this post was submitted on 10 Aug 2024
586 points (98.5% liked)

Privacy

32142 readers
1328 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

"Signal is being blocked in Venezuela and Russia. The app is a popular choice for encrypted messaging and people trying to avoid government censorship, and the blocks appear to be part of a crackdown on internal dissent in both countries..."

you are viewing a single comment's thread
view the rest of the comments
[–] pancake@lemmygrad.ml 21 points 3 months ago (2 children)
[–] dessalines@lemmy.ml 18 points 3 months ago (1 children)

I wrote this, but I'd also like to add Drew Devault - Why I don't trust signal. There's a huge disconnect between what privacy advocates are saying about signal, and what reddit "privacy" communities think about it. If you read the article I linked, you'll see its because the Open Technology Fund (a US state-run entity), actively pushes signal in privacy spaces.

[–] possiblylinux127@lemmy.zip 3 points 3 months ago (2 children)

Signal might be one of the most audited pieces of software in existence. Any criticism is likely either coming from or is supported by countries that fear encryption such as China, Russia and Iran.

The big downsides of Signal are that it requires a phone number and that is depends on Signals servers. That is it. You messages are completely safe as all messagers use the same underlying cryptography.

[–] dessalines@lemmy.ml 7 points 3 months ago (2 children)

The audits mean nothing for a server domiciled in a Five-Eyes country. Signal has your phone number, and the other phone numbers you talk to (social connection graphs), and it is 100% illegal for them to tell you that they've been issued a national security letter divulging that information.

[–] possiblylinux127@lemmy.zip 3 points 3 months ago

You shouldn't trust a server to do your computing for you. Assume any data the server has about you to be available to all.

[–] fira959@lemmy.ml 2 points 3 months ago* (last edited 3 months ago)

The entire protocol is build under the assumption that you do not need to trust the servers. Let the NSA have then, it doesnt matter. On the other hand 95% of Matrix users are hosted on Matrix.org which was not only hacked several times, but would be an ideal target for any agency to compromise. Its naiive to belive the big Matrix hosts arent compromised. The only effective defense is to build your system around the assumption that the server is compromised, which is what Signal did.

[–] ivn@jlai.lu 3 points 3 months ago

Metadata is data. While we can be pretty sure that message contents are secure we have to rely on trust for the metadata.

I use Signal and trust it way more than most other apps but still, one have to be careful, a state actor could still find ways.