- People were complaining about JS existing when SSL and TLS were not omniscious. If we disagree on that fact, move on.
- A sequence of digits.
- OK, what are your “simple heuristics” for a bunch of pieces of ciphertext with unknown sender (except for IP addresses) in your storage to pick spammers from that?
- they were talking of something like year 2003, when they were commonly not.
- no, PSTN is not private.
- for something end-to-end encrypted, including message metadata (not connection metadata), this statement seems amazingly stupid ; “simple heuristics” are usually used on something like plaintext e-mail.
Signal’s internal identifiers are, of course, not phone numbers. And you can download their server and host it without requiring phone numbers for registration. Just they simply can’t afford it, they need to prevent bots from registering and sending messages somehow. A group message is stored in Signal as many times as there are group members, for example.
People told you a few times to go look for yourself what Signal can give away. Its protocol descriptions are pretty understandable.
The whole bloody reason it’s always recommended is because it’s absolutely the best thing in terms of yes, encrypting metadata. It’s state of the art, level above that bullshit you’re thinking.
Unfortunately, that also means that hosting it takes lots of resources, which means they have to screen bots and mults somehow. Phone numbers are one way. Paid accounts are another.
You should have visited Signal’s github page first, I dunno. Before talking. Made up a lot of stuff.
They do have proprietary code for that crypto wallet they have there, well hidden, and for, eh, phone number registration, but other than that module it’s all released, I think.
The server and the client applications are FOSS. You can host it for yourself, patching out the domain names and registration parts the way you like it more.
-
Yes, and in that time you would visit a website with your own IP address likely, likely over HTTP without SSL/TLS, likely with your vulnerable browser fingerprint. Point?
-
Privacy, not anonymity. Two completely different things.
-
Because the way Signal is built hosting it requires a lot of resources (storage especially), so they want spam prevention and fewer accounts per person.
Who puts their birth year in their username?
You are not very old, right?
Maybe now, in our stupid time, folks use phone numbers for identity, some stupid handle (or just their actual name) and then post a lot of text, photos and such, totally less harmful for their privacy than their birth year. And no birth year
But in the olden days it was the main solution to “such user already exists” problem, combined with things like ‘xXx’ and ‘+0+’ on both sides or something.
For limited people, maybe.
88 is:
-
important for people born in 1988
-
amateur radio romantic message (apparently older than Nazis, don’t ask me how I know, but it has to do with being used in that, and not HH, meaning in one Nazi song ; felt strange for me, until I’ve just read that it was a telegraph thing before radio)
-
two eternity symbols turned (not those wheely ones)
-
as people have mentioned, common as a lucky number in certain parts of the globe
-
people can also be born on 8 August
-
had that number on some item memorable for him (I had 72 in plenty of my nicknames, I can promise you it’s not about 72 virgins or 72 names of god and I’m not Muslim, I just had a yellow t-shirt with that number when I was a kid).
The funny part is that points #2 and #4 are probably known to him, tech company and all.
Dunno, my cousins’ dad was a 17yo soldier. One can say it was a better time cause he was on the winning side, and now that has become the losing side.
Mass surveillance was more old-school, but governments were still pretty harsh.
They had Trump. He just was younger, Democrat and apparently popular.
They had AI in your spam mail.
Climate collapse … again, where half my family is from, war broke logistics in the 90s, so to have heat at winter people would cut down trees. A lot of forest lost. But one can say it was a better time because “the world” cared more about civilians suffering than about forests. I suspect now climate activists would act differently.
Telegram is not a privacy tool.
I mean, if he’s convicted for a privacy tool, while it’s not a privacy tool, we have a bit of ambiguity.
Arguably advertising something which is not a privacy tool as one is fraud. Maybe even phishing, since TG the company has in plaintext all the chat history of its users.
And this
The meaning of that word “complicity” seems to be revealed by the last three charges: Telegram has been providing users a “cryptology tool” unauthorised by French regulators.
in non-libertarian language means something similar, that is, that something not confirmed to be a privacy tool is being provided as a privacy tool.
I am a libertarian, but in this case they are consistent, if I’m reading this correctly. They are not abusing power, they are doing exactly what they are claiming to be doing.
Also maybe I’m just tired of Telegram. It’s engaging, and I have AuDHD, which means lots of energy spent, and I can’t drop it completely because work, and also some small communities are available as TG channels. Would be wonderful were they to move at least to WhatsApp, but it is what it is.
Still, ability to easily create a blog (what a TG channel really is for its users) reachable without bullshit is a niche in huge demand. LJ filled that at some point, Facebook did at another, TG does now.
Something like this is desperately needed. I’d say the solution should be complementary to Signal - that is, DMs and small groups should not be its thing. Neither should be privacy of huge chats and channels - they’d be public anyway. However, anonymity with means to counter spam should, so should be metadata of user activity.
If Signal was really as secure and private like everyone says it is then their executives would already be in jail and whatnot for “enabling criminal activities”.
It doesn’t have anything to do with what “everyone says”. We don’t do that with security. Well, Telegram users do, but Charles Darwin wrote about that process. Others look at what academics say or are competent enough themselves (no, you are not).
I’m actually sympathetic to anyone having an ideology not to help their identity, but trying to imagine a structure that works.
Ancaps are expected to be good in that regard, tankies are expected to be bad in that regard, but in general there are good and bad people in any group. I’ve met almost (the premise of racial difference in quality is still wrong obviously) reasonable Nazis, and not alt-rights at that, but real honest Nazis.
I’ve been excited about Trotskyism at some point, because while there are problems with their proposed ideal state (which is similar to what’s described in Norbert Wiener’s “Cybernetics”), they have a proposed mechanism and it’s been even tested in Rojava (their bigger issue is with armed apes around them though, and also with the USA abandoning them after not needing them against ISIS).
Maybe the US government (or even “deep state” or something) has realized that making everyone use insecure devices for easier surveillance is as smart as forbidding fire exits so that people would be easier to arrest.
I haven’t heard too many bad things about Signal.
Various dictatorships want to simply read correspondence because the social graphs producing actual value and keeping stability in our world, and also protecting their embezzled value stored abroad, are all abroad too, and they won’t hurt these. Some politicians in the west want to invade privacy for the same reason - what they embezzle is stored in ways unaffected by insecure communications in their own countries.
But if you are part of some establishment, even if not well-meaning, you are interested to protect the system from outright erosion, meaning secure communications.
Other than that, WhatsApp and FB Messenger are owned by Zuck and he’s become too big to tolerate, Telegram is an African brothel with no protection and plenty of diseases, and in general it’s all corporate around.
Let’s please also remember that there are people of various views and interests in every organization and force.
So do that. You can do that with Signal.
Maybe I wasn’t clear, someone said that back in the day registration on a website was a new and bad thing, connecting it with privacy and comparing to Signal asking for phone number. I answered with the idea that not much commonly thought from that time about privacy has aged well. You wouldn’t register on websites, but you would communicate with them over plaintext. I hope that makes it clearer.