Post 9v6TdTnCdXHrBugKbg by nipos@social.avareborn.de
(DIR) More posts by nipos@social.avareborn.de
(DIR) Post #9v6TdTcvFl40g1s7aC by resist_berlin_@chaos.social
2020-05-16T12:00:36Z
0 likes, 0 repeats
So, is #Signal gonna remove #giphy now? :thisisfine:
(DIR) Post #9v6TdTnCdXHrBugKbg by nipos@social.avareborn.de
2020-05-16T12:02:34Z
0 likes, 0 repeats
@resist_berlin_ Wait...that cheap Whatsapp clone supports Giphy?! /cc @vel
(DIR) Post #9v6U7yTP8C3726xime by resist_berlin_@chaos.social
2020-05-16T12:07:57Z
0 likes, 0 repeats
@nipos @vel Yes, for quite a while now. https://signal.org/blog/signal-and-giphy-update/Time and money well spent.
(DIR) Post #9v6VYVTX9WcWs2EpY8 by nikolal@social.privacytools.io
2020-05-16T12:24:05Z
0 likes, 0 repeats
@resist_berlin_No, giphy doesn't know who is issuing requests for gifs since they are proxied through signal.https://signal.org/blog/giphy-experiment/
(DIR) Post #9v6WjoVSprix2B633w by resist_berlin_@chaos.social
2020-05-16T12:37:19Z
0 likes, 0 repeats
@nikolal That still means they're promoting Facebook technology now.
(DIR) Post #9v6XQ2XR3Ws2iQ9abY by vel@cybre.club
2020-05-16T12:44:22.674961Z
2 likes, 0 repeats
@resist_berlin_ @nipos I don't know why I'm now responsible for Signals PR, but okay.Read through the article. Read this issue https://github.com/signalapp/Signal-Android/issues/9628 that's exactly what you're asking.Oh, and I'm sure that the "cheap clone of WhatsApp" that is recommended by Snowden, thousands of hours of sommunity effort to program it, has gone through multiple audits and provides the Double-Ratchet encryption that is also the base for WhatsApps encryption (well they use part of signal) and OMEMO (that you probably use on a daily basis) is just a cheap clone.If you don't like it, don't use it
(DIR) Post #9v6Z1XRNE0X9E3lM80 by resist_berlin_@chaos.social
2020-05-16T13:01:07Z
0 likes, 1 repeats
Apparently, they decided against removing it:https://github.com/signalapp/Signal-Android/issues/9628Time for popcorn (again).Thx @vel for the link
(DIR) Post #9v6bhmpsZlNJ2nUxnM by nikolal@social.privacytools.io
2020-05-16T13:32:59Z
0 likes, 0 repeats
@resist_berlin_ Its more like ripping their service, unless they rename Giphy to FacebookGif or something like that, >95% people won't know that FB acquired Giphy so there is no promotion imo.
(DIR) Post #9v6by2JomKfHhGFalc by resist_berlin_@chaos.social
2020-05-16T13:35:55Z
0 likes, 0 repeats
@nikolal Facebook could actually rename their Giphy service to something more obvious, forcing Signal and others to adopt the new name. That would be an interesting corporate troll move...
(DIR) Post #9v6c9KxjnkWahmJMAq by nikolal@social.privacytools.io
2020-05-16T13:37:58Z
0 likes, 0 repeats
@resist_berlin_ Yes, I don't know what Signal should do in that case.
(DIR) Post #9vCrr4LdbDzqB8YpqC by syster@social.linux.pizza
2020-05-19T14:02:11Z
0 likes, 0 repeats
@nikolal @resist_berlin_ question that remains for me: how can facebook possibly track signal users through injections into the gifs. afaik, signal has nothing that would prevent such an attack. Moxie's privacy guaranty: "hope"
(DIR) Post #9vCxZvseQa0sieDMIq by nikolal@social.privacytools.io
2020-05-19T15:06:22Z
0 likes, 0 repeats
@systerThis reminds me of those infamous image magick remote code execution exploits. As moxie said, if gifs or images had this vulnerability its cosequences vastly preceed Signal@resist_berlin_
(DIR) Post #9vEd7BvE658xJ2MAjY by syster@social.linux.pizza
2020-05-20T10:26:28Z
0 likes, 0 repeats
@nikolal @resist_berlin_ I could imagine having microdots placed within the gifs, and something like android or some fb app listening to it could be enough for tracking. Images have this vulnerability.