Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
social.tchncs.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
A friendly server from Germany – which tends to attract techy people, but welcomes everybody. This is one of the oldest Mastodon instances.

Administered by:

Server stats:

3.8K
active users

social.tchncs.de: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Public
Frederic Jacobs

When Signal was designed, our threat model was protecting the communications of civil society, journalists, just regular citizens ...

The threat model of military operations & sharing your hate of Europeans was not what Signal was designed for. Ephemeral messages and cryptographic deniability are not fit for communications that require accountability.
But I appreciate their effort to make government more efficient by adding journalists to the chat instead of requiring to go through FOIA.

Public
Kevin Karhan :verified:

@fj I still think @signalapp has fundamental flaws like demanding #PII (#PhoneNumbers can't be obtained anonymously around the globe and are trivial to track down to devices and thus users), being subject to #CloudAct as an unnecessary & 100% avoidable risk as well as #Shitcoin-#Scam shilling (#MobileCoin) and it's #proprietary, #SingleVendor & #SingleProvider nature that makes it inferior to real #E2EE with #SelfCustody like #PGP/MIME & #XMPP+#OMEMO!

#e2ee#selfcustody
Public
Dźwiedziu

@kkarhan
PGP leaks metadata by design, and doesn't have forward secrecy by default.
(There is sequoia-pgp, that supposedly “unstuck” the PGP development, but being OOTL I've missed it.)
latacora.com/blog/2019/07/16/t

XMPP+OMEMO has a lot of problems.
soatok.blog/2024/08/04/against

You're left with Matrix, which has some problems, with a wonky security culture (like not hard-depreciating libolm) and leaking metadata.

Still, if you're against Signal, you're left with Matrix on the top.

@fj @signalapp

Latacora · The PGP ProblemThe PGP Problem
Public *
Kevin Karhan :verified:

@dzwiedziu @fj @signalapp not really, as the #Metadata #FUD cited by #Signal is mitigateable with proper measures.

  • You can't even run Signal over @torproject and even if that point is moot when you're forced to quasi-#KYC by virtue of a #PhoneNumber aka. #PII they have neither legitimate interest nor technical reason to demand in the first place!

Every claim that things like #ITsec, #InfoSec, #OpSec & #ComSec can be solved with "Just use Signal!" is "#TechPopulism" at best if not being a "#UsefulIdiot"!

#EOD#thxbye#next
ExploreLive feeds
About