Comments

You must log in or register to comment.

celebratedrecluse wrote

If you are unfortunate enough to live inside USA borders, just download the apk straight from signal.org. Use the app on a device with a VPN tunneled to outside your country. The most difficult part will be to tie the signal account to a non US phone number, during initial setup. One idea is to contact someone outside the US who will purchase a burner and setup forwarding for you, in exchange for crypto or some other way of remunerating. Then, create a very strong registration lock and keep it on a paper key. This will probably work, but has a non zero chance of having your account hijacked.

Maybe we can set up a forum on Raddle for sharing international phone numbers, in exchange for donations, for this purpose. It would be a useful way to spread money out of the empire, as well as providing physical phones that can be sim-swapped and donated to people who might not otherwise have access to one.

But regardless, hopefully this situation gets the Signal devs to enable account registration without a phone number...

6

LeftHack wrote

Using Twilio for US number could also work. Then there is free SMS verification service that you could also use those numbers, but just remember to set registration PIN.

1

celebratedrecluse wrote

For US #? But they would need a non US #, or do i misunderstand

1

LeftHack wrote

Twilio will assign you a new US number after registration

1

celebratedrecluse wrote

Ok, if Signal does not work with US numbers, what would the purpose of this be?

1

LeftHack wrote

Point being that it meant to make easy for anyone outside of US to register a US number. Plus, Twilio has free subscription, meaning that anybody can use it.

1

celebratedrecluse wrote

We need the opposite, US people will need non US #s to continue using Signal. Not vice versa.

Unless you are talking about something else entirely

2

CI7IZ3NZ3R0 wrote

I think Session is a good alternative. Not based in the US, 100% open source with end-to-end encryption for all messages by default. An independent security audit of their cryptography is currently in the works. Keep your eye on this one.

3

a_perfect_map OP wrote

Also, have you all hear of F-Droid? https://f-droid.org/ I know Android is certainly NOT Libre and is pretty awful. However F-Droid is like a FOSS app store replacement/repo, you can even fetch packages over Tor I think. Combined with Replicant, the Freedom respecting Android fork https://en.wikipedia.org/wiki/Replicant_(operating_system), this could be decent. Eh, phones are the worst.

2

whipskid wrote (edited )

Looks like Replicant is a discontinued project, not supported on new phones. LineageOS with MicroG is open source and is supported by most devices. I installed this ROM without Google Play Apps and Services. The MicroG fork comes with F-Droid preinstalled and MicroG, which is an open source alternative to GApps, the proprietary part of Android. It allows the OS to integrate with some apps better and allows you to use location services and optionally Googles Cloud Push Notification Service, without identifying your phone or Logging into Google. The Aurora store even allows you to download a few nonfree apps from the Play store without logging into Google or Registering your device.

1

hardwarecult wrote

I would not trust Signal unless you deploy your own server; they use Google most of the time, like for download and or api/key rotation, are in US jurisdiction etc

1

celebratedrecluse wrote

You actually cannot deploy your own server, youd have to fork the code and make a whole different service. It's pretty suspicious

Google can be disabled entirely tho, by installing on a device without active play services. For example, android x86 with play services ripped out

3

kore wrote

I have lineageOS on my phone without google, and its amazing how many apps dont even run without google play services

3

whipskid wrote (edited )

I don't use Google cloud push messaging, but still found MicroG useful because it allows me to use GPS location services on my phone. UnifiedNLP comes with MicroG and uses open nontracking Mozilla backend network geolocation.

I use OSMAnd+ for navigation and OpenStreetMaps. Does GPS work in your LineageOS install?

1

whipskid wrote (edited )

Are you using MicroG? It is a open alternative to the nonfree google location and cloud push notification services.

"LineageOS with MicroG" is a fork of Lineage that has MicroG and FDroid preinstalled.

1

a_perfect_map OP wrote

Your thoughts on Telegram?

1

avbeav wrote

Certain secuirty experts don't recommend Telegram because of it's cryptographic protocols but I personally like that the desktop app is in Qt rather than Electron. Yes, that is a big deal.

Also, while Signal Desktop may have well-engineered E2E-encryption, I find the UX horribly broken.

1

FuckCopyright wrote (edited )

How's Matrix/Riot in comparison? I prefer not needing to use a phone number or anything and on GNU/Linux I don't often use the official client (although sadly it doesn't support encrypted messages, I'll have to look around though).

2

avbeav wrote

I've only used Matrix via Pidgin and that worked well enough.

I'm not using it now, not because I don't want to, but because the choice of communication protocol or platform isn't a choice I get to make. Currently, the go-to platform for messaging amongst activists around here just seems to be Signal, and I'm not gonna argue too much about it because at least it's free / open source and better than WhatsApp or Slack or Zoom or whatever latest proprietary shit app that's caught people's attention.

But because Signal is "forced" on me that way, and I don't get the choice of clients that I do with Matrix or email or IRC or XMPP because Signal has that ONE BLESSED CLIENT then at I feel somewhat entitled to complain a bit about the horrible state of their UX.

I am also trying to complain constructively by filing detailed bug reports. Not that it leads to anything being fixed, of course, but at least I try...

2

anarchyinbedrock1990 wrote

This both frightens me and makes me angry. I wrote a post about this, in privacy on this forum. I also wrote to my congressperson/senator. I am concerned about the future of Tor, and also what will happen to networks, like ZeroNet, blockchain-based networks, etc and so forth.

1