23 Jan 2025 |
johanw | * No, the eebsite version that us published there has auto update on. | 09:14:07 |
| vbits.es joined the room. | 14:46:21 |
| satanicmeth joined the room. | 19:31:40 |
| satanicmeth left the room. | 19:55:40 |
| @muhammadakbar90:matrix.org joined the room. | 21:16:15 |
| @muhammadakbar90:matrix.org joined the room. | 23:21:15 |
| @muhammadakbar90:matrix.org left the room. | 23:21:28 |
24 Jan 2025 |
siger_revolution | Have you seen Signal's reaction regarding the potential targeting of a geographic area where a user is located:
Cloudflare CDN flaw leaks user location data, even through secure chat apps - BleepingComputer
For them, this does not fall within their mission to implement network anonymity features.
Consequently, we can also conclude that it’s the same stance regarding the analysis of all traffic with AI to try to deduce, by correlation, who is talking to whom.
https://www.972mag.com/lavender-ai-israeli-army-gaza/
A bit like what happened in Palestine with the Israelis targeting WhatsApp to figure out who was communicating with whom. | 01:24:42 |
siger_revolution | * Have you seen Signal's reaction regarding the potential targeting of a geographic area where a user is located:
https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/
Cloudflare CDN flaw leaks user location data, even through secure chat apps - BleepingComputer
For them, this does not fall within their mission to implement network anonymity features.
Consequently, we can also conclude that it’s the same stance regarding the analysis of all traffic with AI to try to deduce, by correlation, who is talking to whom.
https://www.972mag.com/lavender-ai-israeli-army-gaza/
A bit like what happened in Palestine with the Israelis targeting WhatsApp to figure out who was communicating with whom. | 01:25:33 |
crispycat [they]🏴☠️ | i've never considered signal to be anonymous | 01:26:26 |
crispycat [they]🏴☠️ | there's the whole phone number thing | 01:26:31 |
crispycat [they]🏴☠️ | that being said, signal (and everyone else) should stop using clownflare | 01:26:53 |
siger_revolution | There is a difference between anonymity and correlation.
They have added features like sealed sender, nicknames, etc., and there is no obligation to use your phone number to register on Signal. Many users use a burner number. | 01:30:43 |
crispycat [they]🏴☠️ | anonymous burner numbers are extremely hard to obtain now | 01:31:41 |
crispycat [they]🏴☠️ | in some places you can't even get a prepaid sim without ID | 01:31:53 |
crispycat [they]🏴☠️ | and there are cameras in all the stores | 01:32:00 |
crispycat [they]🏴☠️ | even with an XMR sim service you still have to give them an address to send it to, and there's still the issue of cell tower tracking | 01:32:45 |
siger_revolution | I find it strange that there seems to be a willingness to abandon the issue of correlating who is talking to whom.
This is a problem that will become increasingly common in the future, with traffic analysis and AI advancements.
Why stop addressing it when they did such a remarkable job with sealed sender?
It feels like, since Moxie Marlinspike's departure, they have lost their sense of direction. | 01:32:58 |
crispycat [they]🏴☠️ | and in any case you don't actually control the phone number, there's always the possibility of interception | 01:33:22 |
crispycat [they]🏴☠️ | adding a password is optional | 01:33:41 |
crispycat [they]🏴☠️ | and there's no official option for registering an account outside of android and ios (both very heavily survilled) | 01:34:33 |
siger_revolution | ChatGPT
Yes and no, since you can enable registration lock.
In the long run, you could potentially lose your account, but in reality, it’s extremely rare.
And there are plenty of online services where you don’t need to provide anything, like Crypton. | 01:35:18 |
siger_revolution | *
Yes and no, since you can enable registration lock.
In the long run, you could potentially lose your account, but in reality, it’s extremely rare.
And there are plenty of online services where you don’t need to provide anything, like Crypton. | 01:35:29 |
siger_revolution | not true, i use signal-cli for this :) | 01:35:54 |
crispycat [they]🏴☠️ | In reply to @siger_revolution:matrix.org not true, i use signal-cli for this :) that's why i said official | 01:36:05 |
crispycat [they]🏴☠️ | i use signal-cli too since i have a librem 5 | 01:36:15 |
crispycat [they]🏴☠️ | In reply to @siger_revolution:matrix.org Yes and no, since you can enable registration lock.
In the long run, you could potentially lose your account, but in reality, it’s extremely rare.
And there are plenty of online services where you don’t need to provide anything, like Crypton. how do they know where to send the sim? esim requires google shitware iirc | 01:36:35 |
siger_revolution | There are plenty of services that do this, and unlike Telegram, you can register without restrictions.
Telegram blocks all of that and forces users to have the official app plus Play Store services.
In the past, Telegram didn’t impose these requirements. Okay, Telegram is garbage.
But Signal has tolerated this for a very, very long time. They don’t block numbers like that, nor do they require users to have Play Store services, etc. | 01:39:02 |
siger_revolution | crypton.sh, quackr.io, anosim.eu etc etc | 01:39:53 |
| zanpat12 left the room. | 04:57:06 |