9chan.lv | 9chan.fromhell.lv | IRC | Discord | Library

>>baltchan.net

Due to technical issues this site will shut down when the VPS runs out of space (soon)

/b/ - Baltic/Random

Baltic Anime Website

Mode: Reply [Return] [Go to bottom]

Name:
Subject:
Sage:
Comment:
Files:
Drawing: x size canvas
Password: (For post deletion)
  • Allowed file types: GIF, JPG, PNG, BMP, MP3, WEBM, MP4, OGG, FLAC, SWF
  • Maximum number of files per post: 1
  • Maximum file size per post: 1.00 MB
  • Read the rules before you post.
Usernames in Signal Jānis 08/30/2022 (Tue) 21:07:09 No. 860
Real IP
>Our new method is faster and more efficient. It lays the groundwork for the introduction of usernames and phone number privacy which will offer new privacy controls around your phone number’s visibility on Signal. >Signal uses enclaves for contact discovery. Enclaves isolate data and its processing from everything else going on in a given server, obfuscating it even from server owners/administrators. This means that neither Signal nor the people who run the servers we rely on have access to or knowledge about what’s happening in an enclave. Our use of enclaves allows users to connect via their contacts while preventing Signal’s server owners from extracting the contact lists. >Encrypted RAM is a start, but it doesn’t do the full job. Simply knowing how memory is accessed can be enough to leak information. So, when we use enclaves, we build additional protections to defend against information leakage. We use “oblivious RAM” algorithms which work to obscure memory patterns and obfuscate data in enclaves. >Path ORAM has allowed us to speed up our processing for contact discovery. >In order to support phone number privacy, we need to expand the contact discovery database. Therefore, we will have more data to search for every query. The bigger the dataset, the faster we have to search in order to keep the user experience smooth. >Right now, the implementation of Path ORAM is the backbone for a new era of contact discovery in Signal, one that will let users choose usernames that they could opt to share with people instead of their phone numbers. Usernames have been one of the most requested features throughout Signal’s existence. Making usernames and phone number privacy a reality in Signal is a massive technical undertaking. It’s something we’ve been working on for a long time and will continue to work on for several more months or longer before it’s ready. Implementing Path ORAM for contact discovery is one step on that road, and we’re happy to share this inside look at the foundation we’re laying. I hope these cunts don't keep the phone number requirement, this is all trust based after all, and it would be convenient given certain CIA connections. TL;DR They improved the encryption/obfuscation algorithms speed enough to support a larger database, which they would have to deal with for usernames. https://signal.org/blog/building-faster-oram/
Real IP
>he trusts (((jewgnal))) hosted in United Surveillance and ceo is some big nosed geek. If signal was so trusted and better than telegram, why did it add shitty crypto coin 25% pre-mined by some unknown (((investors))). Lets not forget that telegram had made also memecoin, but got overthrown by the bankers because, well you know. But telegram's TON coin has made a comeback, but users were not happy. If signal's mobilecoin were to be legit and decentralized, then same thing could happen signal, but that probably won't happen, since it's all honeypot. Not saying telegram is any better, but consider anything a honeypot and do research. https://www.sec.gov/news/press-release/2020-146 https://support.signal.org/hc/en-us/articles/4850133017242 https://www.wired.com/story/signal-mobilecoin-cryptocurrency-payments/ https://www.coinbureau.com/review/mobilecoin-mob/
Real IP
1658403064655-0.jpg
75.07 KB, 640x721
>>861 >Not saying telegram is any better, but consider anything a honeypot and do research. Any better is a understatement, telegram has no e2ee, unless your in a special mode nobody uses which has a homegrown less reviewed algorithm. You might as well hand your data over to discord or whatsapp. In comparison, signal even has online status e2ee, even if claims like not storing messages and such were bullshit, they can not access the message contents, or in groupchats show who was the sender of a message and who the participants are. The coin is irrelevant attempt at making money which nobody will use, who even sends funds over messages. It's all about your threat model, signal isn't meant to hide illicit shit of course, but for communicating with those who know your phone number? It's a great WhatsApp replacement. Furthermore, there's no evidence of the feds cracking signal, while telegram hands over data on many occasions, and still shows on their FAQ that they supposedly don't. In anything but secret chats on telegram (which glow), you have about the same security as discord. In fact, telegram storing decryption keys on their server along with all contents and metadata is the same trick WhatsApp uses to claim their secure while spying on you. Also the same algorithm in signal is adapted for XMPP under OMEMO and is successfully used to evade law enforcement surveillance by criminal organizations. Not saying signal is perfect, but consider anything a honeypot and stop being a Russian shill for a honeypot.
Real IP
7L0Gol0MqqO.png
27.49 KB, 830x191
>>862 Signal could become more trusted if they removed the shitty coin, updated the server source(which wasn't updated for over a year) and removed jewcaptcha, they have not bothered to replace with their own captcha or hcaptcha. https://www.androidpolice.com/2021/04/06/it-looks-like-signal-isnt-as-open-source-as-you-thought-it-was-anymore/ I also remember(maybe it was matrix client) that asked for jewcaptcha on FOSS client(not the official one). https://github.com/signalapp/Signal-Android/issues/12359 https://github.com/signalapp/Signal-Android/search?q=recaptcha&type=issues https://github.com/signalapp/Signal-Android/search?q=recaptcha&type=code Also i don't get why signal needs built-in donation system and shitty coin when it gets funded by US gov. There is no logical reason for government to fund a IM program that has encryption on by default for everything and viewing the data on the end(ie. database) makes NSA cope. The whole reason 9/11 was organized to loosen the tail of intel agencies to allow more citizen tracking. Think, if US funds IM with e2ee and that causes the shooting or explosion by some goat fuckers which used signal, then agencies would want to have backdoor. Why would it do something pain in the ass(not backdooring it in the first place) when it could just sell the product "e2ee open sauce IM" and have a little door open for NSA to walk to. https://yasha.substack.com/p/signal-is-a-government-op-85e https://www.opentech.fund/results/supported-projects/open-whisper-systems/ https://wikileaks.org/ciav7p1/
Real IP
>I also remember(maybe it was matrix client) On the official Matrix yes >Also i don't get why signal needs built-in donation system and shitty coin when it gets funded by US gov. They don't usually get funded and its running of a fund the rich owner put upfront. >Why would it do something pain in the ass(not backdooring it in the first place) when it could just sell the product "e2ee open sauce IM" and have a little door open for NSA to walk to. The feds are iffy, sometimes they do genuine help for security, sometimes they harm things. In this case considering every phone can be cracked by pegasus, cracking Signal is unnecessary. Thats the backdoor, that applies to anything on a phone and most desktops. The app is doing nothing wrong as far as anyone can tell with the core security. None of this government funding and such changes the algorithm having reliable e2ee on just about everything, while telegram has none. They couldn't get much information if they wanted, and if feds wanted they'd just hack the phone. Again, a weird reason when Telegram has none and gives up info to authorities. https://tech.co/news/telegram-exposed-user-data
Real IP
>>864 https://www.washingtonpost.com/technology/2022/09/06/signal-meredith-whittaker/ >Meredith Whittaker, the former Google manager, is Signal’s first president. >She is out to convince users to pay for the free app. spend ya shekels goyim
Real IP
>>865 >As president, Whittaker will help guide strategy, communications and policy. In an interview, she said she plans to focus on sustaining Signal, which hopes to support itself with small donations from millions of users. Signal announced her new role Monday at an event in Berlin. Literally just donations. Also Durov did VK and works with the WEF. His stance is against censorship, not privacy or security.
Real IP
>>866 >Literally just donations. Then why make this "users will forced to pay for free software" article? They already have donations integrated and shitty coin. >Also Durov did VK and works with the WEF. Already know >His stance is against censorship, not privacy or security. He did say he is pro-security. Both signal and telegram suck big ass.
Real IP
>>867 >Then why make this "users will forced to pay for free software" article? nowhere does it say that you illiterate kike >Both signal and telegram suck big ass. By some metrics, but not at all comparable