@pixelcode @taylan Your nonchalant "So what?" gets people publicly murdered by the state in many juristictions...

• Which is why there is no substitute to teaching proper #TechLiteracy ffs!

If things were so easy as in "JuSt UsE sIgNaL!" then @signalapp would be shut down.

• Or do you really think that in a world where multi-year long sting ops like #ANØM / #OperationIronside / #OperationTrøjanShield get greenlit that @Mer__edith would risk dying of old age in jail for non-paying users?

If you do think so then you should really get some professional help, cuz you seem rather lost...

• #Signal doesn't even bother to have an #OnionService, much less to provide means to use their service without self-doxxing with a #PhoneNumber, which at best is pseudonymous and requires money to attain and maintain...

It's #centralization is an absolute nightmare and mist be deemed as criminally neglectful!

@licho @osman provide evidence the code @signalapp released is actually being deployed.

• Whereas @monocles has #ReproducibleBuilds to the point that @fdroidorg literally pulls their git and builds it from source.

Not to mention pushing a #Shitcoin-#Scam (#MobileCoin) disqualifies #Signal per very design!
https://www.youtube.com/watch?v=tJoO2uWrX1M

• Given the collection of #PII like #PhoneNumbers, the ability to restrict functionality based off those and the fact that #Signal is subject to #CloudAct make it inherently not trustworthy.

And don't even get me started on the fact.it's not sustainable to run it as a #VCmoneyBurningParty!

• As soon as Signal becomes a problem, it will be taken offline, and due to the fact that it is #centralized, #proprietary, #SingleVendor & #SingleProvider that's trivial for authorities.

Same as identifying users: They already got a #PhoneNumber which in many juristictions one can't even obtain without #ID legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to #SS7 a specific number...

• All these are unnecessary risks, that could've been avoided, but explicitly don't even get remediated retroactively!

Again: Signal has a #Honeypot stench, and you better learn proper #E2EE, #SelfCustody and #TechLiteracy because corporations can't pull the 5th [Amendment] on your behalf!

@ai6yr @briankrebs OFC this targets #TechIlliterates and the only effective means here are:

1. Teach #TechLiteracy instead of consumerism.
2. Mandate #confirmation & #notification - #PopUp|s for every use of #Clipboard (similar to #webcam use by websites)...
3. Ban #JavaScript - seriously!
4. Ban #Windows, because it's a #Govware, espechally since #Windows10 and even more so on #Windows11 that is *insecure in every configuration!
5. Put #TechIlliterates before a system they can't feck up. I.e. @tails_live @tails / #Tails for that reason alone (can't run such commands if they neither got #root nor any #persistent #storage to target).
6. Normalize the use of @torproject #TorBrowser!
7. #Teach #tech #literacy instead of #consumerism!
8. Ban #GAFAMs and their shitty products!
9. Migrate every #TechIlliterate to #Linux and don't give them administrative privilegues.
10. Teach tech literacy instead of consumerism!

@Avitus @lispi314 @lauren THE REQUIREMENT FOR A #PhoneNumber BY @signalapp IS LITERALLY THE PROBLEM!

• #KYC IS THE ILLICT ACTIVITY!!!

If you gonna say "JuSt GeT aN iMpOrTeD #SIM / #eSIM!" then you obviously expect people to have way more #financial means and #TechLiteracy than is needed to get absolute N0obs setup withb#XMPP+#OMEMO and pay for @monocles / #monoclesChat!

@Bad #Fact: #TechLiteracy is sadly not being #tught anywhere, because the #teachers themselves are almost always #äTechIlliterates themselves...

@wravoc @froge #TLDR: The lack of "#SecurityCulture" makes #ITsec, #InfoSec, #OpSec & #ComSec shit.

• I constantly do my part to make these things better and not waste my time making up random accusations that some folks may consider libel, but I'm not a lawyer and I'll certainy not waste money affirming some rando on the internet.

But I guess yelling into the void of the #Fediverse is easier than running a @cryptoparty or teaching #TechLiteracy to #TechIlliterates so they don't end up as unpaid "unofficial employees" for #NSAbook...

@GrapheneOS It doesn't change the fact that #security requires #transparency and thus full access & reproduceability from source.

To give you a good example, source-available #Tarsnap demonstrates that stuff is truly securely encrypted by enabling #SelfCustody of keys and thus show they can't decrypt anything!

• You may call me paranoid, but having 'massive trust issues' saved not only my own life more often than I'd be able to disclose so you may see this as a 'survivorship bias', but we'll only see #MassSurveillance becoming impossible when people ain't just users of some big-ass platform that can be easily targeted once it becomes inconvenient for it's host nation, but actually push for #decentralization and #TechLiteracy.

"Just use A, B, C & D, E, F" is the real threat as it sugfests people a false sense if security.

• Just like a dresh #TechInspection doesn't prevent one to hose an engine due to lack of oil!

Collecting any #PII IS the illicit activity NO MATTER the excuse...

• You may choose ignorance but like with #LavaBit, #EncroChat & #ANØM I tend to turn out to be right all along.

Sooner or later the #Enshittification of #Signal will reach a point where you'd rethink and consider apologizing...

@razze I disagree because #JavaScript violates basic security standards and should be, like #VBA #macros, #OOXML and #Windows-#Executeables be deemed inacceptable.

If in doubt, test your website with #LynxBrowser 1 2 over Iridium speeds (@ 2400 bit/s) and with #TorBrowser in it's strictest security settings (no #JS allowed!) and then tell me that's accessible, because in many #eReaders and applianced #BrailleScreens and #TTS devices you'll only have the output of #Lynx as #Browser and not everyone has even #2G speeds available.

Otherwise you may fall into the trap of "#EliteProjection" in that you assume that everyone has as good of an access to tech, broadband, #TechLiteracy and means to use them as we have them.

Which is my point of criticism all along!

@MichalBryxi precisely that!

A prime example is #gpg which is absolutely the worst in terms #UX.

• even worse than #vi & #vim, because they at least have way better known alternatives like #nano that do the same but don't expect one to know :q! to quit.

#enc tries to solve that somehow, but #GnuPG is a prime piece of evidence of #elitism among #GNU / #FSF Fanboys and #Stallmanists, that would rather scold people for buying a product that can run #CCSS like #Windows or requires #proprietary #drivers than to actually work on making #FLOSS better!

• And yes, those people are a net-negative to #OpenSource in specific and #ComputerScience in general because shouting "#SkillIssue" isn't gonna teach #TechIlliterates nor raise #TechLiteracy nor convince them of the technical and moral benefits of #FOSS / #OSS over #CSS...

@ArneBab Trotzdem sehe ich kaum #TechLiteracy, #InfoSec, #OpSec, #ComSec & #ITsec im #Journalismus und bei #Redaktionen...

Die nutzenbweiterhin #Govware voller #Backdoors auch in Investigativredaktionen...

• Von sowas wie #PGP/MIME zwecks Kontakt per #eMail ganz zu schweigen...

@RitaWerner das Problem ist ja dass Menschen in der Schule nicht #TechLiteracy aber vorallem keine #MediaLiteracy beigebracht wird.

Viele scheinen die wichtigen Lektionen zur #NS-Zeit und damit wie propagandistisch ein #Krieg vorbereitet wird zu vergessen oder auch nur ansatzweise die Möglichkeit zu verdrängen, dass dieselben Mechanismen auch bei modernen Medien greifen...

@evacide EXACTLY THAT!

Instead I'd recommend people to start #CryptoParties even harder and go all in!

Teaching #TechLiteracy and how to use @tails_live / #Tails, @torproject / #TorBrowser, #PGP / #enc and all the other tools is kinda vital...

#CryptoParty
Cc; @cryptoparty@bonn.social @cryptoparty@chaos.social @cryptoparty@mastodon.earth