Vincent
Patrick VanhouckeJournalists use #Signal to talk to sources and share tips safely. The app helps protect privacy, but #journalists are often targets. To stay safe, they should secure their Signal account. This article explains how. The tips are also useful for ordinary users.
Los periodistas utilizan #Signal para hablar con sus fuentes y compartir información de forma segura. La aplicación ayuda a proteger la privacidad, pero los #periodistas son a menudo objetivos. Para mantenerse a salvo, deben proteger su cuenta de Signal. Este artículo explica cómo hacerlo. Los consejos también son útiles para los usuarios normales.
https://freedom.press/digisec/blog/proteccion-avanzada-para-signal/
cos@librarianbe ..or they could instead use a messenger that is decentralized, really open source and doesn't require a phone number.
ಚಿರಾಗ್ 🌹✊🏾Ⓥ🌱🇵🇸 (he/him)@cos @librarianbe Signal is literally *the* gold standard in encrypted messaging (and yes, it's open source). It's almost like you want to get journalists compromised and killed.
PassengerSignal also doesn't require a phone number these days. You can use a username instead.
@passenger @cos @librarianbe I believe it still requires a number for registration, but you can hide it from being searchable and give out a username.
@chiraag @librarianbe it is not "gold standard", nor it is open source as people understand open source. I'd advise against using it if you need security and privacy. It is better than many alternatives such as WhatsApp or Telegram, but still..
@cos @librarianbe Quite literally, Edward Snowden and Bruce Schneier (cryptography and privacy expert) recommend it, among others. Orgs that require sensitive data (such as investigative journalists and whistleblowers) have used it successfully for *years*. It's been audited dozens of times. So yeah, gold standard.
And yes it's open source. The clients and server are open source. It's not decentralized, but that's a different issue.
Am I?@ami @librarianbe Element/Matrix. There are other options such as XMPP and p2p messengers, but Matrix seems to be most widely adopted.
@cos
Ok, I've heard some pretty terrible things about the state of encryption in matrix. But maybe it's gotten better 🤔
A locally hosted XMPP does sound like a doable idea though.
@librarianbe
Ok, I've heard some pretty terrible things about the state of encryption in matrix. But maybe it's gotten better 🤔
A locally hosted XMPP does sound like a doable idea though.
@librarianbe
@ami @librarianbe you need to verify your new logins/devices with qr code to get private keys transferred to them. That's a security feature. Not doing so causes unable to decrypt messages.
Future versions should be even better:
https://matrix.org/blog/2024/10/29/matrix-2.0-is-here/#4-invisible-encryption
No strong opinion on XMPP, I don't have any friends or communities using it. Everyone is on Matrix and/or messengers bridged to it.
OGJester has moved@librarianbe Great info; thanks for sharing
Bi Sasquatch@librarianbe - Thank you for sharing this information.
*_jߍyrope@Patrick Vanhoucke Why not just use Molly instead? Hardened Signal including extra encryption on Signal database here you go: #^https://github.com/mollyim @Zoë Mc Pherson | SFX
Zoë Mc Pherson | SFX@jrp @librarianbe because my phone has no more spaaaaaceeee. Cool though
@jrp @zoemcphers If you want to convince people of all ages and all social strata to leave WhatsApp behind, you need to offer an approachable and accessible alternative that runs on both Android and iOS.
@Patrick Vanhoucke I am fine with Android (derivates).