Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)S

SteleTrovilo

@ SteleTrovilo @beehaw.org

Posts
0
Comments
39
Joined
3 yr. ago

  • App Nora - Is it safe and private?

    Jump

  • I agree about avoiding the sites entirely. That is the best approach.

    I disagree about running Qubes and Whonix. It's actually so easy - there's no reason not to try it.

    (Unless you're in a country where using Tor is penalized.)

  • App Nora - Is it safe and private?

    Jump

  • Icky corporate social media.

    If you must use them, get Qubes running on a cheap laptop and dedicate a Whonix VM to each "service". They won't know where you are or what sites you visit. Stay off of the "feed". Even then, assume they are acting against your interests.

  • Pennsylvania High Court Rules Police Can Access Google Searches Without Warrant

    Jump

  • "everyone knows they're being watched anyway"

    With Google searches, this is just a statement of fact.

  • Don't Delete Your Data - POISON IT INSTEAD

    Jump

  • You literally don't even know what Adnauseam is. Keep on owning yourself, it's funny!

  • Don't Delete Your Data - POISON IT INSTEAD

    Jump

  • Useless observation. Adnauseam and uBlock serve two different purposes. A user should only run one of the two at once.

  • Using Proton VPN with YouTube now gives me this.

    Jump

  • Utter BS on their part. Time to go read books!

  • Blue Are the Hills – a character-driven scifi novel about transhumanism and hope

    Jump

  • Is there a way to buy or sample this outside of Amazon?

  • TrekMovie.com - Rick Berman And Brannon Braga Defend The Controversial ‘Star Trek: Enterprise’ Series Finale

    Jump

  • Now I have to rewatch "Spock's Brain". Thanks.

  • A single DNS race condition brought AWS to its knees

    Jump

  • Why Signal over Jabber/XMPP?

    Jump

  • Signal is the best intersection of genuine security and ease-of-use that I've ever seen. No choosing a server, no making an account. Just install the app, get a confirmation SMS, and now you can communicate with future-proof encryption and authentication right away.

    For more technical people, who aren't going to be intimidated by things like making accounts and secure passwords and choosing servers, Signal is not the best. But when I need to communicate securely with non-technical people, it's a wonderful quick go-to solution.

  • New 7-Zip high-severity vulnerabilities expose systems to remote attackers — users should update to version 25 ASAP

    Jump

  • "a crafted archive can escape its intended extraction directory and write files to other locations on the system. When chained, this can escalate to full code execution under the same privileges as the user"

    To be clear, you want Tom's Hardware to downplay the severity of this situation?

  • Removed

    If it ask for your phone number its not private.

    Jump

  • It needs to be said. Because anonymity is only one part of privacy.

    Security is another part - in messaging, this means that the message cannot be spied on in transit, and cannot be altered in transit.

    Authenticity is another part - you need to know that the message came from who it claims to have come from, and not elsewhere.

    Signal does not provide anonymity, basically. But it guarantees security and authenticity beyond doubt. And this is useful - you can exchange secure information with people using Signal, knowing that it's not being spied on or altered, knowing that only the person you intend to see the data can see it, and knowing that they know that you sent it.

    But yeah, if you want to send messages anonymously, other services are necessary.

  • Removed

    If it ask for your phone number its not private.

    Jump

  • So Signal doesn't provide anonymity. Is that all you're saying?

  • Removed

    If it ask for your phone number its not private.

    Jump

  • You literally don't understand how hashing works, got it. Please educate yourself on this topic. In short, "connecting your existing contacts" is ENTIRELY possible with hashed phone numbers; it's not even complicated or tricky. To claim otherwise, as you just did, is nothing but trumpeting your own ignorance.

    As for deleting (and propagating deletion of) messages, this is most definitely NOT a matter of "just trust us". The client is open-source! We KNOW how it works. We KNOW that deletion propagates across devices when you tell it to. We KNOW that the service cannot see your unencrypted messages, and that the encrypted messages are made with AES so even quantum computers in the future can't decrypt them. This is incredibly far from "just trust us".

  • Removed

    If it ask for your phone number its not private.

    Jump

  • This is vastly different from every other piece of information I've read about Signal. Please link me to a source for your claims.

  • Removed

    If it ask for your phone number its not private.

    Jump

  • Are you talking about the client app, or about the service?

    Much of what you said doesn't apply to the service, which stores hashed phone numbers and first access / last access times and nothing else.

    And the client does store these things, but also lets users delete messages and contacts. Your message deletions can propagate as well.

  • Removed

    If it ask for your phone number its not private.

    Jump

  • Indeed, I also don't realize that. Please explain further.

  • Removed

    If it ask for your phone number its not private.

    Jump

  • Signal stores the hash of the phone number. So you can query them for a specific phone number, but are unable to figure out phone numbers based on the hashes (outside of brute force - trying every 12-digit phone number).

    And after doing that, you learn "this person uses/used Signal", with no information about particular messages whatsoever.

  • Removed

    If it ask for your phone number its not private.

    Jump

  • The leak from the administration was because Pete Hegseth included a journalist in a discussion about sensitive war plans. Trying to blame that on Signal is deceptive on your part.

    If you are saying that Signal does not offer anonymity then you are right. Anyone I message on there knows it's me. But Signal is still keeping my messages safe from monitoring and third-party surveillance, to the best of my knowledge.