Viewing a single comment thread. View all comments

Hibiscus_Syrup wrote

My main interest is just, what is the safest messaging platform?

I assume nothing's completely safe, and where I live it's not uncommon for people to steal your communication tech at gunpoint and use that to know all of your networks, plans, actions.

But if we have to use something, and it has to have minimum buy-in from the broader population, what do we use?

4

southerntofu OP wrote

Like you said, nothing is completely safe. No system can truly protect us from "evil maid" attacks, or from a 5$ wrench attack. For the second case, some encryption systems like Veracrypt support hidden volumes for plausible deniability: you have two passphrases, and are free to reveal one to a non-compromising volume (while existence of the second partition cannot be proven). Few systems support this though this is a very useful property.

Actual security has a lot of practical downsides. Tails will protect you from most attacks (though not the two mentioned before), but you have to:

  • be sure noone has altered your Tails key
  • be sure noone has planted a microphone/camera where you are using the computer

About instant chat, there is no magical solution. Jabber/XMPP is really good against passive observers because it's so Tor-friendly, but no client will protect you from someone gaining access to your system. Encrypted local storage of settings/logs (with a passphrase to open the app) is possible to implement, but nobody did it yet (to my knowledge).

6

[deleted] wrote (edited )

3

yam wrote

due to the systemd problem.

Are you aware of any security issues or freedom issues Tails' use of systemd?

I'd rather go for Heads than Tails

Latest release is 2 years ago. Latest update to the Heads website was March 2018.

I used to run Dyne:bolic, also published by dyne.org but, as you can see, latest release is from 2011, and it's still up there. The dyne.org team have an issue around publishing out-of-date software, which is fine with a multimedia distro like Dyne:bolic, but disconcerting with a security focused distro like Heads.

2

[deleted] wrote

1

celebratedrecluse wrote

why not? I assume it periodically uploads data of interest whenever online.

3

[deleted] wrote

1

celebratedrecluse wrote

Eh, with gigabit becoming more common in many places, and 5G mobiles, it's trivial for network operators with root access to your device to upload whatever they want in the background. There are even economic contractual ways that this has been priced into agreements, eg youtube or spotify making deals with a mobile provider to not charge data for their traffic on the user's data account.

2

yam wrote

For more permanent distros, tho, those like Whonix, Gentoo and FreeBSD are paranoid-level of security.

Totally! Or QubesOS. Or Alpine.

Alpine is very secure while also having a crazy fast package manager, and you can run the whole system in pure memory so large apps boot instantly, although you can not have too many large apps installed that way.

Tails should be the better tradeoff between security and out-of-the-box usability.

Yea.

I'd say it also depends on the person and the use case. I see some people coming straight from Windows to Tails, because they heard it's secure, but they are bound to be surprised by the home folder being wiped on every boot.

In my experience, also some people will like the talk about "paranoid-level of security" while still using some of the popular pre-compromised apps, like Zoom, Google Docs or Slack. For those people, I'd say the first step is to get off those.

Let's never forget about the Intel ME backdoor too. Even though that doesn't mean everyone's being watched 24/7 on their computer.

It's so messed up. In some twisted way, it's kinda cool that pretty much all laptops run Minix though.

In my guesstimate, human error, like posting something on a forum like this, or emails sent to Gmail addresses, is way more likely to be the source of compromise than IME hack.

I'd love to be free of IME but I've given up on using 32-bit laptops.

I could of course buy a new laptop with Libreboot online, but I also think there's value to re-using old hardware, and it's much cheaper. A way to fight planned obsolescence. I have to use Debian Testing with non-free drivers for the backlight to work, so not super compatible with 100% free drivers. That Crimethinc post that was pinned also makes about about recycling computers:

»1. Manufacture no new computers, but use existing resources to maintain current machines.«

Any experience getting rid of IME? Or finding laptops without it? (It's only 32-bit ones, right? With max 2GB mem, right?! Ouch)

The issues with systemd should be the same than on Debian or any other systemd based Linux.

My main issue with systemd is that it's not fast. Alpine's Openrc is super fast, but you have to add the startup apps on the commandline. That's not for everyone.

I don't run modern Gnome because it makes my laptop crawl. mpv dropped Gnome support for a while and just refused to run. But for people who have newish laptops, Gnome is really slick, and everything just works: backlight brightness, bluetooth, redshift, dark theme, laptop lid settings, volume buttons, multiple speakers and screens, even window tiling layout (where xfce and lxde and all non-tiling window managers are just shite), keyboard layout with multilingual compose key, advanced touchpad config, package management "app store"-lookalike. I think Gnome developers are doing interesting stuff, and I'm glad it exists, but I wouldn't use it myself.

2

[deleted] wrote

5

southerntofu OP wrote

Element is a web application, so a server getting compromised will not only compromise all your metadata, but can also compromise your e2e-encrypted content retroactively (by compromising your private keys). Matrix as a protocol does not have this problem, but all web-clients (of all protocols) share this property.

Session i haven't tried, but it's really weird how their entire website doesn't talk about their cryptocurrency. You have to follow links around for that. Doesn't look very legit?

4

celebratedrecluse wrote

i agree, the following are just my thoughts

XMPP w/ OTR and with network traffic routed through Tor is better than element for individual conversations that need to be extra anonymous while still being encrypted. It is relatively straightforward for power users to set up burner XMPP profiles.

Element has more functionality for larger groups and casual conversations. However, since it is a web application, it comes with security and privacy problems, because you need to self-host and take on the responsibility of being a server administrator to really secure the platform.

4

[deleted] wrote (edited )

3

celebratedrecluse wrote

At the root, if it requires $600+ to buy a phone which even pretends to respect your privacy, then only rich people

some sort of scaling of capacity to reduce the cost of getting devices with unlocked bootloaders, would be great. failing that, we'll just have to rely on the gaps in coverage of the police state, and assume the surveillance game is pretty much lost from the get for any group over 6 people.

4

Hibiscus_Syrup wrote (edited )

Thanks. Unfortunately I would be all alone if I was using those programs in my context.

Never heard of Session, I'll guess it's not as popular as Signal because of the instability then.

4

yam wrote

Element (Riot), and good old XMPP.

Self-hosted Etherpad-lite is also good, if you have an old laptop running around, and can spend a minute forwarding the router port and getting a free cert from LetsEncrypt.

Alongside Syncthing for sending large files. XMPP is really not good at file sharing, because support and implementations vary so wildly among the clients. It often just fails.

Syncthing compares more to Dropbox but direct transfer so no artificial limits or snooping.

3