Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@dave_andersen" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dave_andersen</span></a></span> <span class="h-card" translate="no"><a href="https://furry.engineer/@AVincentInSpace" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>AVincentInSpace</span></a></span> personally I consider any <em>"<a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a>"</em> a risk-factor, and <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> has proven their <em>ability and willingness</em> to restrict functionality (i.e. their <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitcoin</span></a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a> <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileCoin</span></a>) based off said <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> (Cuban, Russian and North Korean Numbers were excluded) which are in fact <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> (even if one doesn't have to <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ID</span></a> for obtaining a <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIM</span></a>, they are circumstantial PII)... </p><ul><li>They have neither <em>"legitimate interest"</em> nor legal mandate to collect said data (or to integrate a scammy Shitcoin for that matter) as the discontinuation of <a href="https://infosec.space/tags/ChatSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChatSecure</span></a> / <a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a> has eliminated the <em>"technical necessity"</em> to have those.</li></ul><p>Either way they either have to yeet <a href="https://infosec.space/tags/Hegseth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hegseth</span></a> as client and/or stop collecting PII like PhoneNumbers - <em>they gotta have to do something</em>…</p><ul><li>As for <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>, I'd say <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> remains the gold standard alongside <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME...</li></ul><p><a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> is a different story, but unlike <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> these do not depend on a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> and work through <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a>.</p><ul><li>And I've been using Tor for almost 15 years daily now...</li></ul>
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.
Administered by:
Server stats:
230active users
veganism.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.4
#textsecure
1 post · 1 participant · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://udongein.xyz/users/lispi314" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lispi314</span></a></span> <span class="h-card" translate="no"><a href="https://ioc.exchange/@Avitus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Avitus</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span> <em>exactly that.</em></p><p>Espechally given that <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> discontinued <a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a>, which was <a href="https://infosec.space/tags/SMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMS</span></a>-based where one could've claimed a <em>"technical necessity"</em> existed.</p><ul><li>Nowadays it's rather <em>empowering bad actors and introducing weaknesses</em> given <a href="https://infosec.space/tags/GSM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GSM</span></a> and <a href="https://infosec.space/tags/Telephony" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telephony</span></a> is <a href="https://www.youtube.com/watch?v=wVyu7NB7W6Y" rel="nofollow noopener" target="_blank"><em>inherently and unfixaboy insecure</em></a> by design and that <em>noone should rely on it being reliable or accurate to begin with</em> as technology to selectively reroute calls and SMS are as old.as the underlying teoephony network!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://udongein.xyz/users/lispi314" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lispi314</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span> Not.only.that, but with a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> it makes it trivial to get details from <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> targeting a known individual.</p><ul><li>And with the prevalence of <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> and the fact that there is <em>literally no <a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LegitimateInterest</span></a></em> since <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> abandoned <a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a>, it's yet another design flaw that is beibg <em>intentionally kept</em> instead of fixing it <em>at all</em>!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@david_chisnall" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>david_chisnall</span></a></span> <span class="h-card" translate="no"><a href="https://ioc.exchange/@Avitus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Avitus</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@lucasmz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lucasmz</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> espechally with a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitcoin</span></a> that is neither private (unlike <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Monero</span></a>) nor has any markets & trading volue (unlike Monero) and doesn't provide any added features compared existing <a href="https://infosec.space/tags/Cryptocurrencies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cryptocurrencies</span></a> <em>and</em> <em>"<a href="https://infosec.space/tags/TradFinance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TradFinance</span></a>"</em>...</p><ul><li>And even then: Your reasoning is 100% valid, as it's just adding <a href="https://infosec.space/tags/bloat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bloat</span></a> compared to functionality (unlike <a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a> which did make sense as it encrypted <a href="https://infosec.space/tags/SMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMS</span></a>!)...</li></ul>
Jan Vlug<p><span class="h-card" translate="no"><a href="https://mastodon.energy/@Sustainable2050" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Sustainable2050</span></a></span> I ditched Whatsapp many years ago. Maybe even before it was bought by Meta. I was peer pressured to install it (at the times that it was totally unencrypted). I never liked using Whatsapp.</p><p>When the <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.social/tags/SignalApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SignalApp</span></a> (<a href="https://mastodon.social/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a> at the time) became available I moved to Signal. Nearly all my contacts installed it as well.</p><p>What I not do like about Signal is its centralized approach. Slowly using more <a href="https://mastodon.social/tags/matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>matrix</span></a> nowadays.</p><p><a href="https://community.signalusers.org/t/finally-100-users-on-signal-app-android/7998/14?u=janvlug" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">community.signalusers.org/t/fi</span><span class="invisible">nally-100-users-on-signal-app-android/7998/14?u=janvlug</span></a></p><p><a href="https://mastodon.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://labyrinth.zone/users/halva" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>halva</span></a></span> <span class="h-card" translate="no"><a href="https://a.bloodyno.se/users/lynn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lynn</span></a></span> <span class="h-card" translate="no"><a href="https://tech.lgbt/@deilann" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>deilann</span></a></span> </p><p>Wrong, as you need a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> just to sign up to <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> / <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and Signal does use that to discriminate against users and restrict functionality.</p><p>And since an increasing number of juristictions don't allow anonymous <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> / mandate <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a> even for <a href="https://infosec.space/tags/Prepaid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Prepaid</span></a> numbers, that Phone Number is not only explicit <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> but also Signal never had any <em>"legitimate interest"</em> to demand one, nor is it <em>"technically necessary"</em> in any shape or form (unlike if they still offered <a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a> to encrypt <a href="https://infosec.space/tags/SMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMS</span></a> and used said phone numbers to update, authenticate and exchange Public Keys)...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://grapheneos.social/@GrapheneOS" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GrapheneOS</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> I didn't say all of them have it...</p><p>Re: <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> I'd not consider it <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disinfo</span></a> as we've seen more elaborate Setups like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> & <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> fall.</p><ul><li><p>Given the fact that one cannot <a href="https://infosec.space/tags/SelfHost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHost</span></a> <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a>'s backend, they shilled the <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileCoin</span></a> <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> and use <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> to enforce <em>'selective availability'</em> as well being incorporated in the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a> all rubs be unpleasantly...</p></li><li><p><em>"The" correct way</em> to do things (sarcasm OFC!) is to do <a href="https://infosec.space/tags/OfflinePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OfflinePGP</span></a> but we can all agree <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank">it's not practical</a>...</p></li></ul><p>I remember when <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> did a good <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> Messenger (<a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a>) and that had a reason to use <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> as it merely encrypted <a href="https://infosec.space/tags/SMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMS</span></a>, but that OFC has other issues.</p><ul><li>In terms if <em>"proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a>"</em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> if <a href="https://infosec.space/tags/keys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keys</span></a>, <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> does fit even the stingest criteria - including <a href="https://infosec.space/tags/encrypted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encrypted</span></a> <a href="https://infosec.space/tags/GroupChats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GroupChats</span></a>!</li></ul>
VegansExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload