Soatok DreamseekerIn light of recent events, I want to remind everyone that end-to-end encryption doesn't prevent you from adding the editor of the Atlantic to your private group chats.
(That said, if the editor of The Atlantic wants to join a chat with a bunch of gay furries talking about hacking and weird kink shit, I've got a few recommendations.)
The entire reason SCIFs exist is because encryption technology alone cannot satisfy every threat model.
(If you're doing military stuff, regardless of which side you're on, preventing leaks is literally a life or death matter.)
Das@soatok why do these people still have (the same) jobs
Spud@soatok (damn I gotta get on signal owo)
Ben@soatok
Arguably a way better experience than getting handed war plans.
Arguably a way better experience than getting handed war plans.
@ben_zen "We want you to watch" - People with a variant of a cuckold fetish, probably
Phillip 
Bill Ricker
Teknikal_Domain@soatok Fuck them, where's my invite?!
(had to)
sparrows (doll arc) :flaglesbian::neoamazonia::vriskasip:@soatok unfortunately, given this is the Atlantic we’re talking about, he’d probably turn it into a cover story about rapid onset human dysphoria
Lutrulo@soatok Wait, there's more than just your tech group on Signal?
Forgi 
@soatok Hi, yes I’m the editor of The Atlantic 👀
Sham 🏳️🌈@forgifuzzbutt @soatok that's unpossible because I'm the editor of the Atlantic
Vincent Sparkswell I'm not the editor of the Atlantic but I kinda want those recommendations
Anthropy@soatok does it count as a crypto oracle when you literally have a man in the middle (not an attack they were invited after all)
Mx. Eddie R@soatok
Ah, the classic "complete bumbling doofus" attack, against which all known encryption is powerless.
Ah, the classic "complete bumbling doofus" attack, against which all known encryption is powerless.
CubeRootOfTrue@silvermoon82 @soatok I like when they redact lines in a document but don't realize it's just a black bar on the page and the text is still in the binary .doc
m_on_stair@m @soatok @silvermoon82 Very true, this has always been the biggest problem with crypto software. If you use it wrong, it breaks in ways you can't identify.
Bruce Schneier said, "The difference between attack and defense is you can tell when an attack fails"
The Doctor@silvermoon82 @soatok Can I quote you on that?
segfox@silvermoon82 @soatok is this the secret backdoor everyone's been talking about for years? /s
Arik@segfox @silvermoon82 @soatok Jokes aside, there is a secure communication product which name I won't mention because of my deep respect for its founder. It offers secure voice and text communication, including group voice and group text.
At some point I realised that the company can totally take over someone's account (they could change their password) and register an additional device in their name. The additional device would be automatically added to all of their E2EE chats and groups (i.e. all crypto secrets would be shared with the additional device).
The user won't know about it until their password won't work next time they try to add a device. There was no notification (at that time) that a new device was added to the account, and no notification in any of the chats or groups that a new device has been added.
The company dismissed my concerns at the time. I threatened to go public with this information, at which point they promised to add the proper notifications (and they did).
RootWyrm 🇺🇦
maia // magmaus3@soatok i mean, matrix kinda solves the issue
(can't accidentally leak secrets when you can't even read the message)
(can't accidentally leak secrets when you can't even read the message)
Samofhearts@soatok but her emails.....
Xer Shadow Tail ☄️🌺🏳️⚧️@soatok PGP might have though!
@soatok I do jest though, I imagine if PGP was used there would have been an unencrypted passwordless private key sent to a not up to date repurposed mailing list.
Null@soatok I'm reminded of the fact that they also let Bob Woodward wander around and hear conversations in Trump's last term because no one in Trump's circle knew who he was or why he was there.
Patch Arcana@soatok Once again demonstrating - much like all those BGP outages forever and anon ago - that you can't technology your way out of a carelessness problem.
quixote
Jaypee@soatok
You can invent something foolproof, but they're sure to invent a better fool, even quicker.
You can invent something foolproof, but they're sure to invent a better fool, even quicker.
Techokami@techokami @soatok
I'm convinced that there is at least a thousand variations of this saying, circulating, by now. And they are all pretty good.
I'm convinced that there is at least a thousand variations of this saying, circulating, by now. And they are all pretty good.
Brassica-boy now in #F9CBD3@soatok To be fair. We've seen humanity reach a milestone here.
Ratboy (reformed dino pirate)
StrypeyThere's no silver bullet technical solution to adding the editor of the Atlantic to your private group chats. We're just going to need to educate people about the risk : P
Thomas Eisenbock