• 0 Posts
  • 12 Comments
Joined 1Y ago
cake
Cake day: Aug 20, 2024

help-circle
rss

No, not that very obvious thing that people have been saying for years! I simply refuse to believe it!



I can almost guarantee you they are using it through a VPN or they have a western SIM card. If not I’d love to know what server they use, as I’ve tested this a bunch of times on several public and private servers and it’s always the same result. If it isn’t blocked on day 1 it will be blocked quickly.


China will definitely block xmpp on any port. I know this because I have tested this very specifically from my own server. It lasted about a day and a dozen messages before it was blocked, and the box got absolutely slammed with vulnerability scans.


It also just gets blocked by autocratic firewalls. Deltachat is clutch because it can theoretically run on top of any email host so it’s way more difficult to block.


The protections for classified information are not just about information security. They are about physical and operational security as well. That’s why s SCIF has a “two locks” policy, and requires things like 4" steel doors.


I have family in China and I need to communicate with them. Seems like a pretty common threat model. Signal works only with a foreign SIM and that’s only tolerated with tourists. XMPP servers get blocked almost immediately.


Do those ios clients support push notifications?


PGP is unfortunately one of the only reliable ways to get encrypted messages into and out of China. Most of that article is kind of nitpicking IMO. The only major cryptographic issue is lack of forward security. The rest can be dealt with if you have a bit of know how.


The problem is that iPhone has some weird shit about push notifications and none of the high security XMPP clients I have tried seem to support them.


Right, the French authorities are going to present evidence that this dude was aware of specific illegal activity and refuse to comply with a legal warrant involving said actively, making him guilty of obstruction at best, and possibly conspiracy. Signal complies with warrants, they just don’t have anyone’s keys. Telegram has everyone’s keys, and theoretically could turn them over but they refuse. That’s a huge difference from a legal perspective.


This is precisely why opsec is more than just an app.

Leaky keyboards are a possibility, but what is actually far more likely is just that someone on the signal group chat was a mole who was archiving the traffic for the party. Signal has since made efforts to bring anonymous accounts to the platform, which will help thwart such attacks. Though against a state actor it is still not enough unless you take additional measures to obfuscate traffic. And then that still doesn’t protect you against some CCP brownshirt from tailing you and then snatching your phone out of your hand when you unlock it.