Mastodawn

Ian Campbell 🏴Jul 24, 2023

Just saw someone advocating progressive movements organize on the Fediverse.

BE VERY VERY CAREFUL ABOUT SAYING STUFF LIKE THIS.

-Most fediverse tie-ins are not architected to protect you. For instance, Mastodon Direct Messages are not encrypted and admins can access them.

-Most instances are hosted by ordinary people who don't have the time, knowledge, or resources to fight subpoenas in either criminal or civil actions.

Meet here. Support each other. Cheer each other on. Show solidarity, and elevate and amplify each other.

Organize in much more restricted environments, like end-to-end encrypted messengers like Signal.

Show thread

Kevin Karhan

Jul 25, 2023

@neurovagrant no, because #Signal is a #proprietary #SingleVendor / #SingleProvider solition that is subject to #CloudAct and thus can't be secure by design.

If you really want #InfoSec, #OpSec, #ComSec & #ITsec, then #SelfHosting everything is key.

But that'll require #TechLiteracy and may not scale well...

IMHO self-hosting a #Zulip Server works good for organizational structures.

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant Turn off Contact Discovery and Signal basically eliminates the need to trust the server. It doesn’t matter what the server is running because all metadata except the recipient is encrypted. Your group names, group participants, reactions, typing notifications, profile pictures, message bodies, etc. are all opaque and indistinguishable.

Matrix and XMPP spew all your metadata across all servers participating in a room, encrypting very little besides message bodies. There are some progressing XEPs to encrypt more metadata, but we shouldn’t rely on platforms like Matrix or XMPP in their current form to hide our metadata because they don’t. Participants, probable cause from linked profiles outside the conversation, timestamps, group information, etc. are all as private as your Fedi DMs.

The only thing that comes close to Signal with something like Tor would be Briar, but I don’t know how well offline messaging works on it. I can’t speak for alternatives like SimpleX since I’m not familiar.

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant just use #XMPP over #Tor then...
Also it's not done with "Just use Signal" because #ITsec, #InfoSec, #OpSec & #ComSec are all interlinked.

#Signal is for gullible #TechIlliterates that are too lazy to learn despite being #TechLiterate is part of their job.

Assholes like #GlennGreenwald for example...

Signal will inevitably crash down like #EncroChat and #ANØM before...

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant All of the concerns I raised were at the application protocol layer. Tor is a TCP anonymizer.

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant use a client that doesn't shit itself out, like #MonoclesChat and #Gajim...

Also unless I can preproducibly built client and server myself I won't trust any app or software at all!

Show thread

Seirdy

@kkarhan @neurovagrant Ok. Let’s say I use one of those clients. I create a room and my friends, using those clients, join it. Say we all use the same server, and the server gets compromised.

What data is at risk?

The name of the room
Members of the room
Timestamps of encrypted messages
Senders of encrypted messages
Group member display names
Group member profile pictures
Description of the room
Who sent DMs to whom
Most active group members
A given message’s sender and recipient.

The full Signal Protocol is far more than Signal’s double-ratchet encryption protocol. It prevents any of this from leaking, and assumes the server has already been compromised. All the server sees is the recipient of a message; the sender is sealed on the application protocol layer.

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant You purposefully refuse to accept the core problem:

#Signal is a.#centralozed #SingleVendor / #SingleProvoder solution that is subject to #CloudAct and obviously implementing #Govware #Backdoors.

Why else are all the #tinfoilhat|ed conspiracy theorists on #Telegram and not #Signal??
https://www.youtube.com/watch?v=G1thc5DSHwA

The cost of shilling VPN companies is your reputation.

YouTube

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant

And since #Signal isn't financed by it's users, it must finance itself somehow...

I.e. #PRISM membership?
https://www.youtube.com/watch?v=WVDQEoe6ZWY

This Video Is Sponsored By ███ VPN

I tried to write a more honest VPN commercial. The sponsor wasn't happy about it. • Get ██ days of ███ VPN free at ██████.com/honestThe ASA ruling I referenc...

YouTube

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant because when "push comes to shove", admins held at gunpoint will integrate #Govware #Backdoors into the #centralized #SingleVendor / #SingleProvider service...

https://twitter.com/thegrugq/status/1085614812581715968

thaddeus e. grugq (@thegrugq) on X

I’m gonna tell you a secret about “logless VPNs” — they don’t exist. Noone is going to risk jail for your $5/mo https://t.co/Q2aOQJkG4g

X (formerly Twitter)

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant just like #ProtonMail did:
https://www.youtube.com/watch?v=QCx_G_R0UmQ

ProtonMail Sends User IP and Device Info to Swiss Authorities.

YouTube

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant You have not explained what a data compromised signal server can access.

The Signal protocol assumes the server is already compromised. The protocol assumes that the servers are run by a hostile actor, and hides metadata accordingly.

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant that is irrelevant for the problem.

If I were to control a PBX, then encrypting your calls only buys your time at best if not allow me to literally MITM stuff since, #NotYourKeysNotYourControl!

Whereas I can exchange keys in #PGP / #MIME and #XMPP - #OMEMO via other ways and actually verify shit instead if #TOFU!

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant I…you realize that key exchange and rotation mechanisms used in megolm and OMEMO are borrowed from Double Ratchet, right? Neither protocol adds anything significant, although Matrix removes quite a bit (Matrix lacks strong backwards security, having only forward security (if my understanding of Megolm is correct)).

Where did you read that Signal uses TOFU? Signal is where Double Ratchet was born.

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant Moreover, if you were to compromise a key, you’d only be able to read the messages that key decrypts. But forward and backward security will prevent you from using that key to decrypt the full history.

Where are you getting your information from?

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant Stop throwing smoke grenades amd answer a simple question:

Why should I ever trust a #centralized #SingleVendor / #SingleProvider "solution" that is not.only.capable.but entirely willing to enfoce #Cyberfacist "restrictions" against it's users.

Just like Signal did...

Or do you believe Moxie's successor would be walking free or even breathing if #Signal was actually secure against the U.S. government?

They ain't decentralized like #Tor...

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant Case in point: every big provider will do #Govware #Backdoors because otherwise their business model would be illegal around the globe as per #Telco laws..

The only exceptions are organziation-internal & privately self-hosted systems.

Thus everythibg that is as #centralized as #Signal is inherently insecure.

Whereas I can run an #XMPP server #airgapped in a #LAN or even inside a #VPN that is only accessible via #Tor...

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant Sigh. You’ve repeated yourself.

What data will a compromised signal expose?

You are the NSA and have stormed into the Signal datacenter and placed your backdoors everywhere, and can monitor all traffic. I am using a Signal client with a reproducible build signature. What do you now have on me, given the constraints imposed by my client?

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant that signature is useless since I literally MITM all traffic and have literally replaced all keys.

A single update of the server have made it trivial...

IOW: You only need to hold the right people at gunpoint to do so...

And I get you €500 that they're under gag order and have integrated a #Govware #Backdoor...

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant Or to put it simple:

If your #centralized #SingleVendor / #SingleProvider "solution" isn't criminalized to be used in Russia, India, "P.R." China and Saudi-Arabia, then it's #backdoored like #iCloud in the PRC...
https://www.youtube.com/watch?v=Ev9_oDHNf-4

How Tim Cook Surrendered Apple to the Chinese Government

YouTube

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant Alright, I’m going to link you the Wikipedia article for the Double Ratchet algorithm and mute this conversation since I think it’s clear you don’t understand how the modern e2ee key management algorithms work and how they differ from e.g. TLS to prevent this exact thing from happening:

https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm

Double Ratchet Algorithm - Wikipedia

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant so you admit defeat amidst the fact that you refuse to acknowledge the fact that a #centralized #SingleVendor / #SingleProvider solution is impossible to secure against the will of the government it's incorporated under (as per law)...

Not Opensourcing the backend and it's APIs is literally violating #KerckhoffsPrinciple so hard it disqualifies any security claims as fanboyism!

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant instead of Wikisplaining me like the ignorant #TechBro you are you could first answer me the simple question:

Why isn't #Signal #decentralized?
Why don't users hold the #PrivateKey|s??
Why can't you #SelfHost a #Server???

But that would shatter your naive worldview and expose your escalating commitment as the bad thibg it is...

https://pleroma.envs.net/objects/7bec917f-f678-4af9-b0de-fd638c407125

Show thread

Kevin Karhan

Jul 25, 2023

@Seirdy @neurovagrant #Signal is neither good for individuals nor orgs.
https://mstdn.social/@kkarhan/110773718884285468

Kevin Karhan :verified: (@[email protected])

@[email protected] @[email protected] @[email protected] because #Signal can't be #SelfHosted (unlike #XMPP and even #Zulip) I can't recommend or use it any professional capacity because I've to comply with #GDPR & #BDSG and that includes evidently having control over data and being able to comply with #auditability and #datadeletion requests in any organization. Also #Signal does collect #PhoneNumbers and enforces #Cyberfacist embargos.

Mastodon 🐘

Show thread

Seirdy Jul 25, 2023

@kkarhan @neurovagrant All right, say you’re right about Signal being a honeypot. Say you you’re one of the bad actors leveraging its backdoors, and you have access to the Signal servers. I send messages from a Signal client with a reproducible build signature. How would you find out any of the data I described?

For a compromised XMPP or Matrix server, you’d have your answers with a few database queries. How would you go about this with Signal?

Show thread

Fla Jul 25, 2023

@Seirdy @neurovagrant @kkarhan

Reading your conversation. Kevin, be a bit more respectful, you could learn stuff 😉
Signal cryptography is the state of the art. Everyone is reusing their work, WhatsApp, Matrix... Does that protect you from the NSA? Probably not, but nothing does. Is it a bad thing that Signal is centralized? Yes, mostly because you can block their servers to shutdown the service, and also because you depend of them, if they become "evil". (I am a bit afraid by their crypto)
1

Show thread

Fla Jul 25, 2023

@Seirdy @neurovagrant @kkarhan

Is decentralization a better solution? For privacy from corporation and independence, yes. If you want to protect yourself from the NSA, obviously not. If they want to, they will break your server in no time. Nothing would protect you from them.

Show thread

Kevin Karhan

Jul 25, 2023

@fla @Seirdy @neurovagrant Then you obviously seem to not know basic concepts such as #airgapping and #AsymetricCryptography.

You see, the #NSA can only hack what's connected to thei internet, and cops can only seize what they'll find on a person / inside a home/car/garage/warehouse...

https://github.com/KBtechnologies/PocketCrypto

GitHub - KBtechnologies/PocketCrypto: An airgapped encryption/decryption device for off-grid communication

An airgapped encryption/decryption device for off-grid communication - KBtechnologies/PocketCrypto

GitHub

Show thread

Kevin Karhan

Jul 25, 2023

@fla @Seirdy @neurovagrant But if you really have to face state-sponsored attackers of the #NSA kind you've already failed so hard in terms of #InfoSec, #OpSec & #ComSec that it's easier to fake the death of one than to even begin leveling up #ITsec.

So your points are entirely moot.

https://mastodon.social/@fla/110776269617206885

THE CORE PROBLEM YOU BOTH ( @fla & @Seirdy ) ARE IGNORING IS #CENTRALIZATION!

Because it's a #SingleVendor / #SingleProvider solution they'll be naturally subject to state intervention aka. being forced to integrate #Govware #Backdoors under the threat of getting their shit forcibly unplugged.

The people that work at @signalapp have names and adresses the state knows, and thus they'll be subject to threats by the state.

Show thread

Kevin Karhan

Jul 25, 2023

@neurovagrant @fla @Seirdy it is not only a legal requirement for providers like @signalapp to integrate #Govware #Backdoors AND comply with #Cyberfacism aka. "Export Controls" on #Cryptography whereas with fully - #opensource|d and #decentralized systems [i.e. @torproject ] the state can't force the maintainers to backdoor it.

I mean just look at #Tor, #Monero and all the other tools llike @kalilinux that get used by people regardless of the legality of their actions.

Show thread

Kevin Karhan

Jul 25, 2023

@neurovagrant @fla @Seirdy Relying on a #centralized #SingleVendor / #singleProvider solution like @signalapp / #Signal is even more dangerously naive as equally centralized solutions like #EncroChat or #ANØM:

Or do you naively believe governments that strictly enforce #LawfulInterception will just not care because it's #Signal?
Hell no!

There's a reason #XMPP - #OMEMO and other protocols where users own the keys are still around: Because they work and ain't Single-Vendor/Single-Provider!

Show thread

Kevin Karhan

Jul 25, 2023

@neurovagrant @fla What I find most dishonest re: @signalapp is @Seirdy refusing to answer simple questions like "Why can't one #SelfHost a #Signal #Server?"

Instead hauling around smoke grenades and #Wikisplaining shit...

Bruh, do you think I'm an idiot?

My advice saved peoples' lives when their entire existance is being criminalized!

I'd love to go into details but NDAs exist and I'm not risking jailtime and my future employability for some randos on the Internet that fanboy #Signal!

Show thread

Fla Jul 25, 2023

@kkarhan @neurovagrant @signalapp @Seirdy

one can easily host a signal server. I already did to test a third party Signal client plugged on Signal servers as if it was the official client. Its name is Axolotl: https://github.com/nanu-c/axolotl

this is actually a real weakness in Signal behavior today: they allow third party clients which are much weaker than the official one, without users having a way to distinguish them.

GitHub - nanu-c/axolotl: A Signal compatible cross plattform client written in Go, Rust and Vuejs

A Signal compatible cross plattform client written in Go, Rust and Vuejs - nanu-c/axolotl

GitHub

Show thread

Kevin Karhan

Jul 25, 2023

@fla @neurovagrant @Seirdy thx for proving my point:
https://mstdn.social/@kkarhan/110776852586195516

@signalapp

Kevin Karhan :verified: (@[email protected])

@[email protected] @[email protected] @[email protected] @[email protected] You know, all the arguments in favour of #Signal remind me of something...https://en.wikipedia.org/wiki/Crypto_AG If @[email protected] is not an op like #ANØM nor being subverted like #EncroChat then I'd call the entire LEA/INTEL apparatus of the USA out as criminally incompetent... https://mstdn.social/@kkarhan/110776834522375761 Just admit that you're all just having an escalating commitment because cognitive dissonance is real. Once #Signal is busted, you all owe me an apology, cuz #ToldYaSo!

Mastodon 🐘

Show thread

Fla Jul 25, 2023

@kkarhan @Seirdy @neurovagrant
So that's the way we should protect ourselves? By being disconnected from the Internet? Tell me how you use XMPP and Matrix in such cases? Building an internal network with Wi-Fi? Even this can be easily attacked by NSA. And obviously, people want to communicate, so be connected to the internet.

Show thread

Kevin Karhan

Jul 25, 2023

@fla @Seirdy @neurovagrant

M8, if you gonna tone police me, GTFO!

Just because everyone does it doesn't mean it's good.

And if #NSAbook does so for their #Govware - #backdorred messengers then it's obviously insecure af.

#AllGafamsAreEvil and #NotYourKeysNotYourControl applies for #Cryptography just as much as for #Cryptocurrencies.