https://responsiblestatecraft.org/aoc-israel-gaza/ (via this lemmy post)

(ref)

https://en.wikipedia.org/wiki/ShipGoo001

i appreciate the name’s implication that someone expects to find more than 99 but less than 1000 other varieties of Ship Goo.

No, it isn’t about hiding your identity from the people you send messages to - it’s about the server (and anyone with access to it) knowing who communicates with who, and when.

Michael Hayden (former director of both the NSA and CIA) famously acknowledged that they literally “kill people based on metadata”; from Snowden disclosures we know that they share this type of data with even 3rd-tier partner countries when it is politically beneficial.

Signal has long claimed that they don’t record such metadata, but, since they outsource the keeping of their promises to Amazon, they decided they needed to make a stronger claim so they now claim that they can’t record it because the sender is encrypted (so only the recipient knows who sent it). But, since they must know your IP anyway, from which you need to authenticate to receive messages, this is clearly security theater: Amazon (and any intelligence agency who can compel them, or compel an employee of theirs) can still trivially infer this metadata.

This would be less damaging if it was easy to have multiple Signal identities, but due to their insistence on requiring a phone number (which you no longer need to share with your contacts but must still share with the Amazon-hosted Signal server) most people have only one account which is strongly linked to many other facets of their online life.

Though few things make any attempt to protect metadata, anything without the phone number requirement is better than Signal. And Signal’s dishonest incoherent-threat-model-having “sealed sender” is a gigantic red flag.

more important than expecting ip obfuscation or sealed sender from signal

People are only expecting metadata protection (which is what “sealed sender”, a term Signal themselves created, purports to do) because Signal dishonestly says they are providing it. The fact that they implemented this feature in their protocol is one of the reasons they should be distrusted.

it looks like it’s just some new in-browser advertising for Mozilla (Mullvad) VPN :/

one of the bugs linked from the bug that you linked to says this:

Feature callout that introduces the new VPN integration. Has two variants depending whether the user is signed in or signed out, prompting the user to either turn on the VPN or sign in for access. Targeting will need to reach users who have been selected for the Nimbus experiment rolling out VPN integration but do not have it turned on.

could it be that sucking at eating popcorn is correlated with having subtitles enabled? 🤔

imo you should not promote signal, proton, or tuta for various reasons including the ones i mention in those three links.

Show proof that azov are nazi

how “just one”? if such a thing was allowed there, why wouldn’t it be elsewhere?

reminds me of this: The Town That Went Feral: When a group of libertarians set about scrapping their local government, chaos descended. And then the bears moved in.

She voted against the bill.

True

She voted against military aid for Israel.

What is being discussed here is that she voted for military aid by voting against MTG’s amendment that would have blocked $500M of military aid.

(via)

i’ve had friends and colleagues I respect, who I really thought would know better, do this.

to say it bums me out would be a massive understatement :(

And 27 years before that was 1944, when IBM delivered the Harvard Mark I… which John von Neumann immediately employed to simulate the implosion design which would be used in the first atomic bombs.

Its easy if you have nothing to fear because you are already convicted

He wasn’t though, except in the court of public opinion. He’s been acquitted or found not liable in all of the cases which have gone to trial.

There are several ways to; afaik waypipe is the best one.

machine translation of a paragraph of the original article:

The police’s solution: It’s none other than a Trojan. Unable to break the encryption, they infect the traffickers’ phones with malware, subject to judicial authorization. This way, they gain full access to the device: apps, images, documents, and conversations. Obviously, GrapheneOS isn’t capable of protecting itself (like any Android) against this malware.

🤔