• 0 Posts
  • 13 Comments
Joined 2 years ago
cake
Cake day: June 25th, 2023

help-circle



  • I agree that signal has a more robust security model. What I mean is that itbhasbalso habe risks, and a lot of people are ignoring it.

    The backdoor could be a sleeping function activated from outside to targets of interest or ‘special’ updates from the google store (i.e.: with the help of google install a different version of the app to the target). But I’m not a security nor android expert, and it’s all theoretical if this attack vector is possible, but I think that is unlikely.

    Also, if the NATO country where I live wants to spy my mobile, it would use Pegasus 🤷🏽‍♀️

    Off topic: The Signal reproducible builds don’t work since, at least, may.


  • Signal can add backdoors to their own app and, if the app get compromised (or the device) the security of the encryption model is not relevant. It’s the reason because I see comparable Signal and Telegram.

    Signal is open source, but (info based in this 3 years old thread on f-droid):

    1. Have binary blobs and propietary dependencies.
    2. Don’t let reproducible builds.
    3. It’s hostile to forks (they blocked libreSignal from their servers)
    4. Don’t want independent builds from f-droid (nor any fork in f-droid)

    Which no seems FOSS friendly.











  • This article is a not sense. There is not a monopoly of identity: a lot of corporations and big tech have an ID about us or, at least, about me.

    Also, in my case, the state have paid most of my education, my healthcare, the street where I live… nor google not other big tech have paid a dime for it.

    The critic in the article has his points, but the proposed solution—using capitalist enterprises to issue IDs—is nonsense. We will lose track of people from a fiscal point of view, and it will not solve the problem of the people that not any corporation would issue an ID.