Mastodon

Kevin Karhan :verified:<a href="https://mastodon.social/@walkinglampshade" class="u-url mention" rel="nofollow noopener" target="_blank">@walkinglampshade</a> <a href="https://mastodon.world/@jrredho" class="u-url mention" rel="nofollow noopener" target="_blank">@jrredho</a> <a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener" target="_blank">@fj</a> It's basic <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a>, really:<ul><li><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@signalapp</a> has no "<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener" target="_blank">#LegitimateInterest</a>" to demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhoneNumber</a> and they use and abuse that to restrict functionality of their App (it doesn't matter that they merely claim "comply with <a href="https://infosec.space/tags/sanctions" class="mention hashtag" rel="nofollow noopener" target="_blank">#sanctions</a>" [their <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#MobileCoin</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Shitcoin</a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#Scam</a> disqalifies them even more!] because they have the tech to distinguish and discriminate users)...</li></ul>Thus <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Signal</a> fails at protevting <a href="https://infosec.space/tags/Journalists" class="mention hashtag" rel="nofollow noopener" target="_blank">#Journalists</a> and theor sources because they do have that data and can be <a href="https://infosec.space/tags/subopena" class="mention hashtag" rel="nofollow noopener" target="_blank">#subopena</a>'d for it if they don't already provide <a href="https://infosec.space/tags/BulkSurveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#BulkSurveillance</a> & <a href="https://infosec.space/tags/LawfulInterception" class="mention hashtag" rel="nofollow noopener" target="_blank">#LawfulInterception</a> <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#API</a>|s to comply with <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudAct</a>. (Or are you guys so naive and believe <a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@Mer__edith</a> will risk <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank">dying of old age in jail for non-paying users?</a>)<ul><li>This entire "thread vector" just doesn't exist with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#OMEMO</a> nor <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#PGP</a>/MIME! </li></ul>And if you believe "this won't ne used/abused me because I'm from 'Murica!" and point at <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#ANØM</a> as an example, then you really ignored all tze <a href="https://infosec.space/tags/Cyberfacism" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cyberfacism</a> since 9/11…

Kevin Karhan :verified:<a href="https://hubzilla.monster/channel/tejan" class="u-url mention" rel="nofollow noopener" target="_blank">@tejan</a> the only correct way to deal with this is using proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#E2EE</a> like <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#PGP</a>/MIME & anonymous eMail accounts.<ul><li>Providers can only <a href="https://infosec.space/tags/decrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#decrypt</a> and <a href="https://infosec.space/tags/read" class="mention hashtag" rel="nofollow noopener" target="_blank">#read</a> for what they have the keys!</li></ul>Same goes with <a href="https://infosec.space/tags/Messengers" class="mention hashtag" rel="nofollow noopener" target="_blank">#Messengers</a>, which is why I only recommend <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#XMPP</a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#OMEMO</a> (i.e. <a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@monocles</a> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#monoclesChat</a> & <a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@gajim</a> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#gajim</a> ) & PGP/MIME (i.e. <a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@delta</a> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#deltaChat</a> & <a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener" target="_blank">@thunderbird</a> / <a href="https://infosec.space/tags/Thunderbird" class="mention hashtag" rel="nofollow noopener" target="_blank">#Thunderbird</a>), because unlike <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#proprietary</a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingoeProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#SingoeProvider</a> solutions, they offer <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfCustody</a> so even if a provider is cooperative or served a <a href="https://infosec.space/tags/subopena" class="mention hashtag" rel="nofollow noopener" target="_blank">#subopena</a> or got theor equipment seized, they can't decrypt the contents!

Kevin Karhan :verified:<a href="https://mastodon.world/@MJmusicinears" class="u-url mention" rel="nofollow noopener" target="_blank">@MJmusicinears</a> I wished it would be generally illegal to <a href="https://infosec.space/tags/subopena" class="mention hashtag" rel="nofollow noopener" target="_blank">#subopena</a> medical records at all!

Kevin Karhan :verified:<a href="https://mastodon.social/@xdydx" class="u-url mention" rel="nofollow noopener" target="_blank">@xdydx</a> <a href="https://infosec.exchange/@dreadpir8robots" class="u-url mention" rel="nofollow noopener" target="_blank">@dreadpir8robots</a> What if I told you it's neither?Cuz the <a href="https://mstdn.social/tags/InconvenientTruth" class="mention hashtag" rel="nofollow noopener" target="_blank">#InconvenientTruth</a> is that noine's gonna risk jail for a lousy pay, so why should <a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@signalapp</a> - or anyone else do?Not just due to <a href="https://mstdn.social/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudAct</a>, but basic <a href="https://mstdn.social/tags/telco" class="mention hashtag" rel="nofollow noopener" target="_blank">#telco</a> laws i.e. <a href="https://mstdn.social/tags/LawfulInterception" class="mention hashtag" rel="nofollow noopener" target="_blank">#LawfulInterception</a>.Espechally since they have <a href="https://mstdn.social/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> aka. <a href="https://mstdn.social/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#PhoneNumbers</a> that makes it trivial to track users and comply with any "duely issued <a href="https://mstdn.social/tags/subopena" class="mention hashtag" rel="nofollow noopener" target="_blank">#subopena</a>"...Whereas good providers never have that PII at all and never store or collect any.

Recent searches

Search options

Administered by:

Server stats:

#subopena