Even State Department-funded Human Rights Watch admits that authorities combine legal and illegal methods to obtain convictions: https://text.hrw.org/report/2018/01/09/dark-side/secret-origins-evidence-us-criminal-cases
Combining dragnet surveillance with device hacking is intended in the design of both tools. Hence, State Department-funded Signal dupes you into handing over your identity as part of the population-centric mapping. In custody, your phone will be hacked when it is taken away if it’s important.
https://xcancel.com/hannahcrileyy/status/2034273723667161480#m
I really don’t get the big “use signal” push at this point in time because even if it’s private and the encryption is solid, it’s a fucking American company. It’s so easy for letter agencies to get information on their users from them, don’t you realize that they can’t refuse to give out your number if they ask for it and that once they have that your identity and location are immediately and thoroughly compromised? If you are subject to US jurisdiction and could be seen in any way as opposing its government, I really don’t think you should be using it.
All giving out your number provides is that you have ever used Signal.
They’re saying ever using a private chat service is terrorism. That’s not really on Signal.
It’s not a company it’s a nonprofit foundation. And they’ve been audited many times by independent auditors.
Because its one of the only popular secure methods of communication thats app based.
Some people are very protective of Signal.
- Reason: Disinformation
- Reason: privacy rule #3: “Try to keep things on topic”
- Reason: Misinfo, alarmism
- Reason: This is harmful disinformation
Oh well if Dessalines says so it must be true
It’s davel
A reminder that your phone number is metadata. And people who think metadata is “just” data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a “person of interest” for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It’s a perfect filter: “Show me everyone paranoid enough to use crypto.” You’re basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that it operates using a centralized server located in the US should worry people far more than it seems to.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal’s intentions are pure, we’d never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
In theory warrant canaries could have been used, but Marlinspike has an excuse for everything.
yeah that makes the whole thing even more sketch, I love how he never replies to the EFF link too
This is total alarmist misinformation. The “evidence of terrorism” was not “using Signal” or “carrying a first aid kit”, it was taking part in an armed assault on an immigration facility where a dozen people set off fireworks and shot a police officer with an AR-15.
The prosecution used the presence of the first aid kit they carried during their armed assault, along with actual messages (not metadata) from a Signal chat to make the case that the attackers planned on using violence.
There are a lot of problems with this case, IMO the most dangerous part here is that adds legitimacy the (false) idea that “antifa” is an organization that exists. Something the Trump administration has been struggling to prove. This X post takes small details out of context.
-
Don’t trust anything ever posted to X. Especially something that discourages the use of private messaging apps.
-
I highly recommend everyone report this this post to your admins and strongly recommend all instance admins ban/warn accounts like OP. If we want the fediverse to catch on it needs to be more factual, not knee jer.
it was taking part in an armed assault on an immigration facility where a dozen people set off fireworks and shot a police officer with an AR-15.
based
Whoever they think did it They didn’t do it we were bowling together at that time
It’s true, I was the bowling pin
The prosecution used the presence of the first aid kit they carried
Insane bullshit.
I have a kit with me every day of my life, and I’ve had to refill it many times due to using it on others.
It would be pure coincidence that I happen to be carrying a first aid kit on any given day, and if I’m going to a peaceful protest I’m bringing my trauma kit because the entire fucking world knows how cops treat protesters.
I agree that bringing a first aid kit to a peaceful protest is not evidence that someone is planning violence.
I disagree that bringing a first aid kit along with explosives and assault weapons to a planned confrontation is evidence someone was attending a peaceful protest.
You completely dodged the actual question. Is a first aid kit evidence of planned terrorism?
I’m saying by focusing on the irrelevant first aid kit you are playing into the hands of those who seek to discourage the use of private messaging apps.
I agree. You are the one that made specific comments about what carrying a first aid kit means for evidence that are completely irrelevant to the trial.
you agree it’s a distraction but continue to bring it up 🤔
At this point you’re just trolling 🙄
They didn’t dodge anything. They answered your question quite clearly. The answer is context matters.
A first aid kit alone is not proof of that. The commentor did not claim that nor did the prosecution of the case. When taken in context with the other evidence and the actual actions they were able to use it as supporting evidence.
Now in my opinion their actions were based, but obviously illegal. If I were on the jury I would have let them walk, but that’s all beside the point.
The fact that anyone is even debating the (completely irrelevant) first aid kit means the disinformation campaign is working.
I don’t think it was a question, really
Thing is that there are actual privacy respecting messaging apps like SimpleX Chat. Signal isn’t one of them. It’s run by people associated with US intelligence, it’s hosted on a single server based in the US, and it actively harvests phone numbers. It’s incredible that people look at this and still claim it’s a private messaging app.
Thank you for this.
-
We’re supposed to take privacy advice from someone posting on X?
Surprised that they didn’t link straight to Telegram.
More anti-signal propaganda? Who is claiming it can’t be associated to a user. The messages are private, not anonymous.
It does use deniable encryption, but that stops working as a defense the second they take your phone and copy all logs from your device.
And large group chats relies on how well you can vet participants more than it relies on encryption itself, and if they’re too large they may as well not be encrypted.
What evidence do you have that Signal collects anything? Traffic logs from the app or something?
Signal doesn’t need to, you need to trust the whole chain. You’ll need to trust AWS, you need to trust Intel SGX, etc
At that point you can rely on nothing but Tor or I2P
Nothing else hides metadata better than Signal, without involving large networks of independent nodes that participate in Sybil resistant routing. The only thing that gets close is threshold schemes where you still need multiple independent entities running servers.
It uses a phone number.
Phone numbers havent been required for at least like a year or so
You can check if a number is registered with Signal just by having Signal and starting a chat with that number
Even if the number is set as hidden in settings?
They changed that. You can make yourself undiscoverable by just the number now
One reason to use Matrix on your own server.
Via a domain which you have to register with even more personal data.
Njalla
