Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.ml/@Xeniax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Xeniax</span></a></span> All attacks on <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> are illicit and illegitimate per definition, and merely appealing at authorities is not gonna work.</p><ul><li>Instead <em>encrypt harder</em> by using <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a></em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> [i.e. <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME & <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>), <a href="https://infosec.space/tags/decentralize" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralize</span></a> and use <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> to <em>normalize</em> proper <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>! </li></ul><p>Anything else is <em>undue leniency</em> in the face of <a href="https://infosec.space/tags/Cyberfacism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberfacism</span></a>!</p>
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.
Administered by:
Server stats:
273active users
toad.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#pgp
3 posts · 3 participants · 0 posts today
Marcus Adams<p>Doing some upgrades earlier and came across this note in the changelog for <a href="https://mastodon.social/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Debian</span></a> 13. Explains why they moved to Sequoia for certain tasks.</p><p><a href="https://mastodon.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://mastodon.social/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a> <a href="https://mastodon.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a></p>
The New Oil<p>What Is Pretty Good <a href="https://mastodon.thenewoil.org/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> (<a href="https://mastodon.thenewoil.org/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>)?</p><p><a href="https://hushed.com/what-is-pretty-good-privacy/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hushed.com/what-is-pretty-good</span><span class="invisible">-privacy/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/guide" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>guide</span></a> <a href="https://mastodon.thenewoil.org/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a></p>
nemo™ 🇺🇦<p>It Just Keeps Getting Worse...<br><a href="https://mas.to/tags/someordinarygamers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>someordinarygamers</span></a> <a href="https://mas.to/tags/yt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yt</span></a> <a href="https://mas.to/tags/sog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sog</span></a> ❤️❤️❤️ <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mas.to/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>foss</span></a> <a href="https://mas.to/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://mas.to/tags/chatcontrol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>chatcontrol</span></a> </p><p><a href="https://www.youtube.com/watch?v=6snvxm187w0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=6snvxm187w0</span><span class="invisible"></span></a></p><p>Proxy Link.:</p><p><a href="https://inv.nadeko.net/watch?v=6snvxm187w0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">inv.nadeko.net/watch?v=6snvxm1</span><span class="invisible">87w0</span></a></p><p>Btw, fckNikandros is a low-life scum who is an ID verification and intercensorship apologist. Fck you🖕 Go smear your own name…<br>And enjoy a tasty Atretochoana eiselti on ice… 🐍</p>
Lapo Luchini… and yes, I was carefully moving my mouse and keyboard while generating <a href="https://f.lapo.it/search?tag=RSA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSA</span></a> private keys using <a href="https://f.lapo.it/search?tag=PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> 2.6 back in the days… thankfully we're not anymore in those days. 😈<br>(<a href="https://f.lapo.it/search?tag=amarcord%29" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>amarcord)</span></a>
Simon Brooke<p><span class="h-card" translate="no"><a href="https://social.treehouse.systems/@valpackett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>valpackett</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@hazelweakly" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>hazelweakly</span></a></span> it was hoped that <a href="https://mastodon.scot/tags/pgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pgp</span></a>/ <a href="https://mastodon.scot/tags/gpg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gpg</span></a> would allow the development of 'Webs of Trust' which could be a key building block for this idea, but so far no one has built a user interface which would make that accessible to most people.</p><p>That UI is a hard problem to solve well, but some mashup between <a href="https://mastodon.scot/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ActivityPub</span></a> and a web of trust -- a <a href="https://mastodon.scot/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mastodon</span></a>-like system where all posts are encrypted but all posts by people who trusted you are decryptable -- is possible.</p><p><a href="https://en.wikipedia.org/wiki/Web_of_trust" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.wikipedia.org/wiki/Web_of_t</span><span class="invisible">rust</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@Linux_in_a_Bit" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Linux_in_a_Bit</span></a></span> <a href="https://infosec.space/tags/ToldYaSo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ToldYaSo</span></a> that <a href="https://infosec.space/tags/Matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Matrix</span></a> is a shitshow.</p><ul><li>I'd rather use <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME over <a href="https://ntfy.sh" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ntfy.sh</span><span class="invisible"></span></a> than that…</li></ul><p>Use <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>!</p>
Ruben ~ Kedara.eu<p>I'm testing mailbox.org as a private mail service. Currently, I'm using Tuta, which is great, but I really miss the ability to use custom email clients via IMAP and can settle for a bit less security.<br><br>I've generated <a href="https://kedara.social/tags/pgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> keys on my own and have only imported the public key into "mail guard" and "inbox guard". From my testing, incoming (unencrypted) mails are indeed automatically encrypted with my public key.<br><br>But two things are not yet fully clear to me:<br><br>1. Is it possible to search the (encrypted) body text using <a href="https://kedara.social/tags/thunderbird" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Thunderbird</span></a>? If not, what other program could you recommend for Linux (and possibly android)?<br><br>2. All received mail is encrypted using my public key by mailbox.org as soon as they've received it. Is it possible to do the same for the copy in the "Sent" folder, for mails that are otherwise sent unencrypted?<br><br>I hope there are <a href="https://kedara.social/tags/mailbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mailbox</span></a>.org users or other PGP veterans here, who are willing to help me out 😊<br><br><a href="https://kedara.social/tags/mail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mail</span></a> <a href="https://kedara.social/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://kedara.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
Alec Muffett<p>1995: Story Claims PGP Used to Cloak Net Pedophiles | CNET | banning VPNs would be like pissing against the wind…<br><a href="https://alecmuffett.com/article/113880" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">alecmuffett.com/article/113880</span><span class="invisible"></span></a><br><a href="https://mastodon.social/tags/EndToEndEncryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndToEndEncryption</span></a> <a href="https://mastodon.social/tags/OnlineSafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnlineSafety</span></a> <a href="https://mastodon.social/tags/OnlineSafetyAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnlineSafetyAct</span></a> <a href="https://mastodon.social/tags/WireGuard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WireGuard</span></a> <a href="https://mastodon.social/tags/aws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aws</span></a> <a href="https://mastodon.social/tags/censorship" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>censorship</span></a> <a href="https://mastodon.social/tags/ofcom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ofcom</span></a> <a href="https://mastodon.social/tags/pgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pgp</span></a> <a href="https://mastodon.social/tags/vpn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpn</span></a></p>
Bruce Walzer 🇨🇦<p><span class="h-card" translate="no"><a href="https://mastodon.social/@gerowen" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gerowen</span></a></span> I guess the Debian switch to Sequoia <a href="https://mstdn.ca/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> is OK as long as V6 signatures don't end up sneaking in there. That would make such signatures unusable for implementations conforming to the well established RFC4880 and LibePGP.</p>
Archos :distros_arch: :matrix:<p>🔐💬 Zajímá mě názor ostatních:<br>Používáte ještě e-mail s PGP?<br>Osobně mám klíče na YubiKeyu, používám je na Git podpisy a trochu souborů, ale u e-mailu si už nejsem jistý, jestli to vůbec někdo na druhé straně ještě čte/umí.</p><p>Budu rád za vaše zkušenosti ✉️🛡️</p><p><a href="https://mastodon.arch-linux.cz/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://mastodon.arch-linux.cz/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a> <a href="https://mastodon.arch-linux.cz/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.arch-linux.cz/tags/email" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>email</span></a> <a href="https://mastodon.arch-linux.cz/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.arch-linux.cz/tags/fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fediverse</span></a> <a href="https://mastodon.arch-linux.cz/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a></p>
Marcus Adams<p>apt now uses <a href="https://mastodon.social/tags/Sequoia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sequoia</span></a> <a href="https://mastodon.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> to verify signatures.</p>
Lorry<p>I am waiting for <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> to get good enough to work out my <a href="https://infosec.exchange/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> passphrases for the last 30 years.</p><p>They are only going to be a combination of about 50 words with various capitalisations and probably few filler words.</p><p>I don't need them, it just bugs me that without fail, I will forget any PGP <a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> I set within a year of doing it, and I have piles of the bloody things. Next time I will just backup one with no <a href="https://infosec.exchange/tags/passphrase" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passphrase</span></a> too. </p><p><a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/sucks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sucks</span></a> ... Oh, wait, that might be one of the early <a href="https://infosec.exchange/tags/keys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keys</span></a>!</p>
Enrique Barcelli<p>Tired of renewing S/MIME certificates through third parties.<br>Going back to GnuPG as the default and primary way of signing and encrypting my email.<br>You can find my public key in any public keyserver such as <a href="https://keyserver.ubuntu.com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keyserver.ubuntu.com/</span><span class="invisible"></span></a></p><p><a href="https://acc4e.com/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://acc4e.com/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a> <a href="https://acc4e.com/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a></p>
Computertruhe e. V.<p>Stimmt doch bitte alle mal diesen Feature Request für <a href="https://social.computertruhe.de/tags/GLPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GLPI</span></a> ab. <a href="https://social.computertruhe.de/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a>-Support innerhalb des Ticketsystems wäre eine wahnsinnig hilfreiche Sache.</p><p><a href="https://glpi.userecho.com/communities/1/topics/886-please-add-pgp-support" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">glpi.userecho.com/communities/</span><span class="invisible">1/topics/886-please-add-pgp-support</span></a></p><p><a href="https://social.computertruhe.de/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://social.computertruhe.de/tags/Verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Verschlüsselung</span></a></p>
Gemischtwahnladen<p>Wollte grad (nach Jahren) mal wieder ne <a href="https://punkstodon.de/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>-Verschlüsselung für meine Mails einrichten. Nun hat <a href="https://punkstodon.de/tags/Thunderbird" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Thunderbird</span></a> ja inzwischen <a href="https://punkstodon.de/tags/GNUPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNUPG</span></a> und das sieht ja auch alles ganz toll aus, aber was mich als alter <a href="https://punkstodon.de/tags/Enigmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enigmail</span></a> User irritiert, ist das Ding mit der (fehlenden) Passphrase. Also wie ich das verstehe wird die ja (für alle Mailaccounts!?) ersetzt durch das Thunderbird-Masterpasswort. So weit so naja... Aber würde die Mails auch weiterhin gern auffm Handy abrufen (<a href="https://punkstodon.de/tags/K9" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>K9</span></a>). Da gibts dann n Addon, soweit hab ich das schon gesehen, aber ist dann das Masterpasswort auch da meine Passphrase? Danke schonmal für Tipps...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@whynothugo" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>whynothugo</span></a></span> interesting...</p><p>Maybe <span class="h-card" translate="no"><a href="https://social.nitrokey.com/@nitrokey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nitrokey</span></a></span> can hint at things...</p><p>As for <a href="https://infosec.space/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a> backups, frontends like <a href="https://infosec.space/tags/Kleopatra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kleopatra</span></a> allow exporting all the keys and settings.</p><ul><li>However you should only fiddle with the keyring of a user, never with a system and on some systems like <a href="https://infosec.space/tags/macOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>macOS</span></a> deleting the <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> Keyring will brick the login for the user in question.</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@whynothugo" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>whynothugo</span></a></span> consider using <a href="https://infosec.space/tags/enc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>enc</span></a> instead, which allows you to use <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> keys like <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a>...</p><p><a href="https://github.com/life4/enc/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/life4/enc/</span><span class="invisible"></span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@OhMyGod" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>OhMyGod</span></a></span> Remember: <em>ANY "<a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a>" in terms of <a href="https://infosec.space/tags/Messenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Messenger</span></a>| <a href="https://infosec.space/tags/Apps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apps</span></a> IS the <a href="https://infosec.space/tags/IllicitActivity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IllicitActivity</span></a>!</em></p><p>Regardless if <span class="h-card" translate="no"><a href="https://mastodon.matrix.org/@matrix" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>matrix</span></a></span> or <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> , the sheer request, demand or coercion onto <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> or <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMail</span></a>-Address <em>is</em> bad.</p><ul><li>If providers like <span class="h-card" translate="no"><a href="https://mastodon.online/@mullvadnet" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mullvadnet</span></a></span> can do a <a href="https://infosec.space/tags/VPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VPN</span></a> without any PII <em>and</em> can offer their Service via <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> and host their Website as <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a>, then there's no good reason for others not to do the same.</li></ul><p>Personally, I'll recommend to switch to some <em>real <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a></em> with good <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> options like <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> [which uses <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME) or <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> (which is based upon <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> and who do host their own servers which are user-financed and can be paid for 100% anonymously.</p><p><span class="h-card" translate="no"><a href="https://social.bund.de/@bfdi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bfdi</span></a></span> <span class="h-card" translate="no"><a href="https://social.tchncs.de/@kuketzblog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kuketzblog</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@netzpolitik_feed" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>netzpolitik_feed</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@ccc" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ccc</span></a></span> <span class="h-card" translate="no"><a href="https://social.heise.de/@heiseonline" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>heiseonline</span></a></span></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@artfulmodder" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>artfulmodder</span></a></span> last time I checked <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> still demanded <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in.the form of a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a>, still peddled the <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileCoin</span></a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a> and didn't move out of the <a href="https://infosec.space/tags/Cyberfacist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberfacist</span></a> <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a> despite <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> being nothing new!</p><ul><li>Not to mention <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> is both able and willing to discriminate against users based off said PII. Just because they do it for <em>"<a href="https://infosec.space/tags/Sanctions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sanctions</span></a> <a href="https://infosec.space/tags/Compliance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Compliance</span></a>"</em> diesn't mean they ain't gonna change that nor that <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> (or anyone else at Signal) could be bribed or threatened to do so.</li></ul><p>They are <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> and are thus a <a href="https://infosec.space/tags/SinglePointOfFailure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SinglePointOfFailure</span></a> per design!</p><ul><li>Unlike <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> (which is <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME in a different UI) or <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> (which you can use via <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> and connect to a Server that is an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a>.</li></ul><p>IMHO <em>"memory tagging"</em> is the least of Signal's problems. To me they stench <em>"<a href="https://infosec.space/tags/ControlledOpposition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ControlledOpposition</span></a>"</em> just as hard as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> and <em>incompetence</em> as hard as <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a>!</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload