toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

281
active users

#onionservice

0 posts0 participants0 posts today
OMG 🇪🇺 🇺🇦 :linux:<p><span class="h-card" translate="no"><a href="https://infosec.space/@kkarhan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kkarhan</span></a></span><br>Hab ich schon einmal angeregt.</p><p>Direktvertrieb mit Gehaltsband ohne überflüssige Recruiter, die eh nur lügen.</p><p>Und einer der Stelle repräsentativ entsprechenden Person. Azubis und Berufsanfänger, die noch zu Hause wohnen und nebenbei studieren sind eher ungeeignet, eine längere Karriere zu überblicken.</p><p>Bei den harten Auflagen schafft aber ohne Umschulung niemand, was zu posten.😃</p><p><a href="https://infosec.exchange/tags/WasFehlt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WasFehlt</span></a> <a href="https://infosec.exchange/tags/Stellenmarkt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Stellenmarkt</span></a> <a href="https://infosec.exchange/tags/Bullshit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bullshit</span></a> <a href="https://infosec.exchange/tags/Gehaltstransparenz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gehaltstransparenz</span></a> <a href="https://infosec.exchange/tags/Filler" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Filler</span></a> <a href="https://infosec.exchange/tags/Arbeitszeiten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arbeitszeiten</span></a> <a href="https://infosec.exchange/tags/Arbeitsort" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arbeitsort</span></a> <a href="https://infosec.exchange/tags/Vertragsart" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vertragsart</span></a> <a href="https://infosec.exchange/tags/Gehalt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gehalt</span></a> <a href="https://infosec.exchange/tags/Bewertungen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bewertungen</span></a> <a href="https://infosec.exchange/tags/KI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KI</span></a> <a href="https://infosec.exchange/tags/ChatBots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ChatBots</span></a> <a href="https://infosec.exchange/tags/BotAccounts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BotAccounts</span></a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spam</span></a> <a href="https://infosec.exchange/tags/Werbung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Werbung</span></a> <a href="https://infosec.exchange/tags/Moderatoren" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Moderatoren</span></a> <a href="https://infosec.exchange/tags/Meldungen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meldungen</span></a> <a href="https://infosec.exchange/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JavaScript</span></a> <a href="https://infosec.exchange/tags/Cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cookies</span></a> <a href="https://infosec.exchange/tags/Tracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tracking</span></a> <a href="https://infosec.exchange/tags/Kontaktdaten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kontaktdaten</span></a> <a href="https://infosec.exchange/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> <a href="https://infosec.exchange/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> <a href="https://infosec.exchange/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a> <a href="https://infosec.exchange/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> <a href="https://infosec.exchange/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a> <a href="https://infosec.exchange/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> <a href="https://infosec.exchange/tags/Chat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chat</span></a> <a href="https://infosec.exchange/tags/WebCall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebCall</span></a> <a href="https://infosec.exchange/tags/Bewerbungsgespr%C3%A4che" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bewerbungsgespräche</span></a> <a href="https://infosec.exchange/tags/BuzzwordBingo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BuzzwordBingo</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.coop/@lukeshu" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lukeshu</span></a></span> So I guess <a href="https://infosec.space/tags/Anubis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Anubis</span></a> has an explicit exception to handle <a href="https://infosec.space/tags/Lynx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lynx</span></a> and will instead rely on rate-limits and other static means to detect <a href="https://infosec.space/tags/scrapers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scrapers</span></a> and handle with <a href="https://infosec.space/tags/UserAgent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UserAgent</span></a> <a href="https://infosec.space/tags/abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>abuse</span></a> cases, like <a href="https://infosec.space/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a>-style autobanning of violating IPs...</p><ul><li>This makes sense for a <a href="https://infosec.space/tags/WAF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WAF</span></a> like Anubis and would've been the only viable option I'm aware of.</li></ul><p>I wounder if anyone has tried using Anubis on <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> to protect <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a>|s since that would be a reasonable application for it as well.</p>
dexternemrod<p><a href="https://troet.cafe/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> is mainly known for the anonymity it provides, but the <a href="https://troet.cafe/tags/onionservice" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>onionservice</span></a> is also awesome for easy networking and <a href="https://troet.cafe/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> I just made my <a href="https://troet.cafe/tags/yacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yacy</span></a> instance accessible via a .onion-addresse in about 10 Minutes.</p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> is awesome! <span class="h-card" translate="no"><a href="https://sigmoid.social/@orbiterlab" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>orbiterlab</span></a></span></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://friend.camp/@ranjit" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ranjit</span></a></span> yes!</p><ul><li>And I'd love to copy that for a machine that checks <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> availability on <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a>...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fe.disroot.org/users/woffs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>woffs</span></a></span> <span class="h-card" translate="no"><a href="https://climatejustice.social/@stefanmuelller" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>stefanmuelller</span></a></span> wenn die von <span class="h-card" translate="no"><a href="https://mastodon.social/@tazgetroete" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tazgetroete</span></a></span> ist werd' ich die in meine <a href="https://github.com/greyhat-academy/lists.d/blob/main/onion.domains.list.tsv" rel="nofollow noopener noreferrer" target="_blank">Liste</a> an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a>|s packen...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://climatejustice.social/@stefanmuelller" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>stefanmuelller</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@tazgetroete" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tazgetroete</span></a></span> was ich hoffe: <a href="https://infosec.space/tags/taz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>taz</span></a> macht nen <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> auf und verweigert sich <a href="https://infosec.space/tags/Schutzgelderpressern" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Schutzgelderpressern</span></a> wie <a href="https://infosec.space/tags/ClownFlare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ClownFlare</span></a> weiterhin!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hear-me.social/@debby" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>debby</span></a></span> that assumes <span class="h-card" translate="no"><a href="https://mastodon.social/@protonprivacy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>protonprivacy</span></a></span> actually cares about <a href="https://infosec.space/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privacy</span></a>, which they <a href="https://www.youtube.com/watch?v=QCx_G_R0UmQ" rel="nofollow noopener noreferrer" target="_blank">evidently</a> <a href="https://www.youtube.com/watch?v=IeXaYR4ed9c" rel="nofollow noopener noreferrer" target="_blank">don't</a>, cuz otherwise they'd never even <a href="https://infosec.space/tags/log" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>log</span></a> or <a href="https://infosec.space/tags/request" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>request</span></a> any <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> to begin with and instead offer their Services via <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> as <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a>…</p><ul><li>Not to mention they fuck around with customers' <a href="https://infosec.space/tags/eMails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMails</span></a>, thus having prevented people from contributing to the <a href="https://infosec.space/tags/LKML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LKML</span></a> in the past...</li></ul><p>To me <a href="https://hear-me.social/@debby/114075194499417075" rel="nofollow noopener noreferrer" target="_blank">this</a> isn't a big loss, but a <em>conditionless surrender</em> in favour of <em>better competitiors</em> like <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> and even <span class="h-card" translate="no"><a href="https://mstdn.social/@Stuxhost" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Stuxhost</span></a></span> for that matter...</p>
Kevin Karhan :verified:<p>Still no <a href="https://infosec.space/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> fan but <span class="h-card" translate="no"><a href="https://mas.to/@airvpn" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>airvpn</span></a></span> / <a href="https://infosec.space/tags/AirVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AirVPN</span></a> at least has a purpose given they have an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> at: <a href="http://airvpn3epnw2fnsbx5x2ppzjs6vxtdarldas7wjyqvhscj7x43fxylqd.onion" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">airvpn3epnw2fnsbx5x2ppzjs6vxtd</span><span class="invisible">arldas7wjyqvhscj7x43fxylqd.onion</span></a></p><ul><li>Circumvent <a href="https://infosec.space/tags/DontBlockTor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DontBlockTor</span></a>-blockades and provide an alternative <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> <a href="https://infosec.space/tags/ExitNode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ExitNode</span></a>...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@pixelcode" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pixelcode</span></a></span> <span class="h-card" translate="no"><a href="https://fedi.feministwiki.org/users/taylan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>taylan</span></a></span> Your <a href="https://social.tchncs.de/@pixelcode/114232945195514403" rel="nofollow noopener noreferrer" target="_blank">nonchalant <em>"So what?"</em></a> gets people publicly murdered by the state in many juristictions...</p><ul><li>Which is why there is no substitute to teaching proper <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechLiteracy</span></a> ffs!</li></ul><p>If things were so easy as in <em>"JuSt UsE sIgNaL!"</em> then <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> would be shut down.</p><ul><li>Or do you really think that in a world where multi-year long sting ops like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a> / <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationIronside</span></a> / <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationTrøjanShield</span></a> get greenlit that <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> would risk dying of old age in jail for non-paying users?</li></ul><p>If you do think so then you should really get some professional help, cuz you seem rather lost...</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> doesn't even bother to have an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a>, much less to provide means to use their service without self-doxxing with a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a>, which at best is pseudonymous and requires money to attain and maintain... </li></ul><p>It's <a href="https://infosec.space/tags/centralization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralization</span></a> is an absolute nightmare and mist be deemed as criminally neglectful!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@Andromxda" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Andromxda</span></a></span> <span class="h-card" translate="no"><a href="https://social.tchncs.de/@pixelcode" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pixelcode</span></a></span> How can you <a href="https://infosec.exchange/@Andromxda/114232892557687415" rel="nofollow noopener noreferrer" target="_blank">claim something you can't evidence</a>?</p><ul><li>Pretty shure if it's not <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> themselves, then their centralized architecture and unwillingness to even have an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> on <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> makes it trivial to pull a <a href="https://infosec.space/tags/Room641A" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Room641A</span></a> on them.</li></ul><p>It makes you look like one of those folks <a href="https://www.youtube.com/watch?v=G1thc5DSHwA" rel="nofollow noopener noreferrer" target="_blank">shilling</a> <a href="https://infosec.space/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a>|s that <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">ain't logless after all</a>...</p><ul><li>I don't believe in <a href="https://infosec.space/tags/marketing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>marketing</span></a> <a href="https://infosec.space/tags/lies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lies</span></a> and <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> can't (and won't) be able to evidence that they don't log shit.</li></ul><p>At least they should be honest about things and not claim bs, cuz demanding a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> is <em>just <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KYC</span></a> with extra steps</em> like demanding any <a href="https://infosec.space/tags/SSN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSN</span></a> or other <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a>. Makes them look like chinese MMORPGs that demand ID card numbers for account signups, thus <a href="https://infosec.space/tags/paywalling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>paywalling</span></a> the ability to use their service anonymously...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> It's not <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>disinfo</span></a> when one points out that you demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> aka. <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> from Users and that is literally a architectural vulnerability, alongside your <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a> &amp; <a href="https://infosec.space/tags/Centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Centralized</span></a> <a href="https://infosec.space/tags/Infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infrastructure</span></a>.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> being a <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> <a href="https://infosec.space/tags/Solution" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Solution</span></a> is literally the reason why I consider it <a href="https://infosec.space/tags/insecure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>insecure</span></a>.</li></ul><p>Not to mention the lack of <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> support with an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> or the willingness to fulfill <a href="https://infosec.space/tags/cyberfacist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberfacist</span></a> <em>"Embargoes"</em> or shilling a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> named <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a>!</p><ul><li><a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KYC</span></a> <em>is</em> the illicit activity!!!</li></ul><p>And don't get me started on the <a href="https://infosec.space/tags/cyberfacism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberfacism</span></a> that is <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a>.</p><ul><li>If you were secure, criminals would've used your platform so hard, it would've been shutdown like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncroChat</span></a> and <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SkyECC</span></a>.</li></ul><p>I may nit have allvthe.evidence yet, but <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> stenches like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a>: <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Honeypot</span></a>-esque!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.glitched.systems/@froge" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>froge</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.net2o.de/@forthy42" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>forthy42</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fj</span></a></span> to me, <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> being centralized and not even doing tue absolute minimum of supporting <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> and having at least an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> as <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a>-Endpoint makes them <a href="https://infosec.space/tags/UsefulIdiots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UsefulIdiots</span></a>.</p><p>It's several things like that that rubvme the wrong way and that make it uncomfortable.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.io/@ckrypto" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ckrypto</span></a></span> if@signalapp@mastodon.world wasn't complying with <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a>, <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> would be in jail.</p><p>Not to mention even <em>if</em> Signal keeps their <em>"<a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a>"</em> code updated - which is <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M&amp;t=887s" rel="nofollow noopener noreferrer" target="_blank">doubtful</a>, <em>NOONE</em> can actually <a href="https://infosec.space/tags/verify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>verify</span></a> that it's the code you actually use - regardless if <a href="https://infosec.space/tags/backend" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backend</span></a> / <a href="https://infosec.space/tags/Server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Server</span></a> or <a href="https://infosec.space/tags/client" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>client</span></a> / <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>App</span></a>! </p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> is as secure as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a>, otherwise it would've been shutdown ages ago.</li></ul><p>Also if Signal was designed for <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a>, it would've been <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>decentralized</span></a> as <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> and not demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> which oftentimes cannot be obtained anonymously in many juristictions <em>at all</em>!</p><ul><li>Only <a href="https://infosec.space/tags/MultiVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiVendor</span></a> &amp; <a href="https://infosec.space/tags/MultiProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiProvider</span></a> standards can be secure, regardless if OMEMO or <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME. </li></ul><p>By comparison, <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>delta</span></a></span> doesn't require any PII, only an <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a> account, and <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> isn't a <a href="https://infosec.space/tags/VCmoneyBurningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VCmoneyBurningParty</span></a> but sustainable due to <a href="https://infosec.space/tags/subscription" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>subscription</span></a> and they don't even require any personal details for <a href="https://infosec.space/tags/payment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>payment</span></a>: <a href="https://infosec.space/tags/CashByMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CashByMail</span></a> and <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Monero</span></a> are accepted.</p><ul><li>Not to mention neither <a href="https://infosec.space/tags/DeltaChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeltaChat</span></a> nor <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>monoclesChat</span></a> are <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M&amp;t=424s" rel="nofollow noopener noreferrer" target="_blank">pandering</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scams</span></a> like <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a> that <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">don't work</a> even for <a href="https://infosec.space/tags/TechLiterate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechLiterate</span></a> <a href="https://infosec.space/tags/CryptoBros" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoBros</span></a>! </li></ul> <p>Again: It's Signal alone who have to evidence they are trustworthy, and all I get are <em>"<a href="https://infosec.space/tags/TrustMeBro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TrustMeBro</span></a>!"</em> replies, which means they are not to be trusted.</p><ul><li>Not to mention, it's just not sustainable to run a <a href="https://infosec.space/tags/service" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>service</span></a> without <a href="https://infosec.space/tags/revenue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>revenue</span></a>, even if it's run entirely by unpaid volunteers and gets all it's <a href="https://infosec.space/tags/hosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hosting</span></a> and <a href="https://infosec.space/tags/costs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>costs</span></a> donated, someone has to pay for expenses due to <a href="https://infosec.space/tags/abuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>abuse</span></a> of a service (which is an inevitability come mass adoption)...</li></ul><p>Whereas with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a> I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.</p><ul><li>Signal as a <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> &amp; <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> service is inevitable vulnerable to <a href="https://infosec.space/tags/RubberhoseCryptoanalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RubberhoseCryptoanalysis</span></a>, and <a href="https://infosec.space/tags/Meredith" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meredith</span></a> <em>will break</em> if not doing so means <a href="https://web.archive.org/web/20210226175949/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">jail for life until she does</a>!</li></ul><p>Whereas with XMPP &amp; PGP/MIME <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a> I can layer <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> over it, make it an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> and keep that thing under my bed with a <a href="https://www.youtube.com/watch?v=F59iKSrx63c&amp;list=PL2YepVFF1azEYo0c0HdYwykbp_AXchaIp" rel="nofollow noopener noreferrer" target="_blank">literal killswitch</a>...</p>
qbi<p>Traurige Nachrichten:</p><p>Die <span class="h-card" translate="no"><a href="https://press.coop/@nytimes" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nytimes</span></a></span> hat deren <a href="https://freie-re.de/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> Onion Service deaktiviert.<br><a href="https://open.nytimes.com/https-open-nytimes-com-the-new-york-times-as-a-tor-onion-service-e0d0b67b7482" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">open.nytimes.com/https-open-ny</span><span class="invisible">times-com-the-new-york-times-as-a-tor-onion-service-e0d0b67b7482</span></a></p><p><a href="https://freie-re.de/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> <a href="https://freie-re.de/tags/HiddenService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HiddenService</span></a> <a href="https://freie-re.de/tags/Darknet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Darknet</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.space/@CppGuy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>CppGuy</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@fesshole" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fesshole</span></a></span> the only thibg you can do is force Google to nuke history and take it as lession to use <a href="https://infosec.space/tags/DuckDuckGo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DuckDuckGo</span></a>'s <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> on <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> instead.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@Natanox" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Natanox</span></a></span> <span class="h-card" translate="no"><a href="https://anonsys.net/profile/ccc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ccc@anonsys.net</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@chaosupdates" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>chaosupdates</span></a></span> <span class="h-card" translate="no"><a href="https://social.bau-ha.us/@CCC" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>CCC@social.bau-ha.us</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@ccc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ccc@chaos.social</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@ccchh" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ccchh</span></a></span> leider ist <code>m2ylflyeak6i6o4hsfwcrfwcq2bbjxk6nf2rnmm7fu6qiuu3hybenzid.onion</code> / <a href="http://jabber.ccc.de" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">jabber.ccc.de</span><span class="invisible"></span></a> <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> <em>immernoch</em> down!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@truls46" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>truls46</span></a></span> <em><a href="https://infosec.space/tags/facehoof" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>facehoof</span></a></em></p><ul><li>Deshalb schaut mensch vorher sich um.</li></ul><p>Ich <a href="https://github.com/greyhat-academy/lists.d/blob/main/xmpp.servers.list.tsv" rel="nofollow noopener noreferrer" target="_blank">empfehle nur Server die ich selbst getestet habe</a>, außerdem hilft <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> &amp; <span class="h-card" translate="no"><a href="https://social.librem.one/@guardianproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>guardianproject</span></a></span> / <a href="https://infosec.space/tags/Orbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Orbot</span></a> dabei, diese idealerweise als <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> zu erreichen.</p><ul><li>Wo keine <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> wie <a href="https://infosec.space/tags/Telefonnummer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Telefonnummer</span></a> oder <a href="https://infosec.space/tags/IPs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IPs</span></a> verlangt, abgefragt, übermittelt oder gespeichert werden, können diese auch nicht ausgehändigt werden.</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@erebion" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>erebion</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.online/@inaruck" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>inaruck</span></a></span> genau das ist der Falsche Ansatz, da Threat Models sich ständig verschieben und nicht ausgegangen werden kann, dass es dabei bleibt.</p><ul><li>Das technisch sicherstmögliche auf verbreiteter Hardware &amp; Systemen ist und bleibt <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> über <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a>, idealerweise an einen <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a>, weil damit echte <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> echte <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a> machbar ist!</li></ul><p>Keine*r deloyed drölfzig Messenger oder migriert bedarfsweise User*innen umher.</p><ul><li>Anders als <a href="https://infosec.space/tags/zentralisiert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>zentralisiert</span></a>|e &amp; <a href="https://infosec.space/tags/propriet%C3%A4r" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietär</span></a>|e Systeme (egal ob <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a>, <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SkyECC</span></a>, <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a>, <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncroChat</span></a>, etc.) ist XMPP+OMEMO an sich sicher!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@erebion" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>erebion</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.online/@inaruck" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>inaruck</span></a></span> es gibt <a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" target="_blank">soviele Gründe</a> weshalb Mensch nicht <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> vertrauen sollte.</p><p>Aber um es nochnal klar zu erklären:</p><ul><li><p><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> verlangt <a href="https://infosec.space/tags/Telefonnummer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Telefonnummer</span></a> = <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> (Persönlich identifizierbare Informationen). [Und nein, sich irgendwo zwielichtig ne Nummer als Ausrede greift nicht!]</p></li><li><p>Signal ist zentralisiert &amp; <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> sowie <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a>!</p></li><li><p>Signal fällt wegen Sitz in den <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a> unter <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> = inhärent mit <a href="https://infosec.space/tags/DSGVO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DSGVO</span></a> &amp; <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BDSG</span></a> inkompatibel!</p></li><li><p>Signal erlaubt keine <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> aller Keys und ist deshalb für Einige Angriffsmethoden offen!</p></li></ul><p>Nur echte <a href="https://infosec.space/tags/Dezentralisierung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dezentralisierung</span></a> wie bei <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> kann <a href="https://infosec.space/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datenschutz</span></a>, <a href="https://infosec.space/tags/Informationssicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Informationssicherheit</span></a> und <a href="https://infosec.space/tags/Vertraulichkeit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vertraulichkeit</span></a> sicherstellen.</p><ul><li>Anders als Signal kann <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> nicht gegen Nutzer basierend auf Herkunft (<a href="https://infosec.space/tags/Rufnummer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rufnummer</span></a>!) diskriminieren und anders als Signal funktioniert XMPP+OMEMO problemlos über <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> und kann als <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> <em><a href="https://infosec.space/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosted</span></a></em> werden, für maximale <a href="https://infosec.space/tags/Privatsph%C3%A4re" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privatsphäre</span></a> und <a href="https://infosec.space/tags/Datenhoheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datenhoheit</span></a>!</li></ul><p>Die strukturellen Probleme von Signal machen es angesichts einer <em><a href="https://infosec.space/tags/gleichgeschaltet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gleichgeschaltet</span></a>|en <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a></em> ein absolut unnötiges <a href="https://infosec.space/tags/Risiko" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Risiko</span></a>, denn ich garantiere <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> wird für keine*n User*in lebenslange <a href="https://infosec.space/tags/Beugehaft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Beugehaft</span></a> riskieren!</p><ul><li>Genauso wie's <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">keine</a> <em>"<a href="https://infosec.space/tags/LoglessVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoglessVPN</span></a>|s"</em> gibt!</li></ul><p>Und <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> ist sehr wohl in der Lage <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a> - <a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Backdoors</span></a> zu integrieren, denn sonst wären die wegen <a href="https://infosec.space/tags/ITAR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITAR</span></a> bereits geknastet worden, weil diese <a href="https://infosec.space/tags/Nutzer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nutzer</span></a>*innen aus <a href="https://infosec.space/tags/Kuba" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kuba</span></a>, <a href="https://infosec.space/tags/Nordkorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nordkorea</span></a> und <a href="https://infosec.space/tags/Russland" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russland</span></a> haben!</p>
Kevin Karhan :verified:<p>Apparently, the <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnionService</span></a> for <code>jabber.ccc.de</code> (<code>m2ylflyeak6i6o4hsfwcrfwcq2bbjxk6nf2rnmm7fu6qiuu3hybenzid.onion</code>) is down again...</p><p><span class="h-card" translate="no"><a href="https://anonsys.net/profile/ccc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ccc@anonsys.net</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@chaosupdates" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>chaosupdates</span></a></span> <span class="h-card" translate="no"><a href="https://social.bau-ha.us/@CCC" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>CCC@social.bau-ha.us</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@ccc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ccc@chaos.social</span></a></span> <em><a href="https://infosec.space/tags/plzfix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>plzfix</span></a></em></p><p><a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a> <a href="https://infosec.space/tags/Jabber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Jabber</span></a> <a href="https://infosec.space/tags/Chat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chat</span></a> <a href="https://infosec.space/tags/CCC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCC</span></a></p>