@lauren no, because @signalapp is subject to #CloudAct (= incompatible with #GDPR & #BDSG if you ever care!) and collects #PII in the firirm of #PhoneNumbers, which are at best pseudonymous but trivial to track and at most means that people inviting others without their consent comitted an illegal disclosure if PII!

• Use real #E2EE with #SelfCustody of all the keys that isn't a #proprietary #SingleVendor & #SingleProvider solution that peddles a #shitcoin #scam!

Give #XMPP+#OMEMO a shot: @monocles / #monocles & @gajim / #gajim.

1 2 3 4 5

@dalias I sincerely disagree because none of my claims got debunked and no evidence against #XMPP+#OMEMO have come up to me as of today.

• @signalapp being a #centralized, #SingleVendor & #SingleProvider solution subject to #CloudAct by virtue of being located in the #USA WILL NOT JUST BLOW UP IN PEOPLES FACES, BUT GET PEOPLE KILLED under #Trumpism!

I hope to be proven wrong, but up until now I've always been at the position of saying #ToldYaSo!

• Whereas with @monocles you have way stricter #DataProtection (cuz there are no #DataProtevtionLaws in the #US that actually get enforced, otherwise #Musk's minions.would've been jailed of not killed for trespassing and hacking critical systems!) AND unlike #Signal, monocles doesn't demand any #PII whatsoever! https://infosec.space/@kkarhan/113999675511028742

@lauren

@kkarhan @signalapp @monocles @lauren Very few systems promoted as Signal alternatives match the cryptographic privacy properties (see: ratcheting, etc.) of Signal.

The claims about "located in the USA" and "Cloud Act" are all nonsense because the only threat to Signal users from this is availability (seizure and shutdown of the server infrastructure), not undetected breakage of privacy properties.

There are presently no systems with superior privacy properties to Signal *and* level of functionality on par with what general public expects. There are a lot (like the XMPP stuff, *sigh*, and Matrix) that are worse in both regards. If you're happy with reduced functionality, Cwtch (and possibly some other similar Tor-based systems) or VeilidChat are stronger, but it's gonna be a while before you convince normies to use them, and in the mean time they're still going to be on insecure shit like WhatsApp, FB Messenger, Telegram, etc...

@dalias @kkarhan @signalapp @monocles @lauren

Some people like to make bold statements without verifying first.

The server *can* do malicious things (even targeted, so it maybe already is happening without anyone known) that result in exactly an "undetected breakage of privacy properties". Here's an issue about this, closed with the comment that privacy features are only best-effort with no guarantee: https://github.com/signalapp/Signal-Android/issues/13842

@dalias @kkarhan @signalapp @monocles @lauren

People always go with "Signal has the best crypto" to argue why Signal and only Signal. However, crypto alone is not the only thing in the world.

Good crypto might be necessary for good privacy and security, but it doesn't alone solve the problem. If Signal would send a clear test backup of all messages to their servers, all this great crypto would be worth nothing.

@dalias @kkarhan @signalapp @monocles @lauren

Specifically for this context, sealed-senders is one of the few features of Signal that differentiates it from WhatsApp, which uses largely the same crypto. If the few extra privacy features of Signal are just best-effort and it's fine they only work if the server does not misbehave, Signal becomes almost the same as WhatsApp - except that the one company that controls everything has a different name.

@dalias @kkarhan @signalapp @monocles @lauren

How do you know that Signal company does not share their metadata and contacts graph with Facebook? You make this assumption and you are probably right, but you have no way to verify.

@dalias @kkarhan @signalapp @monocles @lauren

Contact graph is who you are sending messages to. Signal servers can always see who receives a message and they can trivially see who sent a message if sealed senders is turned off (which, as is shown, can be done by the server). So Signal in fact has access to your contact graph.

They also have access to a bunch of other metadata, like the Apple/Google push token that is known to be used to spy on people: https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/

@dalias @kkarhan @signalapp @monocles @lauren

As is described in the issue, the fallback to revealing the sender when sealed sender fails is not in any way communicated to the user and happens fully automatically. In fact, it randomly happens to users every now and then and that is by design. If it were to notify users when this happens, it would be very confusing.

@dalias @kkarhan @signalapp @monocles @lauren

As far as I know, this is turned off by default and even then only visible if people look at the details of a message (which they don't do, realistically). Remember that this only has to happen for a single message to create the link in the contact graph. So if any, this is a red herring, not a mechanism that prevents Signal servers from creating a contact graph, if e.g. forced by the crazy government of the country they are located in.