@dave_andersen @AVincentInSpace personally I consider any "#KYC" a risk-factor, and @signalapp has proven their ability and willingness to restrict functionality (i.e. their #Shitcoin-#Scam #MobileCoin) based off said #PhoneNumbers (Cuban, Russian and North Korean Numbers were excluded) which are in fact #PII (even if one doesn't have to #ID for obtaining a #SIM, they are circumstantial PII)...

• They have neither "legitimate interest" nor legal mandate to collect said data (or to integrate a scammy Shitcoin for that matter) as the discontinuation of #ChatSecure / #TextSecure has eliminated the "technical necessity" to have those.

Either way they either have to yeet #Hegseth as client and/or stop collecting PII like PhoneNumbers - they gotta have to do something…

• As for #InfoSec, #OpSec & #ComSec, I'd say #XMPP+#OMEMO remains the gold standard alongside #PGP/MIME...

#ITsec is a different story, but unlike #Signal these do not depend on a #PhoneNumber and work through @torproject / #Tor.

• And I've been using Tor for almost 15 years now...

@phreaknerd @melsdung @nocci exakt deshalb rate ich zu #XMPP+#OMEMO ( @monocles & @gajim ) sowie #PGP/MIME ( @delta & @thunderbird ), denn nur #dezentral mit #SelfCustody aller #Keys besteht echte #E2EE!

• Außerdem funktionieren die einwandfrei via @torproject / #Tor und damit auch noch #anonym!

Ich helfe gern "#Normies" und "#TechIlliterates" darauf umzustellen...

@ainmosni @rysiek +9001%

Just like #IRC & #XMPP+#OMEMO and #PGP/MIME will do the same for #GroupChats and #Messaging in general!

@JessTheUnstill @bohwaz @punkfairie @ajsadauskas @tomiahonen @fuchsiii

Granted, @tails_live @tails / #Tails and @torproject / #TorBrowser are propably one of the best & most battle-tested options that are useable for #TechIlliterates...

• OFC #OpenBSD + #LynxBrowser forced through #Tor would be more #secure (on paper) but we can all agree it's neither feasible nor practical to expect "#Normies" to work within a 80x25 TUI and learn #BSD.

THAT'S NOT GOING TO HAPPEN!

If not for being absurd then for the fact that people need to get things done!

• And it's not as if I haven't taught people how to get started, ranging from having to crash-course someone remotely via chat to hand-on #CryptoParty sessions: If it's way more complex than an AKM chances are people won't stick with it!

So you can imagine how glad I was when @thunderbird merged #Enigmail into #Thunderbird so there's no more fiddling around getting #PGP/MIME to work!

@signalapp no it's not.

• Otherwise #OrganizedCrime would choose #Signal so hard, you'd be shutdown within weeks by the #FBI and @Mer__edith would be forced to "pull a #LavaBit" and face jailtime for obstruction of justice or snitch on users!

Being a #centralized, #SingleVendor & #SingleProvider solution subject to #CloudAct makes you inherently vulnerable by your own choice and thus trivial to shutdown compared to real #E2EE with #SelfCustody of all the keys and true #decentralization as well as #SelfHosting (i.e. #PGP/MIME [see @delta / #deltaChat et. al.] and #XMPP+#OMEMO [see @monocles / #monoclesChat et. al.]!)

• Plus neither of those shill #Shitcoin-#Scams like #MobileCoin!

And don't even get me started on you collecting #PII (espechally #PhoneNumbers) for no valid reason, (thus violating #GDPR & #BDSG)...

• Not to mention relying ob #charity and being a #VCmoneyBurningParty isn't sustainable to begin with!

But yeah, I'll be patient to shout "#ToldYaSo" to your annoying cult of fanboys!

@janet_catcus #XMPP+#PGP may be a good option if you don't want to deal with half a dozen #OMEMO keys...

@Andromxda @mollyim no it's not bs and fanboying @signalapp isn't going to change that.

If #Signal was secure it would be the #1 comms tool of organized crime...

• Yet I've only seen #TechIlliterates shill it.

Real professionals use #SelfHosting capable, fully #FLOSS'd solutions like #PGP/MIME & #XMPP+#OMEMO.

• Again: Demanding #PII like #PhoneNumbers and shilling a #Shitcoin-#Scam (#MobileCoin) makes Signal literally untrustworthy and if it doesn't for you then maybe your standards are just too low...

It's just me reading the room: Cuz #ComSec isn't done woth "JuSt UsE sIgNaL!" and everyone who claims so without pointing out #OpSec, #InfoSec & #ITsec is BSing hard.

• The cold hard truth is that #TechLiteracy is irreplaceable and the only solution to it is to actually teach normies how to "get gud" with stuff like PGP.

Fortunatelty, @thunderbird and @tails_live / @tails / #Tails and many other tools make that easier than ever before.

• So rather than vomiting insults against my intellect in my mentions, go to the next @cryptoparty@mastodon.earth / #Cryptoparty / @cryptoparty@chaos.social and lend a hand.

@walkinglampshade @jrredho @fj It's basic #InfoSec, really:

• @signalapp has no "#LegitimateInterest" to demand #PII like a #PhoneNumber and they use and abuse that to restrict functionality of their App (it doesn't matter that they merely claim "comply with #sanctions" [their #MobileCoin #Shitcoin #Scam disqalifies them even more!] because they have the tech to distinguish and discriminate users)...

Thus #Signal fails at protevting #Journalists and theor sources because they do have that data and can be #subopena'd for it if they don't already provide #BulkSurveillance & #LawfulInterception #API|s to comply with #CloudAct. (Or are you guys so naive and believe @Mer__edith will risk dying of old age in jail for non-paying users?)

• This entire "thread vector" just doesn't exist with #XMPP+#OMEMO nor #PGP/MIME!

And if you believe "this won't ne used/abused me because I'm from 'Murica!" and point at #ANØM as an example, then you really ignored all tze #Cyberfacism since 9/11…

@froge @fj I'm not replacing @signalapp with "random tools" but good options.

Like @delta & @thunderbird as well as @monocles / #monoclesChat & @gajim which work flawlessly over @torproject / #Tor using @tails / @tails_live / #Tails and @guardianproject / #Orbot respectably.

• Also these allow not only #SelfHosting but just work and I'd highly recommend #monocles as a hoster which finances iself by users paying and allows #anonymous accoubts & payments including not just #Monero but also #CashByMail!

Considering the costs of even acquiring and upkeeping an #anonymous #SIM, I'd rather pay €2 p.m. for #XMPP+#OMEMO and #PGP/MIME-supported #eMail with the option of self-custody than $2,50+ p.m. just to keep a phone number.

• Plus I don't run around with a #tracking device that could be used to #deanonymize me any second...

Or is anyone here expecting @Mer__edith to risk jail for life amd not comply with #CloudAct?

• If #Signal was as secure as advertised, it would've been shutdown like #EncroChat and #SkyECC!

It stenches like #ANØM, because NOTHING IS FOR FREE and running a #VCmoneyBurningParty is expensive...

@fj I still think @signalapp has fundamental flaws like demanding #PII (#PhoneNumbers can't be obtained anonymously around the globe and are trivial to track down to devices and thus users), being subject to #CloudAct as an unnecessary & 100% avoidable risk as well as #Shitcoin-#Scam shilling (#MobileCoin) and it's #proprietary, #SingleVendor & #SingleProvider nature that makes it inferior to real #E2EE with #SelfCustody like #PGP/MIME & #XMPP+#OMEMO!