101010.pl

Kevin Karhan :verified:<a href="https://gruene.social/@max" class="u-url mention" rel="nofollow noopener" target="_blank">@max</a> To <a href="https://gruene.social/@max/113872018769294131" rel="nofollow noopener" target="_blank">quote you directly</a>:<blockquote>"[...] easy to use solutions that are at the same time private and secure. [...]"</blockquote><ul><li>The fact that <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@signalapp</a> requires <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhoneNumber</a> which more often than not cannot be legally acquired anonymously makes it not <a href="https://infosec.space/tags/private" class="mention hashtag" rel="nofollow noopener" target="_blank">#private</a>. </li></ul>It is easier, faster, cheaper and overall simpler to get someone setup with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#XMPP</a> + <a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#OMEMO</a> espechally if they don't have a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhoneNumber</a> and/or <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ID</a> to acquire a <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIM</a>. And if you go and say, "Just buy a [insert country here] [e]SIM!" and expect <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechIlliterates</a> without a <a href="https://infosec.space/tags/CreditCard" class="mention hashtag" rel="nofollow noopener" target="_blank">#CreditCard</a>, <a href="https://infosec.space/tags/PayPal" class="mention hashtag" rel="nofollow noopener" target="_blank">#PayPal</a> or other means of <a href="https://infosec.space/tags/OnlinePayment" class="mention hashtag" rel="nofollow noopener" target="_blank">#OnlinePayment</a> to fiddle around with some <a href="https://infosec.space/tags/eSIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#eSIM</a> if not having to get some <a href="https://infosec.space/tags/eSIMcard" class="mention hashtag" rel="nofollow noopener" target="_blank">#eSIMcard</a> because they can only afford to maintain one SIM and can't spend triple-digits on a new devices then you completely missed the point!<ul><li>I can much faster and easier get TechIlliterates setup show them around - either in a <a href="https://mastodon.earth/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@cryptoparty@mastodon.earth</a> / <a href="https://chaos.social/@cryptoparty" class="u-url mention" rel="nofollow noopener" target="_blank">@cryptoparty@chaos.social</a> / <a href="https://infosec.space/tags/CryptoParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#CryptoParty</a> - style <a href="https://infosec.space/tags/classroom" class="mention hashtag" rel="nofollow noopener" target="_blank">#classroom</a> / <a href="https://infosec.space/tags/seminar" class="mention hashtag" rel="nofollow noopener" target="_blank">#seminar</a> or 1:1 tutoring than I can legally acquire and activate a new SIM in <a href="https://infosec.space/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#Germany</a> [since 07/2017]...</li></ul>It's not that I expect anyone to get <a href="https://infosec.space/tags/TechLiterate" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechLiterate</a> within minutes, but similar to setting up a cordless DECT phone it's something one has to do once in 5 years and just have them put the password in a safe spot to retain... Point is that <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Signal</a> <a href="https://infosec.space/tags/WontFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#WontFix</a> their setup and that was evidently clear even before <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@Mer__edith</a> succeeded <a href="https://infosec.space/tags/MoxieMarlinspike" class="mention hashtag" rel="nofollow noopener" target="_blank">#MoxieMarlinspike</a>: Their entire operation has a distinct <a href="https://infosec.space/tags/CryptoAG" class="mention hashtag" rel="nofollow noopener" target="_blank">#CryptoAG</a> stench as it's an <a href="https://infosec.space/tags/unsustainable" class="mention hashtag" rel="nofollow noopener" target="_blank">#unsustainable</a> <a href="https://infosec.space/tags/VCmoneyBurning" class="mention hashtag" rel="nofollow noopener" target="_blank">#VCmoneyBurning</a> party!<ul><li><a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudAct</a> and the <a href="https://infosec.space/tags/NOBUS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NOBUS</a> <a href="https://en.wikipedia.org/wiki/NOBUS#Criticism" rel="nofollow noopener" target="_blank">hegemony</a> ain't something that just got executed now (neither was <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#GDPR</a> & <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#BDSG</a>!)... </li></ul>A counterexample on how this could've been done are <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tor</a>, <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#eMail</a> and other truly <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> as in <a href="https://infosec.space/tags/MultiVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#MultiVendor</a> & <a href="https://infosec.space/tags/MultiProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#MultiProvider</a> standards. <ul><li>NOTHING compells Signal to <a href="https://en.wikipedia.org/wiki/Signal_(software)" rel="nofollow noopener" target="_blank">demand PII</a>, run a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Shitcoin</a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#Scam</a> <a href="https://en.wikipedia.org/wiki/Signal_(software)#In-app_payments" rel="nofollow noopener" target="_blank">aka.</a> <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#MobileCoin</a> that even seasoned <a href="https://infosec.space/tags/TechLiterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechLiterates</a> and <a href="https://infosec.space/tags/CryptoBros" class="mention hashtag" rel="nofollow noopener" target="_blank">#CryptoBros</a> <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener" target="_blank">can't setup properly</a>, and in fact Signal using <a href="https://en.wikipedia.org/wiki/Signal_(software)#Controversial_use" rel="nofollow noopener" target="_blank">phone numbers makes it trivial to discriminate against users and easier for them to identify them</a>!</li><li>If <a href="https://infosec.space/@kkarhan/113869305765533809" rel="nofollow noopener" target="_blank">my reasoning</a> didn't resonate with you, then try helping i.e. undocumented migrants aka. "<a href="https://infosec.space/tags/SansPapier" class="mention hashtag" rel="nofollow noopener" target="_blank">#SansPapier</a>|s" to get setup with it without violating laws and/or ToS and/or needing an imported SIM which I'm shure most folks don't have on hand!</li></ul>Whereas it's trivial to get people setup on <a href="https://github.com/greyhat-academy/lists.d/blob/main/xmpp.servers.list.tsv" rel="nofollow noopener" target="_blank">one of many XMPP servers I've personally tested</a>!<ul><li>Not to mention clients like <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@monocles</a> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#monoclesChat</a> and <a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@gajim</a> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#gajim</a> are way more user-friendly and unlike Signal can also work perfectly fine over <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tor</a>, including <a href="https://infosec.space/tags/OnionServices" class="mention hashtag" rel="nofollow noopener" target="_blank">#OnionServices</a> as endpoints. </li></ul>AFAIK Signal doesn't even have an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#OnionService</a> / <a href="https://en.wikipedia.org/wiki/.onion" rel="nofollow noopener" target="_blank"><code>.onion</code></a> for their Website, much less any <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#API</a> enpoints to use it with!<ul><li>Them relying on <a href="https://infosec.space/tags/ClownFlare" class="mention hashtag" rel="nofollow noopener" target="_blank">#ClownFlare</a> is just something that makes them even more <a href="https://infosec.space/tags/sus" class="mention hashtag" rel="nofollow noopener" target="_blank">#sus</a> as there is <a href="https://en.wikipedia.org/wiki/Cloudflare#Controversies" rel="nofollow noopener" target="_blank">no legitimate reason</a> to use a <a href="https://infosec.space/tags/RogueISP" class="mention hashtag" rel="nofollow noopener" target="_blank">#RogueISP</a> like that.</li></ul> You're free to also provide evidence and supporting data to your arguments, rather then neighsaying against proven to be more secure and reliable [by virtue of decentralization] options like XMPP+OMEMO and/or <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#PGP</a>/MIME. <ul><li>What gets my blood boiling is the constant <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#disinfo</a> by <a href="https://mstdn.social/@rysiek/113868777937162686" rel="nofollow noopener" target="_blank">Signal</a> <a href="https://mstdn.social/@rysiek/113869169340313254" rel="nofollow noopener" target="_blank">Fanboys</a> like <a href="https://mstdn.social/@rysiek" class="u-url mention" rel="nofollow noopener" target="_blank">@rysiek</a> who sell it like <a href="https://infosec.space/tags/DigitalSnakeoil" class="mention hashtag" rel="nofollow noopener" target="_blank">#DigitalSnakeoil</a> akin to <a href="https://infosec.space/tags/AntivirusSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#AntivirusSoftware</a>, because it's at best "<a href="https://infosec.space/tags/TechPopulism" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechPopulism</a>" and at worst <a href="https://infosec.space/@agturcz@circumstances.run/113868748895262202" rel="nofollow noopener" target="_blank">will mislead "TechIlliterates"</a> with a <a href="https://infosec.space/@kkarhan/113868987217053362" rel="nofollow noopener" target="_blank">false sense of security</a>, which in turn puts more users at risk.</li></ul>The proper fix is to actually assess the situation and acknowledge the risks and limitations as well as the very nature of communications, which means upgrading later is exponentially more painful, thus getting people properly setup once is way easier.<ul><li>Just because WE [ or rather <a href="https://mstdn.social/@rysiek" class="u-url mention" rel="nofollow noopener" target="_blank">@rysiek</a> in this case ] rather privilegued enough to not be hatecrimed in their current location doesn't mean this is the case for everyone. And having places like Signal rely on a "<a href="https://infosec.space/tags/CDN" class="mention hashtag" rel="nofollow noopener" target="_blank">#CDN</a>" is just another red flag to me because questions like <a href="https://circumstances.run/@agturcz/113866980398547492" rel="nofollow noopener" target="_blank">this one</a> just don't arise with <a href="http://monocles.chat" rel="nofollow noopener" target="_blank">monocles.chat</a> as people can just exercise proper <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfCustody</a> and just use Tor!</li></ul>Speaking of <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener" target="_blank">#monocles</a>: That business is at least <a href="https://infosec.space/tags/sustainable" class="mention hashtag" rel="nofollow noopener" target="_blank">#sustainable</a> because it's funded by users <a href="https://store.monocles.eu/produkt/monocles-starter-account/" rel="nofollow noopener" target="_blank">(€2 p.m.)</a> which they can <a href="https://monocles.eu/more/#payment-section" rel="nofollow noopener" target="_blank">pay anonymously</a>

Recent searches

Search options

Administered by:

Server stats:

#vcmoneyburning