XMR $509.40
FIRO $1.78

Please login

Region:

Current view: Classic | Threads
Sort by: New | Tips

Privacy: You don't know what you don't know

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 10
Earned: 0.1 XMR
Tipped: 0 XMR
Jan 10 00:08
(2)
(0)
#758
It's terrifying to not know what you don't know.

A long time ago I had a pin on my phone and simply assumed that it would be impossible to break into it because the device wipes itself after 10 incorrect tries.

Then I assumed biometric data was more complex and thereby more secure.

Then I assumed all I had to do was lock my device and it wouldn't be possible to break into it without knowing or bruteforcing the password.

I didn't know at the time how insecure WiFi truly was and how easy it is to intercept the traffic.

I was under the impression that Signal's data was encrypted on my device and not stored in plain text.

I assumed a VPN was entirely sufficient to prevent a correlation between my online activity and identity.

I assumed the more security extensions I installed, the better my overall security.

I thought Tor was untraceable — especially due to all the claims of anonymity.

Of course, in reality all of the above is false. Any of the aforementioned technologies aren't anywhere as secure, private, and anonymous as you may think they are. The further down the rabbit hole you go, the more you realize just how little control and security you truly have.

Even I was once retarded.
My Website & Blog
Kikuri Darknet Knowledge Base
Tip yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

sepia Verified
5 (3)
Posts: 16
Earned: 0 XMR
Tipped: 0 XMR
Jan 10 03:39
(1)
(0)
#765
To be enlightened, one must be a fool. Wait, what do you mean Signal store the data on plain text?
Tip sepia
QR Code 83sRk4xp9sE5d2FzJmzfJ6GobJQUVhemhbfTBp2RWG8WUp2shAjaQ4dexTPgBtzjtSU2AKqZoeUJTdAGYGgPiKQh2NiAbwg
Publish Tip to sepia

Please login to publish your tip

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 10
Earned: 0.1 XMR
Tipped: 0 XMR
Jan 10 14:14
(2)
(0)
#770
Reply to post #765
It caused a lot of controversy back in 2024: https://cryptographycaffe.sandboxaq.com/posts/protecting-signal-desktop-keys/

https://xcancel.com/naomibrockwell/status/1809291643838951716

https://mastodon.world/@Mer__edith/112756436049179443

At this point I don't use Signal all that much except for some irl friends, while I use alternative software for all other communication, which includes Matrix, XMPP, and SimpleX. However, I have not been a fan of SimpleX due to the glitchy UI among many other reasons, such as a distinct lack in moderation features, poor discoverability, the direction of the project, and the fact the org behind SimpleX receives VC funding. At this stage, Matrix still has the best feature set for running communities while XMPP still solves core problems which other messaging applications have failed to solve. We have far too many messengers and yet most of them are unsuitable for my use case. I don't so much believe in P2P as much as I believe in federation being the future in many ways. You have too many developers trying to do everything themselves, put a little spin on Tor, or come up with their own protocols when they could just work with the technologies that already exist; and this year we'll see new messengers pop up... and the next year... and the next year.

Resources would be far better spent building a new native client for XMPP followed by a server platform equivalent to ActivityPub's Mitra.

Anyway, just going off on a tangent.
My Website & Blog
Kikuri Darknet Knowledge Base
Tip yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

sepia Verified
5 (3)
Posts: 16
Earned: 0 XMR
Tipped: 0 XMR
Jan 12 10:38
(0)
(0)
#779
Reply to post #770
Getting people on Signal is hard enough and now they have this vulnerability that they still won't fix? But it still a fact it is suitable for normal people usage while protecting their privacy
Tip sepia
QR Code 83sRk4xp9sE5d2FzJmzfJ6GobJQUVhemhbfTBp2RWG8WUp2shAjaQ4dexTPgBtzjtSU2AKqZoeUJTdAGYGgPiKQh2NiAbwg
Publish Tip to sepia

Please login to publish your tip

edisondotme Donor - Supporter
5 (23)
Posts: 19
Earned: 0 XMR
Tipped: 0 XMR
Jan 13 18:12
(0)
(0)
#796
This is one of the reasons I always roll my eyes when privacy enthusiasts talk about "threat models". You should always operate under as high a threat model as you can.
yuzuki You should look into using Molly. You can encrypt the db at rest unlike Signal.
Tip edisondotme
QR Code 88XSd4fdhtiPb2BYwsG2H4K28DyGYdM1d6LrHbHCpdzZJucQ7MM1u1xdfKUvD5myyiYCwuqVLxiDQApa5WSRaL3ZBeEe4Jq
Publish Tip to edisondotme

Please login to publish your tip

Page:
1
You must login in order to publish a post