Post ANDYWNL5qBVGvGaJQe by Janneke@norden.social
(DIR) More posts by Janneke@norden.social
(DIR) Post #AN2FWTV2utrorOFFgm by BreachCat@mstdn.social
2022-08-29T23:10:42Z
0 likes, 0 repeats
#Messengers !When choosing between #Signal , #Wire , #Threema , #Briar , #Conversations and #DeltaChat, which do you think is the most secure, private, safe and reliable messenger for one-on-one correspondence?(1. Explain your answer in the comments, please.Or suggest your own options)@inference @kev @mike@humanetech @stux @admin @evawolfangel @thary @techlore @IzzyOnDroid @FOSSlife @datarequestsorg @mdent123a @fsf @fdroidorg @alternative_be @privacyguides @datenschutzratgeber @staltz
(DIR) Post #AN2FWUMDjCOxWJ7iZU by inference@plr.inferencium.net
2022-08-29T23:24:22.146391Z
0 likes, 0 repeats
@BreachCat @kev @mike @humanetech @stux @admin @evawolfangel @thary @techlore @IzzyOnDroid @FOSSlife @datarequestsorg @mdent123a @fsf @fdroidorg @alternative_be @privacyguides @datenschutzratgeber @staltz Leaving a previous thread on this matter here:https://plr.inferencium.net/notice/AMjYZjN65iRlENMnzsI vote Signal. Read the thread to find out why.
(DIR) Post #AN2IDO4dAMvqOMTmoi by datenschutzratgeber@mastodon.social
2022-08-29T23:48:22Z
0 likes, 0 repeats
@BreachCat Delta Chat grants any e-mail service involved full access to the respective chat's metadata – possibly including GAFAM, depending on your contacts. Not recommended at all.Wire doesn't prevent metadata either and is also partly based in the US, meaning they are likely forced to collaborate with NSA etc. Don't use it!XMPP and Matrix also don't prevent metadata, so you have to trust all your contacts' servers. Avoid if possible.
(DIR) Post #AN2IDOXhQIBTqW507s by datenschutzratgeber@mastodon.social
2022-08-29T23:51:13Z
0 likes, 0 repeats
@BreachCat Threema protects your metadata from third parties and collects as little as possible. Decent choice.Signal's metadata protection is a bit better; it supports Sealed Sender and PFS, but also requires your phone number. Good choice.Briar is the best option in terms of security and metadata protection, since it's decentralised, meaning that no server is involved at all. Though, that requires both sender and recipient to be online at the same time.
(DIR) Post #AN2IDOxDtObJ7g1NuS by BreachCat@mstdn.social
2022-08-29T23:52:49Z
0 likes, 0 repeats
@datenschutzratgeber And what is the most anonymous solution for one-on-one communication?
(DIR) Post #AN2IDPMONojYNjnU8m by inference@plr.inferencium.net
2022-08-29T23:54:34.115733Z
0 likes, 0 repeats
@BreachCat @datenschutzratgeber Keep in mind that Session and Briar have no way to verify your contacts, so you lose that ability if you insist on anonymity. Not worth it to me in most cases.They have no key system.
(DIR) Post #AN2QEJcE1gyOUK992e by BreachCat@mstdn.social
2022-08-29T23:56:07Z
0 likes, 0 repeats
@inference there are many other ways to auntify a person, not just technically
(DIR) Post #AN2QEK3APWWXpskf2G by inference@plr.inferencium.net
2022-08-30T01:24:21.827040Z
0 likes, 0 repeats
@BreachCat You won't be notified when the key changes. That's the point.
(DIR) Post #AN3M5ILj9unzIRphiK by thary@mastodon.ml
2022-08-30T05:42:26Z
0 likes, 0 repeats
@BreachCat @inference @kev @mike @humanetech @stux @admin @evawolfangel @techlore @IzzyOnDroid @FOSSlife @datarequestsorg @mdent123a @fsf @fdroidorg @alternative_be @privacyguides @datenschutzratgeber @staltz delta chat or conversations because δeltaChat and XMPP have GNU Privacy Guard support
(DIR) Post #AN3M5J90CiDjlGt3WC by inference@plr.inferencium.net
2022-08-30T12:12:36.144189Z
0 likes, 0 repeats
@thary @BreachCat @kev @mike @humanetech @stux @admin @evawolfangel @techlore @IzzyOnDroid @FOSSlife @datarequestsorg @mdent123a @fsf @fdroidorg @alternative_be @privacyguides @datenschutzratgeber @staltz PGP is dead. If you care about security and privacy, don't use it. It was designed in the 1990s when security wasn't a big thing. No one would design a system like PGP today. This applies to PGP, OpenPGP, GPG, whatever other implementations.https://latacora.micro.blog/2019/07/16/the-pgp-problem.html
(DIR) Post #AN3Q9ttZuCNIib7NGi by BreachCat@mstdn.social
2022-08-30T12:32:41Z
0 likes, 0 repeats
@inference Are you with the FBI? PGP is reliable and constantly updated
(DIR) Post #AN3Q9uPTzZtaJY2qzw by BreachCat@mstdn.social
2022-08-30T12:36:22Z
1 likes, 0 repeats
@inference and what do you suggest instead of PGP?
(DIR) Post #AN3Q9uyvrmFg5UdAFk by inference@plr.inferencium.net
2022-08-30T12:58:19.031128Z
0 likes, 0 repeats
@BreachCat For signing, OpenBSD Signify:https://www.openbsd.org/papers/bsdcan-signify.htmlFor asymmetric encryption, age:https://github.com/FiloSottile/ageBoth do their respective jobs *much* better than PGP ever did and ever will.
(DIR) Post #AN3QE9NSHnXltQ7Rqq by inference@plr.inferencium.net
2022-08-30T12:59:04.591138Z
0 likes, 0 repeats
@BreachCat PGP is a mess. If there's one encryption method easy to get wrong and break, it's PGP. Read the article.
(DIR) Post #AN3RBwIg2FM8i5OTZ2 by BreachCat@mstdn.social
2022-08-30T13:09:31Z
0 likes, 0 repeats
@inference Why are much in "*"?
(DIR) Post #AN3RBweeiWw9oFg1p2 by inference@plr.inferencium.net
2022-08-30T13:09:51.229082Z
0 likes, 0 repeats
@BreachCat To emphasise.
(DIR) Post #ANDYWNL5qBVGvGaJQe by Janneke@norden.social
2022-08-30T07:11:05Z
0 likes, 0 repeats
@BreachCat @inference @kev @mike @humanetech @stux @admin @evawolfangel @thary @techlore @IzzyOnDroid @FOSSlife @datarequestsorg @mdent123a @fsf @fdroidorg @alternative_be @privacyguides @datenschutzratgeber @staltz Checkhttps://securemessagingapps.comRate: 🟩= 3 🟨= 1 🟥= 0 Points1. Threema = 822. Session = 793. Signal = 77Threema:Only 5€/$ one-time = 100% anonymous + real #privacy + E2EE + no IP & no #metadata collectionMore security for people & privacy isn´t possible!
(DIR) Post #ANDYWOIeGl8rtyRsG0 by Janneke@norden.social
2022-08-30T07:20:55Z
0 likes, 0 repeats
@BreachCat @inference @kev @mike @humanetech @stux @admin @evawolfangel @thary @techlore @IzzyOnDroid @FOSSlife @datarequestsorg @mdent123a @fsf @fdroidorg @alternative_be @privacyguides @datenschutzratgeber @staltz All this:#TOR #Signal bzw. #SignalApp#Briar#DeltaChat#K9Mail#WireGuard#OpenVPN#Filezilla #Mailvelope #NoScript is financed by the OpenTechnologyFund - which Money comes from the US Goverment!Check:https://www.opentech.fund/results/supported-projects/OTF:U.S. Governmenthttps://en.wikipedia.org/wiki/Open_Technology_Fund
(DIR) Post #ANDYWOh6nohx7ptPNo by Suiseiseki@freesoftwareextremist.com
2022-09-04T10:19:07.901884Z
0 likes, 0 repeats
@Janneke Hi, by the way, it was never "TOR", it's: Tor.Some people tell you it stands for "The Onion Router". It rather stands for; The onion routing.
(DIR) Post #ANFUGXGhkf3eokXakq by datenschutzratgeber@mastodon.social
2022-08-30T13:45:13Z
0 likes, 0 repeats
@Janneke It doesn't matter who funds them, since they're open-source, meaning anyone can check that there are no back-doors.
(DIR) Post #ANFUGXfWGOuK3i9PQu by Janneke@norden.social
2022-08-30T13:48:11Z
0 likes, 0 repeats
@datenschutzratgeber No!Because the Data-Thief is not in the programm-code!For example Signal Messenger:Runs over the Cloud of Google, Amazon, Microsoft & Cloudflare.Which can easily collect all your metadata.And you wont find that in the code - no matter how "open" he is.Don´t make OpenSource to your religion-replacement!Always look, where the money comes from!
(DIR) Post #ANFUGY66fYAtOAadsG by nicemicro@fosstodon.org
2022-09-05T08:40:50Z
0 likes, 0 repeats
@Janneke @datenschutzratgeber Isn't this independent of who pays the foundation? I bet that the US government didn't push for Signal to use these servers through... partially financing an entity that partially finances the software?My guess would be that these servers are used because they are *convenient* to set up the service on.It's not a bad idea to keep track of the funds, but I wouldn't accept partial funding as the only evidence for serious meddling.
(DIR) Post #ANFUJALdQSqybF6KZM by nicemicro@fosstodon.org
2022-09-05T08:41:22Z
0 likes, 0 repeats
@Janneke Great list, thank you!