only add people to your group chats that you have good reason to trust
Yeah people need to really set trust hierarchies for this kinda political organizing. Sort of a “Principle of least privilege” but for people.
Only post personal or identifying information in chats where everyone already knows every other person directly. Public or effectively public(with more than like 10 people) chats should never ever have any identifying information in them.
Dont use a SIM card. Which also means dont use Signal unless you have a number than cant be linked to you.
They will absolutely plant long term rats for this shit so if you havent known someone for years, then think twice about telling them things they dont need to know.
If people are actually serious about organizing then tell them to use Briar. There is nothing else that comes close to it. You shouldnt use your primary phone for shit like this anyways so it doesnt matter if they are apple users, they should get a 100$ android just for this.
Signal, unfortunately, doesn’t have good group support. Herr are only 2 privilege levels: admin and user. It seems like it will take a long time before signal upgrades group chats.
there are probably also a few other, more recent examples that i just can’t find. but the theory is the same, signal only knows a phone number in association with an account creation date and the last sent message date. everything else is encrypted. the signal protocol has been formally verified to be secure: https://cryspen.com/post/pqxdh/. signal all in all is a very competent messenger, and there’s a reason it’s being used by dissidents, journalists and activists, even if most of those people do not actually have the energy or skills to verify the internals. what does easily get you in trouble (assuming what you’re doing is troubling) is if you have a leaky contact. it’s not hard to just screenshot messages and then publish them elsewhere.
signal only knows a phone number in association with an account creation date and the last sent message date. everything else is encrypted.
Thats not really possible. If thats all they give out, then that just means that is all that they decide to save. They have access to the servers that everyones messages pass through. They could log the IP and date for every single message sent if they wanted to, but just decide not to do it. This model fails however as soon as they are forced to save more than that.
Thats the dumbest shit ive ever heard. Every server that isnt yours is compromised. The general assumption in computer security is always that anything outside of your physical possession is compromised, especially when your opponent is the best equipped government on the planet.
Yeah people need to really set trust hierarchies for this kinda political organizing. Sort of a “Principle of least privilege” but for people.
Only post personal or identifying information in chats where everyone already knows every other person directly. Public or effectively public(with more than like 10 people) chats should never ever have any identifying information in them.
Dont use a SIM card. Which also means dont use Signal unless you have a number than cant be linked to you.
They will absolutely plant long term rats for this shit so if you havent known someone for years, then think twice about telling them things they dont need to know.
If people are actually serious about organizing then tell them to use Briar. There is nothing else that comes close to it. You shouldnt use your primary phone for shit like this anyways so it doesnt matter if they are apple users, they should get a 100$ android just for this.
https://en.wikipedia.org/wiki/Briar_(software)
https://briarproject.org/
Signal, unfortunately, doesn’t have good group support. Herr are only 2 privilege levels: admin and user. It seems like it will take a long time before signal upgrades group chats.
you don’t need to give your signal contacts your phone number, they won’t know it if you use signal usernames
But signal knows it so they will hand it over to the police if requested…
signal doesn’t know which phone numbers contact which other phone numbers
Do you have a source for that? How would the server know who to deliver data to without being aware of the group member list?
https://signal.org/bigbrother/central-california-grand-jury/
there are probably also a few other, more recent examples that i just can’t find. but the theory is the same, signal only knows a phone number in association with an account creation date and the last sent message date. everything else is encrypted. the signal protocol has been formally verified to be secure: https://cryspen.com/post/pqxdh/. signal all in all is a very competent messenger, and there’s a reason it’s being used by dissidents, journalists and activists, even if most of those people do not actually have the energy or skills to verify the internals. what does easily get you in trouble (assuming what you’re doing is troubling) is if you have a leaky contact. it’s not hard to just screenshot messages and then publish them elsewhere.
Thats not really possible. If thats all they give out, then that just means that is all that they decide to save. They have access to the servers that everyones messages pass through. They could log the IP and date for every single message sent if they wanted to, but just decide not to do it. This model fails however as soon as they are forced to save more than that.
compromised servers are a known threat model, and not a threat in signal’s case
Thats the dumbest shit ive ever heard. Every server that isnt yours is compromised. The general assumption in computer security is always that anything outside of your physical possession is compromised, especially when your opponent is the best equipped government on the planet.