Viewing a single comment thread. View all comments

kore wrote

Re: Tor, no correlation is made between the funding by state-level actors and the ability to compromise Tor's anonymity. That is, there's no argument that these groups are paying Tor to put in back doors. I thought everyone knew that a traffic analysis attack is possible by organizations with sufficiently large access to monitoring internet traffic? No surprise to me anyway.

Re: Signal: I don't use it mostly because of the phone number thing, though I suppose you could use a burner phone. But, I still think that E2EE is secure when used properly.

1

celebratedrecluse OP wrote (edited )

Re: Tor

You don't understand. This has nothing to do with "backdoors", the code is irrelevant and a red herring that the government uses all the time to shift the discourse away from the actual flaws which allow them to break their own tools. The government of USA and its surveillance partners runs a huge proportion of the relays. They monitor all the major internet traffic cables, as you said. Tor does not protect you at all from USA surveillance. It was never designed to, its purpose was to shield spies and USA-allied dissidents who were operating in a foreign country and wanted to disguise their internet traffic from non-global adversaries, like the authorities of the country they are embedded in.

Signal

It forces you to use a smartphone. The USA government can see everything you type into your smartphone. It doesn't matter how encrypted it is, they get all your data in plaintext beforehand...

2

cute wrote

Android virtual machines/ emulators and the desktop app exist.

1

celebratedrecluse OP wrote

Yes, and the desktop signal app is shit, lacks basic functionality and most users will never even think to use a virtual machine, let alone learn how to work out all the various kinks and issues which arise when implementing such a nonstandard use case.

But at least they have stickers now, right? Lol

1

cute wrote

They're trying to appeal to the general population, not really mad at them for that since things like XMPP and Briar are very unappealing to most

1

kore wrote (edited )

The USA government can see everything you type into your smartphone.

can you explain how this works? a link to an authoritative leaked document perhaps? I guess I just wonder why many pro-privacy organizations (like the EFF) don't really seem to talk about this. I guess this also gets into threat models. Like, if you're just trying to keep intimate conversations private or something.

0

celebratedrecluse OP wrote

Google Play Services. That's it, you're done, anything on the phone will be uploaded to Google servers, where it will be transferred to NSA's historically massive Nevada databases, unprecedented in world history. If you become of interest, they look through all the data. Why else would they build such a huge data center.

Apple's proprietary root OS has very similar characteristics, but we know less about it because of the secrecy.

EFF doesn't talk about this because, there's nothing to be done. People aren't going to stop using cell phones, not most people anyway, so talking about it would turn people off.

1

kore wrote

i dont have google play services installed on my smartphone.

1

celebratedrecluse OP wrote

oh, a great step! most do not take. but i am not surprised, the average technical competence of people on Raddle is much higher than the norm.

However, does everyone you communicate not have it on their phone? Otherwise, any communications involving those parties who do, is going to be compromised, because the screen can be read directly and keystrokes are logged. The data collection capacity is basically infinite.

And moreover, what of the cellular baseband? There are backdoors in the firmware of every GSM modem, which is proprietary and tightly guarded information (especially for newer cell networks, certainly including but not limited to the 5G capable products that will be rolling out). what's worse, most modems are either known to not be well isolated from the rest of the device, or are unknown whether they are well isolated from the rest of the device.

Like with all common CPUs and GPUs, cellular modems are not free or safe from determined state-level actors.

1