@kkarhan@infosec.space@zdl @evacide that any the fact that @signalapp is incorportated in the #USA, making them susceptible to #GDPR & #BDSG-incompatible #cyberfacist bs like #CloudAct.
- If #Signal cared, they'd completely #OpenSource #backend and #frontend as well as #decentralize and refuse to collect any #PII (like #PhoneNumers) at all!
Remember: #KYC IS THE ILLICIT ACTIVITY when it comes to #Communication!
- To me Signal has a stench like #CryptoAG (aka. #MINERVA / #RUBIKON), #EncroChat and espechally #ANØM (aka. #OperationIronside / #OperationTrøjanShield)...
Compare that to @monocles / #monoclesChat which don't demand any PII or KYC and allow people to pay for their services with #Monero and #CashByMail besides #SEPA #WireTransfer, #Stripe & #PayPal whilst supporting both decentralization (#XMPP is not a #SingleVendor / #SingleProvider solution!), implementing real #SelfCustody (#OMEMO, #OTR & #PGP is supported out of the box) for all the keys, and proper #Anonymitiy (using @torproject / #Tor & @guardianproject #Orbot for #privacy), so in case they ever get a duely sumitted warrant by a court they'd have to comply with, they'll most likely have no data whatsoever on clients that could allow identification.
- And that is a good thing, because whilst very unlikely, one cannot exclude the non-zero chance of i.e. #MLAT|s being filed with knowingly false information by 3rd countries.
Also having no PII is a matter of reducing #liability in the sense of #DataProtection: All data requested and by #monocles is the bare minimum mandated for #accounting (i.e. only linking a payment like a #TxID / Transaction-ID to an account and then adding up validity/activation period).
- And since running a #Service costs money, the low #subscription to their #Services makes them independent from #ads, #crawling / #espionage against #customers and depending on #grants and #donations to keep the lights on, making it a #sustainable #business...