@Blaumensch1 @kuketzblog nein.
#XMPP+#OMEMO & #PGG/MIME mit #SelfCustody und Anbietern in der #EU, die keine Niederlassung, Geschäftsrätigkeit oder Anteilseigner aus den #USA haben.
Bspw.: @monocles / #monoclesChat und @delta / #DeltaChat.
@linuxer @stormii @karl_ist_super ja, sowas wie @monocles / #monoclesChat, @gajim / #gajim & @delta / #deltaChat...
Natürlich kannste #Signal nutzen, nur dann musste halt auch drauf klarkommen dass so zentralisierter shice durch eine christofaschistische Regierung (#USA) irgendwann eingestampft wird.
#Monocles verlangt hingegen garkeine Daten und erlaubt anonymes Bezahlen per #Monero & #CashByMail !
@Wyatt_H_Knott precisely that
There are evidently superior alternatives like the #Fediverse & #XMPP+#OMEMO like @gajim / #gajim and @monocles / #monoclesChat.
@signalapp no it's not.
Being a #centralized, #SingleVendor & #SingleProvider solution subject to #CloudAct makes you inherently vulnerable by your own choice and thus trivial to shutdown compared to real #E2EE with #SelfCustody of all the keys and true #decentralization as well as #SelfHosting (i.e. #PGP/MIME [see @delta / #deltaChat et. al.] and #XMPP+#OMEMO [see @monocles / #monoclesChat et. al.]!)
And don't even get me started on you collecting #PII (espechally #PhoneNumbers) for no valid reason, (thus violating #GDPR & #BDSG)...
But yeah, I'll be patient to shout "#ToldYaSo" to your annoying cult of fanboys!
@kkarhan @ueeu @monocles It's true that #Conversations and its fork #MonoclesChat are reproducible today, yet they are not setup like this historically (signed by F-Droid). While we push for reproducible builds, these are not a must, but an extra check of trust.
https://f-droid.org/docs/Inclusion_How-To/#reproducible-builds
@ueeu I think crucial parts is looking at it's components, dependencies, size and for apps permissions.
#ReproduceableBuilds for example are important, so the actually released source code is what people actually get served as basis.
Plus in terms of #security, choose *real #E2EE with #SelfCustody of all the #Keys!
@crazy_pony when @signalapp isn't being run as a #VCMoneyBurningParty and they take #InfoSec, #OpSec, #ComSec & #ITsec serious and stop shilling the #Shitcoin #Scams that is #MobileCoin!
For everyone else, there's #XMPP+#OMEMO (see @monocles / #monoclesChat) & #PGO/MIME (see @delta / #deltaChat)…
@froge @fj I'm not replacing @signalapp with "random tools" but good options.
Like @delta & @thunderbird as well as @monocles / #monoclesChat & @gajim which work flawlessly over @torproject / #Tor using @tails / @tails_live / #Tails and @guardianproject / #Orbot respectably.
Considering the costs of even acquiring and upkeeping an #anonymous #SIM, I'd rather pay €2 p.m. for #XMPP+#OMEMO and #PGP/MIME-supported #eMail with the option of self-custody than $2,50+ p.m. just to keep a phone number.
Or is anyone here expecting @Mer__edith to risk jail for life amd not comply with #CloudAct?
It stenches like #ANØM, because NOTHING IS FOR FREE and running a #VCmoneyBurningParty is expensive...
Getting started with XMPP/Jabber and PGP for federated, encrypted messaging
This is a short thread where I explain how I started using the XMPP protocol and PGP encryption for secure messaging. I am not a security expert, but I am a mathematician and I am confortable with the Linux command line. This guide is for people who want to use PGP for secure messaging easily. You will need to be okay with typing commands into the Linux command line in order to do this, but I will tell you exactly what to enter.
Part 1: XMPP
Mastodon is like email, but for social media. You sign up for an account with a server, and then you can talk with any other accounts that are signed up on other servers, as long as your servers are getting along. (No one wants emails from the sketchy spam server, and we want to be able to choose between Yahoo, Gmail, etc.) XMPP (a.k.a. Jabber) is the same thing for text messaging.
Just like signing up for an email/Mastodon account, you need to sign up for an account. You can find a list of servers at https://list.jabber.at/ and will probably at least need to provide an email addess when making an account.
Once you have made an account, you need a client. On Linux, I've been having a good time using Dino (https://dino.im/). You can then enter your account name and password to log into your XMPP account and start chatting! There are both public rooms and you can also message directly with your friends.
#security #PGP #XMPP #FOSS #Jabber #Dino #MonoclesChat
(1/4)
@ckrypto if@signalapp@mastodon.world wasn't complying with #CloudAct, @Mer__edith would be in jail.
Not to mention even if Signal keeps their "#OpenSource" code updated - which is doubtful, NOONE can actually #verify that it's the code you actually use - regardless if #backend / #Server or #client / #App!
Also if Signal was designed for #security, it would've been #decentralized as #XMPP+#OMEMO and not demand #PII like #PhoneNumbers which oftentimes cannot be obtained anonymously in many juristictions at all!
By comparison, @delta doesn't require any PII, only an #eMail account, and @monocles isn't a #VCmoneyBurningParty but sustainable due to #subscription and they don't even require any personal details for #payment: #CashByMail and #Monero are accepted.
Again: It's Signal alone who have to evidence they are trustworthy, and all I get are "#TrustMeBro!" replies, which means they are not to be trusted.
Whereas with #XMPP I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.
Whereas with XMPP & PGP/MIME #eMail I can layer @torproject / #Tor over it, make it an #OnionService and keep that thing under my bed with a literal killswitch...
@kinetix @anthropy AFAIK, @monocles / #monoclesChat is also available for #iOS.
@buyeuropean don't forget @monocles and @Stuxhost with their #managedNextcloud offerings as well as #monoclesChat & @delta / #deltaChat for #secure #messaging with real #E2EE...
@htwj @Mer__edith yeah, traded one #proproetary, #centralized #SingleVendor & #SingleProvider solution for another.
@delta Yeah, I think #deltaChat is pretty cool and like #XMPP+#OMEMO ( @monocles / #monoclesChat & @gajim / #gajim ) a very good option.
@kinetix @delta @anthropy I am aware of #DeltaChat.
@truls46 Ein gutes Gegenbeispiel zu @signalapp ist @monocles / #monoclesChat:
Es werden keine persönliche Daten verlangt!
Es wird ein offener Standard (#XMPP+#OMEMO) genutzt, sodass #SelfCustody und #Datenhoheit gewährleistet ist!
Der Dienst ist zwar kostenpflichtig (€2 p.m.), aber komplett anonym bezahlbar (inkl. #Monero & #CashByMail)!
Nutzung von @torproject #Tor wird nicht verhindert oder blockiert; @guardianproject / #Orbot wird unterstützt!
In #Deutschland gibt's immernoch #Rechtsstaatlichkeit, anders als in den #USA!
Anders als #Signal ist #monocles ehrlich, was Sicherheit und Datenschutz angeht...
Ich denke mal das sollte hinreichend meine Argumebte darlegen.
@pixelschubsi @erebion @inaruck so oder so sind alle aktuellen #XMPP-Clients, besonders @monocles / #monoclesChat & @gajim / #gajim warnen ganz eindeutig gegen unverschlüsselte kommunikation!
Zumal auch das nen Kostenfaktor ist, wohingegen es drölfzig Optionen gibt was XMPP angeht!
@inaruck ich hab' Leute konsequent auf #XMPP+#OMEMO migriert, weil @signalapp zentralisiert und unter #CloudAct fällt, folglich inhärent unsicher.
