@eu_os @fedora @kde @almalinux @zendis @EC_OSPO the same #France that illegally phished data from #EncroChat users in a means to allow #dutch police to bypass a #Dutch court decision that banned them from doing so?

@adisonverlice it's not just re: #Governments (tho #Project2025 explicitly endorses unsactioned comms to twart attempts at #FIOA or any #accountability for that matter), but individuals or any organization:

• If a system is #centralized as in #SingleVendor and/or #SingleProvider, it's inherently vulnerable.

And if #EncroChat got pwned, who's gonna guarantee @signalapp won't if it's actually secure or isn't an #InsideJob like #ANØM.

After all, both #Signal's Organization and key people like @Mer__edith are known to the authorities by more than just their legal name.

• What's gonna prevent #Trump from doing a "bag&drag" on her or getting his goons to put a gun on,the developers' heads and force them to,#d0x all users and #backdoor everything (if they didn't already got forced to have some "#LafwulInterception" gear in a closet like #Room641A...

After all, Signal can't pull the 5th and refuse to comply!

@kkarhan

#Signal was as secure as claimed, it would've been shut down like #EncroChat, #SkyECC & others...

Just stop the BS. EncroChat was specifically built and marketed for criminals. It wasn't shut down by law enforcement, it was hacked by the French police, after which they decided to shut the service down themselves.

Signal is open source (and the issue regarding reproducible builds is known, but it doesn't impact the security of the app. It is caused by a navigation library that causes some race condition during the build process, the result of which is dependent on CPU speed. They are aware of the issue, and are working to fix it. It is tracked here: https://github.com/signalapp/Signal-Android/issues/13565). If you don't trust the official build, you can compile it yourself. There are also forks like Signal-FOSS or @mollyim available if you prefer that.

The server is also open source (of course you can't verify if they are actually running that code, but that's gonna be the case for every application with a client/server architecture. Your point regarding Signal being "proprietary SaaS" is, again, total BS.

@signalapp It's not #disinfo when one points out that you demand #PII aka. #PhoneNumbers from Users and that is literally a architectural vulnerability, alongside your #proprietary & #Centralized #Infrastructure.

• #Signal being a #SingleVendor & #SingleProvider #Solution is literally the reason why I consider it #insecure.

Not to mention the lack of @torproject / #Tor support with an #OnionService or the willingness to fulfill #cyberfacist "Embargoes" or shilling a #Shitcoin #Scam named #MobileCoin!

• #KYC is the illicit activity!!!

And don't get me started on the #cyberfacism that is #CloudAct.

• If you were secure, criminals would've used your platform so hard, it would've been shutdown like #EncroChat and #SkyECC.

I may nit have allvthe.evidence yet, but #Signal stenches like #ANØM: #Honeypot-esque!

@signalapp I disagree because your platform is #proprietary, #SingleVendor, #SingleProvider and doesn't allow for #SelfHosting, #SelfCustody of all the Keys and you demand #PII in the form of a #PhoneNumber which can be used.to track users down!

• If #Signal was as secure as claimed, it would've been shut down like #EncroChat, #SkyECC & others...

@alwayscurious @froge @fj #CloudAct alone not, but it's just the tip of the iceberg.

• I bet you that @signalapp & @Mer__edith will comply with even the most illegal and cyberfacist orders when facing "rubberhose cryptoanalysis", which is a valid and likely risk factor in the #USA...

Again: The only #security is #decentralization!

• This is why @torproject is still up and running: It cannot be shutdown even when all maintainers are being held at gunpoint.

#Signal is as vulnerable as #EncroChat if it's not a #Honeypot like #ANØM!

@froge @fj I'm not replacing @signalapp with "random tools" but good options.

Like @delta & @thunderbird as well as @monocles / #monoclesChat & @gajim which work flawlessly over @torproject / #Tor using @tails / @tails_live / #Tails and @guardianproject / #Orbot respectably.

• Also these allow not only #SelfHosting but just work and I'd highly recommend #monocles as a hoster which finances iself by users paying and allows #anonymous accoubts & payments including not just #Monero but also #CashByMail!

Considering the costs of even acquiring and upkeeping an #anonymous #SIM, I'd rather pay €2 p.m. for #XMPP+#OMEMO and #PGP/MIME-supported #eMail with the option of self-custody than $2,50+ p.m. just to keep a phone number.

• Plus I don't run around with a #tracking device that could be used to #deanonymize me any second...

Or is anyone here expecting @Mer__edith to risk jail for life amd not comply with #CloudAct?

• If #Signal was as secure as advertised, it would've been shutdown like #EncroChat and #SkyECC!

It stenches like #ANØM, because NOTHING IS FOR FREE and running a #VCmoneyBurningParty is expensive...

@Catwoman69y2k @dragonfriend most importantly:

Only with #SelfCustody of all the keys, #SelfHosting of the entire infrastructure and everything being #OpenSource, one can assure (and [let it be] audit[ed] independently) that the #advertised #promises are in fact true.

• All #centralized, #SingleVendor and/or #SingleProvider solutions - and yes that includes @signalapp as well (!!!) - are inherently insecure because they can be forced into "cooperation" - may it be with #Cyberfacism like #CloudAct or listeally a gun to their head...

Cuz not expecting @Mer__edith to break is the same level of "#TrustMeBro!" assurances as #ANØM, #EncroChat, #SkyECC, #WhatsApp etc. do in their #advetising #lies!

• Remember: Corporations/Foundations/non-profits/... don't have a right to be silent , only individuals, and even then there are certain juristictions that have #KeyEscrow laws (i.e. #France, #Russia, #KSA, #China, #India, #UK , ...) in the books!

@Mik3y @samhainnight @karlauerbach @alex_p_roe @Nonilex not to mention all the #GAFAMs and #TechBros who get to know that #CloudAct means they'll have to integrate more #Govware #Backdors and enable #BulkSurveillance or get shut down & jailed faster than they can say #EncroChat or #SkyECC...

• #NSAbook / #StasiBook automatically snitches DMs to #CPB!

@dalias @lauren
@pixelschubsi

Also the blatant dismissal of absolitely basic #OpSec & #ComSec is just flabberghasting.

• It's inherently wrong to put all eggs in one basket and #Signal being not shut down like #SkyECC & #EncroChat makes it just as sus as #ANØM / #OperationIronside / #OperatioTrøjanShield and #CryptoAG / #MINERVA / #RUBIKON.

Only #decentralized, #OpenSource & #OpenStandards can actuall survive long-term and remain #secure.

• Otherwise we'd all gaslight ourselves into ignoring the hard lessions we learned that bought us to the #Fediverse and why we ain't on #Shitter or #tumblr or #BrownSky or #NSAbook (any more)!

It's the same reasons we use #PGPG/MIME & #SSH and not #X400 & #X25!

• Unlike with @signalapp one doesn't has to trust the provider or app. #XMPP+#OMEMO works regardless if you use @monocles or @gajim or do #SelfHosting and only trust code you wrote yourself...

IOW: Think "How can you weaponize Signal?" and see what you csn do just holding key people in contempt...

• And I'm not even talkibg about #Govware - #Backdoors and #MassSurveillance alike #Room651A, but just duely submitted warrants that @Mer__edith will comply with...

The less #info a provider has, the less they can be forced to snitch upon customers.

• So even if you don't give a shit that #CloudAct makes this a "#CantUse & #WintUse" (out of US-centrist privilegue to not comply #GDPR & #BDSG) for many, it's still dishonest.

"#JustUseSgnal!" is a form of dangerous "#TechPopulism" aimed at bamboozling #TechIlliterates who don't know better, abusing information asymetry to pull rank instead of investing the time and effort to *explain "how" and "why" this is indeed a good or bad idea.

• There's a reason why @tails_live / @tails / #Tails doesn't include #Signal and why I'll say it again that XMPP+OMEMO over @torproject / #Tor is the gold standard in terms of #privacy and #security when it comes to #ComSec that isn't #airgapped aka. "Airgapped PGP".

The only ones that have a chance to beat that are @delta / #deltaChat but that's just #PGP/MIME #eMail in a nice UI...

• You may now laugh at me and think my "#TinfoilHat sits too tight" but I'm shure sooner or later I'll be evidenced as correct...

@Zoll wisst ihr was deutlich effektiver wäre?

Wenn das Zeug #legal kontrolliert abgegeben würde (bspw. #Apotheke) denn dann würden die Leute sich nicht Dreck reinkloppen sondern sauberen Stoff haben und #OrganisierteKriminalität ginge leer aus.

Cc: @Bundesregierung @bmg@social.bund.de

• Weil anders ist der "#Drogenkrieg" nicht gewinnbar!

Apropos "Hinweise aus dem Ausland", wird interessant wie das so #rechtstaatlich aussieht...

• Siehe #EncroChat & #ANØM / #operationIronside / #OperationTrøjanShield…

@compl4xx @Layer8 @nick @kuketzblog @marcel @mspro

• EXAKT DAS!

Meine Rede...

Oder um es einfach zu erklären: Warum gibt es #HTTP(S) & #HTML sowie #eMail ( #IMAP & #SMTP) bis heute und keiner nutzt mehr #AOL, #MSN, #ICQ?

• Weil nur #OffeneStandards als #MultiVendor & #MultiProvider - Lösung taugen und langfristig überleben können!!!

Wenn @signalapp / #Signal wegen #CloudAct geflipped wird wie #EncroChat, #ANØM & #SkyECC dann stehen Leute alternativlos in der shice ubd die ganzen "Sicherheitsversprechen" lösen sich in "#TrustMeBro!" und #Lügen auf.

• Wohingegen selbst wenn @monocles nen Front wäre, es mit #XMPP+#OMEMO & #PGP/MIME (bspw. @delta / #deltaChat) sie Sicherheit sank #SepfCustody gewahrt und mittels @torproject / #Tor zusätzliche Sicherheit implementiert werden kann!

Ich nutze meinen XMPP-Account seit Ewigkeiten und habe drölfzig Clients durch. Aber Kontakte erreichen mich darüber Problemlos!