US officials urge citizens to use encrypted messaging and calls wherever they can—here’s what you need to know.

Sorry I don’t give a shit tbh 🤣

@AnneVolin@lemmy.ml
link
fedilink
6
edit-2
16d

US 2010: “We’ve created and incentivised this gigantic drag net of information based on insecure protocols, private partnership deals, FISA court orders, and outright black budget illegality”

US 2024: “Pweeze use encrypted communication (that we have vendor relations with or that we have backdoors in or that we built as a honey pot) because China can see what’s happening in the drag net and they can leverage that information to compromise our idiot elites.”

I’ve been trying to get my wife to use signal for years and she. just. doesn’t. wanna. do. it.

Going back to the roots with the Finger Protocol.

Matt
link
fedilink
116d

AFAIK more people in the US use iPhones than Androids, but that is taken care of since iMessage is encrypted (correct me on this, I haven’t sent an iMessage to anyone since I got my SM-A536B).

I’m 100% not one of those “I have nothing to hide” people, but I don’t text about “things I want to hide” already FFS. In this case if the chinese gov or us gov really want to know about my plan to go get a costco hotdog with my friend later, fine, I don’t like it but also “whatever.” It’s not like I’m texting about federal crimes or government secrets, that’s what Matrix is for.

The only thing I don’t like is being forced to use texts for 2fa on shit websites that won’t except a yubikey (or flipper0-u2f, in my case) which seems to be most sites using 2fa ime.

“I have nothing to hide, I just question your judgement and motives.”

In a world entirely populated by empathetic, decent, and sane people we wouldn’t need much privacy. Unfortunately that’s not the world we live in. There are countless unstable, stupid, and evil people in the world – some of them are in positions of power or might achieve power in the future. They are absolutely the sort to weaponize “harmless” information against you.

Do you want those people to know your sexual preferences, political leanings, etc?

That’s the thing, I don’t really text about that stuff because texting is inherently insecure. Hell I’d sooner email about it if I can get someone set up with pgp than text, and email is insecure too.

But until someone can convince my mom, dad, aunt, job, etc to use Matrix, I’ll always have to use SMS in some capacity. I hope someone can, I’ve tried to no avail. I was close with a few using Signal but with the removal of sms support they stopped, and the iPhone ones barely used it a week before switching back because “they don’t want to have to use two apps” even before that because they still had to use imessage to talk to most of their contacts.

So yeah, I’m left with “don’t text about sensitive subjects.”

Just get an iPhone

– Tim Apple

@Zerush@lemmy.ml
link
fedilink
7
edit-2
17d

OK. then photos of steganographed kittens

Instructions ignored, sending spectrogram from Aaron Funk’s “Look”

Is this advice everyone should take, or just USA people?

So… they only warn people about how insecure texting is after someone else exploits it…

Abusive parents: “Only I get to beat my children!”

@Hirom@beehaw.org
link
fedilink
15
edit-2
17d

The mobile standard setter, GSMA, and Google have said encryption will be coming to RCS, but there’s no firm date yet.

GSMA, please don’t come up with yet another poorly designed encryption standard.

The IETF is already working on Messaging Layer Security (MLS), please work with IETF and adopt MLS. IETF have more experience and do a good job at designing secure protocols. And multiple organisations and services are already working on adapting MLS (Mozilla, Google, Matrix, Wire, …)

Who said the Encryption is allowed to be secure?

lattrommi
link
fedilink
1417d

Well, I’m stuck on a Verizon plan, so my SMS don’t send anyways.

If cyberterrorists really want to know who’s gonna be late to my D&D game and what food we’re having, I guess there’s no way we’re gonna stop 'em. I blame Kamala’s weak campaign.

I wonder what they would be saying if they’d been allowed to weaken encryption and back-door the fuck out of everything before the Salt Typhoon folks got involved.

unknown1234_5
link
fedilink
1018d

so, have you guys heard of matrix?

yeah, it’s cia

unknown1234_5
link
fedilink
518d

are you trying to say that matrix is run by the CIA?

The federated, foss software stacked network matrix. Right.

unknown1234_5
link
fedilink
617d

He’s either trolling or getting Matrix confused with MATRIX, a separate platform that got in trouble for supporting criminals.

You’ve been asked elsewhere in the thread, but I’m gonna ask again here anyway.

Source?

JustEnoughDucks
link
fedilink
10
edit-2
17d

https://www.securityweek.com/law-enforcement-read-criminals-messages-after-hacking-matrix-service/

https://thecyberwire.com/newsletters/daily-briefing/13/228

I think this is what they are referring to.

I saw a Lemmy thread about it, but the main takeaway is that it was a completely different program than what we know and love. It just happened to be named the same IIRC.

Edit: https://lemmy.world/post/22758570

Criminal matrix needed you to buy access for thousands of dollars, cool matrix is free and open to anyone. Technology isn’t even the same.

krolden
link
fedilink
417d

That’s not the same matrix

Hence why I said it

For posterity, I see that another place this person has been asked for a source is https://lemmy.world/comment/13801385

And then there is the kinds of people who cry about Signal dropping support for SMS.

capital
link
fedilink
617d

That’s kind of like if iMessage dropped SMS support. Yeah, I know if it’s a green bubble it’s not encrypted. But I wouldn’t want them to just not allow it.

I am one of those. I ditched Signal and went back to the stock sms app and adopted matrix. Haven’t looked back since. The reality is that Signal dropping support for sms wasn’t going to stop me from using SMS. For that, other people need to be convinced to stop using it at the same time. Signal didn’t have nearly the market size needed to make that happen. And now that card is played, and nothing has changed. Signal is just another messaging app among hundreds. At least matrix offers a real paradigm shift.

signal and matrix are both CIA. i’d say it’s worse for your privacy than using your standard messengers since they know that’s where all the juicy stuff is.

Matrix is Israeli so it is likely Mossad.

Per their website

The Matrix.org Foundation C.I.C is registered in the UK as Company #11648710

Afaik UK != Israel. Like sure they may work together, but I’m pretty sure they’re different countries, meaning Matrix is British, so it would be MI6. Of course, being that they’re

an open protocol for decentralised, secure communications,

I doubt it’s MI6 as well, and if it is find the back door in it for us all by having the open source code audited, please and thank you.

Btw this applies to “The Matrix Foundation,” they’re just the devs and run the largest instance, other instances (especially if you self host) are run by “not them” anyway.

No Matrix was invented by an Israeli company.

Matrixis an open-sourced protocol developed in 2014 by a team then working for Amdocs — an Israeli communication company. The standard is based on HTTP (to facilitate messages) and WebRTC (to facilitate voice calls). It works on a decentralized model with any compatible client.

What evidence do you have to support that claim?

They aren’t though…?

Lol apparently the juicy stuff is every meme my friends have shared with each other for the last several years

They might be trying to express that the Matrix protocol makes it easier for Israel to spy on someone using it. That idea came up somewhat often about 2 years ago, but I don’t know many relevant facts. It’s also common for people to say that the CIA and Israel cooperate, so that might be the connection to the CIA.

The initial project was created inside Amdocs

In early 2000, federal agencies conducted a counterintelligence investigation to determine if Amdocs was being used by Israel to eavesdrop on U.S. government communications. The investigation found no evidence of such activity.

As for Signal, I am greatly annoyed that Signal requires your phone number for registration. Some people justify the centralization of Signal by saying that using a centralized network means that everyone using the network is using the same (good) security practices, and I’ve been told that the developers for Signal periodically express that they’re trying to remove that requirement, but I still try to avoid using Signal (or any networks that I can’t access without involving a phone number). The lack of progress on removing the requirement of your phone number from Signal (and the lack of information on where any centralized infrastructure is located) invites ideas about conspiring with the CIA.

Despite any uncertainty or discomfort, I defer to https://www.privacyguides.org/en/real-time-communication/ and https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/ to determine what methods of communication might be suitable for me to use.

Not really a work around, but you could get a VOIP number from MySudo or Hushed or a similar service and use that to sign up for Signal. Might at least be more private if you go about it with like a prepaid card and temp email or something.

I thought signal switched to allow usernames a few months ago

youmaynotknow
link
fedilink
517d

You can hide your phone number from other users, bit still need a phone number to sign up or to use your account.

How are you going to grow the user base without including the normies?

Yeah, I’m one of em. I’m well aware it’s not secure, but as a frontend, signal certainly was more customizable and pleasant to use even for just the few people I had to sms till I could convince to use signal.

I agree that it helped with adoption. In a way I wish they still had it so I could get my text messaging family to use a messaging app instead.

The flip side was, if somebody tried signal and didn’t like it and uninstalled it, then any SMS message to them from signal went to their signal account that they no longer had installed so they didn’t get it. You had no way of knowing so it really sucked.

Ah yeah, I’d forgotten about that.

I’m certain the engineering team considered it, but I wonder why they didn’t pursue having accounts that haven’t signed in for a while issue a notice to the sender, or even have the account deactivate itself.

Make an opt-out default, you could disable that behaviour if your threat model needed to account for that 🤷

warm
link
fedilink
2218d

It was so much easier to convince people to use Signal when it had SMS support. I think while Signal needed to drop it, it wasn’t the time yet.

I’m not convinced it ever should’ve. Make it obvious sms mode is in use, etc etc. But it was great to have everything in one place. One blocklist, great photo editing etc

warm
link
fedilink
418d

Maybe. For me the worst change they made was removing custom colours for my contacts.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog