"We have ceded so many of the core operations of our lives and institutions to tech, we must recognise that strong encryption isn’t the enemy of security — it *is* security." - Signal President
@Mer__edith for the Financial Times on the war on encryption
https://www.ft.com/content/a934150f-e0f5-4e75-a2d1-a3671ea52ca0
@kkarhan@infosec.space@signalapp @Mer__edith what you need is to #decentralize and #GTFO out of the #USA, unless you are a #StingOp like #ANØM...
@kkarhan if they were a sting, the code wouldn't be open source
@signalapp @Mer__edith
@ckrypto @kkarhan @signalapp @Mer__edith we need a non us org to do an audit
@ckrypto @kkarhan @signalapp @Mer__edith
dont forget the .xz near hack
@kkarhan@ckrypto if@signalapp@mastodon.world wasn't complying with #CloudAct, @Mer__edith would be in jail.
Not to mention even if Signal keeps their "#OpenSource" code updated - which is doubtful [www.youtube.com], NOONE can actually #verify that it's the code you actually use - regardless if #backend / #Server or #client / #App!
Also if Signal was designed for #security, it would've been #decentralized as #XMPP+#OMEMO and not demand #PII like #PhoneNumbers which oftentimes cannot be obtained anonymously in many juristictions at all!
- Only #MultiVendor & #MultiProvider standards can be secure, regardless if OMEMO or #PGP/MIME.
By comparison, @delta doesn't require any PII, only an #eMail account, and @monocles isn't a #VCmoneyBurningParty but sustainable due to #subscription and they don't even require any personal details for #payment: #CashByMail and #Monero are accepted.
- Not to mention neither #DeltaChat nor #monoclesChat are pandering [www.youtube.com] #Shitcoin #Scams like #MobileCoin that don't work [www.youtube.com] even for #TechLiterate #CryptoBros!
Again: It's Signal alone who have to evidence they are trustworthy, and all I get are "#TrustMeBro!" replies, which means they are not to be trusted.
- Not to mention, it's just not sustainable to run a #service without #revenue, even if it's run entirely by unpaid volunteers and gets all it's #hosting and #costs donated, someone has to pay for expenses due to #abuse of a service (which is an inevitability come mass adoption)...
Whereas with #XMPP I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.
- Signal as a #centralized, #SingleVendor & #SingleProvider service is inevitable vulnerable to #RubberhoseCryptoanalysis, and #Meredith will break if not doing so means jail for life until she does [web.archive.org]!
Whereas with XMPP & PGP/MIME #eMail I can layer @torproject / #Tor over it, make it an #OnionService and keep that thing under my bed with a literal killswitch [www.youtube.com]...
@kkarhan
JFC you're clearly just using an AI to generate your replies for the purpose of spreading FUD.
In any case, with regard to decentralization:
https://youtu.be/DdM-XTRyC9c
@kkarhan@ckrypto no and I expect you to take that insult back, Neurotypical!
- Because #Ableism and BS like made-up claims like yours [mstdn.io] are a clear sign that you have neither evidence nor arguments left, thus must discredit the opponent becuase you are a bad looser.
I consider your reply a conditionless surrender, or as we'd say in Germany: "I'd love to duel you intellectually but I see you are unarmed!"
@kkarhan lol, not wasting time on you any longer. Tell your Russian handler you're an embarrassing failure.
@ckrypto @kkarhan
Oh cool, apparently I'm a Russian agent too because I do not bow to the @signalapp cryptogod. Here I was, naively thinking I'm the average self-hosting-enthusiast linux nerd, but I'm a spy apparently! Nice.