@Netzblockierer
> Because Phone Numbers are intrinsically insecure, as they can always be linked to a device [Number->SIM->ICCID->IMEI) / client (SIP uses UDP = no Tor!) and thus trivially connected by circumstances to a person!
How do you link that to a Signal account?
There is also no relationship between E2EE and identification of an account
@GuillaumeRossolini @dzwiedziu even more reason to consider Signal a Honeypot, as there is even less reason to mandate a Phone Number that can but will and has been used to identify users!
https://tech.lgbt/@Netzblockierer/116792642328924285
#Signal #Honeypot #PhoneNumber #Privacy #OpSec #InfoSec #ITsec #ComSec
@[email protected] @[email protected] Or as anyone from [/d/OpSec](http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/d/OpSec) would say: > Demanding a Phone Number is a *huge RED FLAG* as only Feds [Honeypots] and *criminally incompetent idiots* do that. And you don't want to get snitched upon as part of a plea bargain [[*like ShinyFlakes' clients got*]…](https://www.youtube.com/watch?v=JtPZf16zkdA) #PokeNumber #RedFlag #Snitches #HoneyPot #PleaBargain #ShinyFlakes #OpSec #dread
@Netzblockierer I don’t disagree with that, but it has no bearing on the E2EE issue, at all
@GuillaumeRossolini @dzwiedziu If you can locate the User, you can access the Device and most likely read everything.
Don't believe me?
That's why I use #Tor exclusively for the last 16+ years!
#location #OpSec #InfoSec #ComSec #ITsec #China #KSA #Russia
@Netzblockierer that is not what E2EE means
End to end encryption means that nobody outside of the correspondents can read the contents of the messages being exchanged
Obviously if you can own either side, then the messages are open to you, but you’d need much more than simply their identity or location: you’d need physical access and possibly also consent
… And that is what makes E2EE so useful for most of the population: it’s effective
Please don’t go around saying that E2EE is worthless or that neither WhatsApp or Signal have it, because they do have it
These apps may have other issues (from your perspective and threat model), and that’s fine, but they do have E2EE
@GuillaumeRossolini @dzwiedziu no, WhatsApp most certainly doesn't and I don't consider it real E2EE if you cannit exercise self-custody.
I wish everyone could afford your level of naivity and trust, because that's how I almost got killed!
@Netzblockierer
Comparing Signal to VPNs is a category error.
And ad hominem, survivorship bias, anecdotal evidence.
Also, I'm pretty sure that I've seen this style of argumentations and writing somewhere, I just can't put my finger on it 
@dzwiedziu I don’t want to discount anyone’s experience on a might-be (that we perhaps misjudged)
But yeah I’d need receipts to believe, which we likely won’t get in this case (because privacy) so the point is moot
As for the last part, if I’m getting it right, there were typos that make this less likely ;)
Dźwiedziu
Guillaume Rossolini
Netzblockierer