Replied in thread
@erebion @pixelschubsi @inaruck Ja, weil das Teil soviele #Govware - #Backdoors hat dass es als unsicher gelten muss!
- Sonst wär's gem. #ITAR illegal...
Recent searches
Search options
Administered by:
#itar
0 posts0 participants0 posts today
@erebion @inaruck es gibt soviele Gründe weshalb Mensch nicht @signalapp vertrauen sollte.
Aber um es nochnal klar zu erklären:
#Signal verlangt #Telefonnummer = #PII (Persönlich identifizierbare Informationen). [Und nein, sich irgendwo zwielichtig ne Nummer als Ausrede greift nicht!]
Signal ist zentralisiert & #SingleVendor sowie #SingleProvider!
Signal fällt wegen Sitz in den #USA unter #CloudAct = inhärent mit #DSGVO & #BDSG inkompatibel!
Signal erlaubt keine #SelfCustody aller Keys und ist deshalb für Einige Angriffsmethoden offen!
Nur echte #Dezentralisierung wie bei #XMPP+#OMEMO kann #Datenschutz, #Informationssicherheit und #Vertraulichkeit sicherstellen.
- Anders als Signal kann @monocles nicht gegen Nutzer basierend auf Herkunft (#Rufnummer!) diskriminieren und anders als Signal funktioniert XMPP+OMEMO problemlos über @torproject / #Tor und kann als #OnionService #SelfHosted werden, für maximale #Privatsphäre und #Datenhoheit!
Die strukturellen Probleme von Signal machen es angesichts einer #gleichgeschaltet|en #USA ein absolut unnötiges #Risiko, denn ich garantiere @Mer__edith wird für keine*n User*in lebenslange #Beugehaft riskieren!
- Genauso wie's keine "#LoglessVPN|s" gibt!
Und #Signal ist sehr wohl in der Lage #Govware - #Backdoors zu integrieren, denn sonst wären die wegen #ITAR bereits geknastet worden, weil diese #Nutzer*innen aus #Kuba, #Nordkorea und #Russland haben!
Replied in thread
@lucasmz @Avitus @david_chisnall the benefit of #XMPP+#OMEMO is that there are several providers, including free options...
All #PII incl. #PhoneNumbers can and will be abused by existing governments and if users don't pay, then they are the product and their data is the one to be sold.
- #KYC IS THE #IllicitActivity WHEN IT COMES TO #ComSec!
After all, you have the same cost problem with phone numbers. Even if one doesn't pay per line/number and never pay for calls and texts, they still have to top it up to extent validity.
- And again: It's way easier for a government to demand an ID for a #SIM that works in networks around their country (i.e. #Turkey demands registration on a per-#IMEI - basis *with #ID) than to tunnel XMPP+OMEMO through @torproject over #EDGEland-speed #2G networks.
Plus you relying an unfixably insecure #Telephony makes a system inherently unsafer than it needs to be...
- This is how people get caught!
Also #Signal is able and willing to use said PII to restrict and ban users and if I were some dissident in Cuba or North Korea or even just Eritrea or Yemen I'd not rely on non-enforcement of #OFAC / #USML / #ITAR since Signal can obviously distinguish & identify accounts by virgue if their #PhoneNumber!
- Always think "How can this be weaponized against someone?" when it comes to #privacy!
GitHublists.d/xmpp.servers.list.tsv at main · greyhat-academy/lists.dList of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.
Replied in thread
@anelki cuz if #Signal and/or #WhatsApp actually had good encryption, they'd be shutdown due to #NonCompliance with #CloudAct and their staff would be jailed for #ITAR violations...
- Then again even if WhatsApp technically does #E2EE that doesn't mean it has to be good or secure.
If I use RSA-128 to generate the keys for AES-256 then it's technically E2EE but even the worst-equipped police force can read the comms basically in realtime!
@torybruno @ulalaunch As promised, here's a clip from one the new camera #VulcanRocket angles freshly cleared through #ITAR.
X (formerly Twitter)Tory Bruno (@torybruno) on XAs promised, here's a clip from one the new camera angles freshly cleared through ITAR.
@mysk that's because #Apple has introduced varios #Govware - #Backdoors in their products.
Otherwise it would be illegal to own, import, sell or use #iPhone|s and other Devices in the "P.R." #China, #Russia, #SaudiArabia / #KSA & #India and it would be illegal to #export #macOS & #iOS as per #ITAR!
Also #iCloud is evidently #backdoored on purpose: Otherwise they would.not have been able to serve their chinese users on a silver platter to Beijing!
Replied in thread
@cody The fact that #GAFAMs and other #Corporations that commited illegal #Espionage (#PRISM) and/or imtegrated #Govware #Backdoors (i.e. #DUAL_EC_DRBG) ain't #denylisted by @bsi for useage and/or procurement by the German Government and Public Institutions and banned from their premises and networks is undue leniency.
Or would @Bundesregierung literally expect anything but a blanket ban against entire German companies if they were to ship some #ITAR / #Wassenaar / #NPT "compliance check" in their systems when sold to the USA?
Not to mention the #NonCompliance of #Windows, #MicrosoftOffice, #Office365 / #Mcirosoft365, #GoogleDocs, etc. with #GDPR & #BDSG due to #CloudAct...
Replied in thread
@PC_Fluesterer Und wenn nicht wird wie im #Cyberfaschismis dann halt der "#Export" per #ITAR verboten, weil #SSL und #PGP sind pöse sicher... ^
Merke: Wenn's in den #RICS (#Russland, #Indien, "V.R." #China, #SaudiArabien) legal ist und aus den #USA exportiert wurde, dann nur weil's #Malware ist oder anderweitig dienlich ist.
Grundsätzlich haben alle entsprechenden #Govware-Integraten bei mir 3x solange #Hausverbot wie es dauert bis diese sich entschuldingen bzw. 2x solange wie's dauert bis die das Problem systemisch fixen.
Egal of #PRISM, #DUAL_EC_DRBG, oder was auch immer...
Replied in thread
@quincy @thomasjorgensen @lobingera @glynmoody in fact didn't they try countless times to force shit that noone wants onto people, from #Passkeys to removing the #URL to "#WebIntegrityFramework" aka. mandatory #ads that one can't disable...
Let's not forget #Google - like all #GAFAMs - was a #PRISM collaborator, is subject to #CliudAct and #ITAR and thus not only capable but able and willing beyond the legally mandated minimums to do so.
DON'T TRUST GOOGLE - or anyone!
@tayledras @noiq OFC #GDPR is good - #BDSG is better and harsher tho, but due to #CloudAct I can't trust any #hoster that operates #datacenters or is owned even in part from some company in the #USA.
https://en.wikipedia.org/wiki/CLOUD_Act
Because if the #US gov does one thing well it's #Cyberfacism. [See #ITAR & #CryptoWars]
https://en.wikipedia.org/wiki/Crypto_Wars
https://en.wikipedia.org/wiki/International_Traffic_in_Arms_Regulations#ITAR_and_information_technology
https://en.wikipedia.org/wiki/Wassenaar_Arrangement
en.wikipedia.orgCLOUD Act - Wikipedia
Replied in thread
@knittingknots2 Propably in line with #WassenaarArrangement and #ITAR...
Replied in thread
@grin @edri @euronews @signalapp @fdroidorg
If "just use #Signal" was a working strategy, it would be illegal around the globe and would've gotten hacked like #EncroChat...
Oh wait, #CloudAct means they'll already have to integrate #Govware #Backdoors and #ITAR means they can't "export" secure #cryptography.
Replied in thread
@rombat @adamhill #Windows not only was never safe, but with #ITAR, #_NSAKEY, #PRISM and #CloudAct it's obvious that #Microsoft can't be trusted.
If somebody says their #Windows10 or #Windows11 #Weather widget says it snows, I've to instinctly go outside or find an #earthTV or similar #Webcam feed to proove it wrong.
I don't trust #Microsoft further than I can piss straight up in the air lying flat on my back and not get wet!
https://www.youtube.com/watch?v=twq3SF8Yf-0&t=30s
(And yes that was a real TV ad's audio 1:1)
Replied in thread
@JamesBaker @signalapp @openrightsgroup
Personally, I think the time for pleas and petitions is over:
What is needed are fully #decentralized, #SelfHosting-capable and #FLOSS'd as well as "#E2EE by default" comms and the full rejection of any #Cyberfacism.
This inevitably must include #ITAR & #WassenaarArrangement as well as designing systems to be hardened against attacks including "#LawfulInterception"...
I really need to work more on the #PocketCrypto:
https://github.com/KBtechnologies/PocketCrypto
GitHubGitHub - KBtechnologies/PocketCrypto: An airgapped encryption/decryption device for off-grid communicationAn airgapped encryption/decryption device for off-grid communication - KBtechnologies/PocketCrypto
Replied in thread
@madargon Also everyone who's supporting or complying with #ITAR / #WassenaarArrangement and other #cyberfacist "Export Controls on Cryptography" is doing the exact same shit!
Because in the 21st century, effective #cryptography doesn't require some bulky appliance but is #code and the only ones being penalized are #civilians whereas #NorthKorea and #Iran OFC will have unrestricted access to technology.
Replied in thread
@tboss @digitalcourage @fdroidorg
5. Apple hält sich an #ITAR & #WassenaarArrangement und fördert damit den #cyberfaschistisch|en #StatusQuo!
6. Hör' auf meinen Intellekt zu beleidigen und nicht nur dich selbst zu belügen sowie dein #eskalierendesCommitment zu überteurter #Govware zu flexen...
https://swiss.social/@tboss/110641126000187823
swiss.socialThomas Boss (@tboss@swiss.social)@kkarhan@mstdn.social @digitalcourage@digitalcourage.social @fdroidorg@floss.social Dass Apple bei Prism dabei ist, ist nicht belegt. Und dass Apple nahezu alles in iCloud vor sich selbst verschlüsselt und dies weiter ausbaut ist such stark. Gegen den Willen der EU und der USA.
Replied in thread
@TheDoctor512
Ja, bspw. automatische Meldungen an die @bafa@social.bund.de bei Neufahrzeugkäufen sowie #ITAR/#Wassenaar - Bullshit oder Meldungen von Goldankäufen und -Verkäufen an die @BaFin ...
Replied in thread
@Nika2022 @kenji not to mention pushing for the #Hegemony in #Cyberspace aka. #NOBUS by literally restrictiong #Encryption.
#ITAR & #WassenaarArrangement are literal Crimes against Humanity!
Replied in thread
@autonomysolidarity #WasFehlt:
#Anti - #Govware - Aktion und konsequente Verweigerung von#Cyberfaschismus wie #ITAR & #WassenaarArrangement !
#KryptografieFürAlle!
https://mstdn.social/@kkarhan/110526494208683938
Mastodon 🐘Kevin Karhan :verified: (@kkarhan@mstdn.social)@khaleesicodes@eupolicy.social Was ich vorallem sehen will ist ne öffentliche Erklärung von #FLOSS und gern auch #CCSS - Projekten, konsequent sich jeder #Govware - #Backdoors zu verweigern egal unter welchem Vorwand...
So wie das #web0 - Manifesto von @aral@mastodon.ar.al ...