google Play - enabled & -certified device!

In jedem Falle sollte mensch niemals und unter keinen Umständen irgendwem seine [echten] Personalien Mitteilen oder gar nen Perso-Foto bzw. Selfie schicken!

• Es gibt sehr, sehr wenige die wirklich sowas verlangen dürfen [bspw. #Autovermietung] oder gar müssen [siehe #Banken] aber die werden i.d.R. einen persönlich hereinbestellen [bspw.: Autovermietung machts bei Schlüsselübergabe] oder seriöse Lösungen [bspw.: #POSTIDENT] nutzen. Auf jeden Fall wird kein Händler³ im Internet sowas verlangen!

Alles andere führt nur zu #Identitätsdiebstahl und #Identitätsmissbrauch wo entsprechende Opfer dann z.T. als Beschuldigte*r in tausenden Fällen dann gearscht ist...

• Also schützt euch und andere vor #Doxxing und #SelfDoxxing!

³[Selbst nicht beim legalen Waffenkauf! Da wird stattdessen ne Kopie der WBK samt Nummer verlangt weil der Kauf wird quasi in Echtzeit gemeldet und ohne passenden Voreintrag im System ist auch kein Erwerb möglich!...]

#KYCisTheIllicitActivity #InfoSec #ComSec #OpSec #KYC #IllicitActivity

@rysiek @agturcz that's not how you fix #TechIlliteracy, espechally since things changed for the better.

@monocles / #monoclesChat & @gajim / #gajim are quite easy, whereas @signalapp / #Signal demands #PII in the form of a #Phone number which is more often than not not legally obtainable without "#KYC" aka. "forced #SelfDoxxing" all whilst being an extremely #centralized, #SingleVendor & #SingleProvider solution that falls under #CloudAct ant thus cannot adhere to #GDPR & #BDSG!

• Sorry, but "#TechPopulism" alike "JuSt UsE sIgNaL !" won't fix #TechIlliteracy but rather provide false sense of security to #TechIlliterates when the correct solution is to teach proper #TechLiteracy like @cryptoparty / @cryptoparty / #CryptoParty does...

Otherwise we'd only perpetuate the #Enshittification-#Lifecycle as has happened with #AIM, #ICQ, #BBM and so many more...

• Mark my words, cuz I've been proven correct up to this point.

If #Signal and @Mer__edith actually cared, they would've setup their system truly decentralized as an #OnionService over @torproject / #Tor!

#THXBYE #EOD #ITsec #InfoSec #OpSec #ComSec #DigitalSnakeoil #FakeSec