@derekmorr

Let it go, already. No one uses MobileCoin. You can’t even find an exchange to buy it.

Then why does @signalapp still have that shit in it? @Mer__edith could've pulled that #Shitcoin yet refuses to do do!

The Cloud Act is a non-issue. Signal doesn’t have data on users, so they can’t be forced to disclose it.

That's literally wrong!

• #Signal not only collects #PII in the form of a #PhoneNumher but explicitly is able and willing to use that to dsicriminate against users and restrict app functionality based off their presumed juristiction. There is no "legitimate interest" for.doing so nor any legal mandate to do so (unless we excuse the ehole #MobileCoin-#Scam!)

It’s been 30 years, and no one uses xmpp. Let it go.

Wrong again. Otherwise there wouldn't be thriving ecosystems and Apps to this day. It's just that corporate shills refuse to acknowledge that Signal - like all centralized, proprietary, #SingleVendor and/or #SingleProvider kessengers before and after - will inevitably die as their business model is not sustainable. Sake with #ICQ really. The only exceptions are those that abolish #privacy for #profit, integrate actually working payments or sellout to a #cyberfacist #government (all those apply to #WeChat!)

It’s shocking that people who claim to care about security and privacy push niche apps with terrible UX and no PFS like Delta or XMPP instead of the only private messenger with any real market share, Signal.

You know what's shocking to me: People who are unable or rather unwilling.to acknowledge that Signal is garbage and it's requirement for a #PhoneNumber kills any #privacy benefits it may have on paper by virtue of being at best pseudonymous (assuming the userd don't live in a juristiction that demands "#KYC" for even prepaid #SIM cards (ime. #Germany) or god forbid even #IMEI|s (i.e. #Turkey has a literal allowlist that'll kick any device off it's MNOs after 90 days within 365 days.

• The #UScentric approach to #privacy and #threats makes Signal absolutely useless in many cases, and I do speak here from experience.

I'd rather help people onboard #XMPP+#OMEMO like @monocles and/or @gajim or #PGP/MIME like @delta & @thunderbird (incl. setting them up with #Orbot / #TorBrowserBundle / @tails_live so their traffic gets through @torproject and doesn't provide any useable IP addresses.

• I've literally been there and done that!

As for #Sustainability, providers like https://monocles.eu finance themselves by subscriptions (starting at €2 p.m.) which people can pay fully anonymous using #CashByMail and #Monero on top of common payment methods (i.e. SEPA wire transfer)...

• So even if you think "#monocles is a #honeypot" that is mitigateable ciz unlike with Signal you can choose your own client, choose a different provider & exervise self-custody of all tue keys!

@Linux for @monocles it's about their mail & messaging solutions which are subscription-financed and in return just work on any devices as well as their nextcloud.

• They also offer apps for those, and the #monoclesChat & #monoclesMail #apps can be used with any #XMPP and any #eMail provider that offers #IMAP & #SMTP respectably.

• Also they allow for fully anonymous payment using #Monero and #CashByMail.

The ither two I can understand fully...

@debby @monocles @Stuxhost well, @delta / #deltaChat is not using #XMPP+#OMEMO (unlike #monoclesChat & #gajim) but #PGP/MIME on regular #eMail, which makes it way easier to setup in organizations as not "yet another server needed" and also easier to comply with mandatory #archival laws in #business use-cases.

• #Session & #Signal, like #Telegram & #WhatsApp, do not have their #backend #opensource|d nor allow #SelfHosting and demand #PII like #PhoneNumbers for registration if not useage for no valid reason. Plus they are not just able but obviously willing to snitch on their users (something neither DeltaChat nor monocles chat demand or even can as both do 100% #SelfCustody of all the keys!)

• As for #sustainability, monocles is financed by #subscribers (they charge like €2 p.m. for mail & chat) and they can be paid completely anonymously (#Monero & #CashByMail!), whereas #Signal is a #MoneyBurningParty which engages in #Shitcoin-#Scams (see #MobileCoin!) for no valid reason…

@Linux @jeffowski you need some help?

Personally I'd recommend @monocles as they request no #PII and support anonymous payment incl. #CashByMail & #Monero!

@linuxer @stormii @karl_ist_super ja, sowas wie @monocles / #monoclesChat, @gajim / #gajim & @delta / #deltaChat...

• Nur weil etwas alle/die meisten machen wird's nicht weniger falsch!

Natürlich kannste #Signal nutzen, nur dann musste halt auch drauf klarkommen dass so zentralisierter shice durch eine christofaschistische Regierung (#USA) irgendwann eingestampft wird.

• Davon dass es eine bescheuerte Idee ist aus gründen von #Datenschutz, einen Anbieter zu nutzen der ne #Telefonnummer verlangt mal abgesehen.

#Monocles verlangt hingegen garkeine Daten und erlaubt anonymes Bezahlen per #Monero & #CashByMail !

#thxbye #EOD

@froge @fj I'm not replacing @signalapp with "random tools" but good options.

Like @delta & @thunderbird as well as @monocles / #monoclesChat & @gajim which work flawlessly over @torproject / #Tor using @tails / @tails_live / #Tails and @guardianproject / #Orbot respectably.

• Also these allow not only #SelfHosting but just work and I'd highly recommend #monocles as a hoster which finances iself by users paying and allows #anonymous accoubts & payments including not just #Monero but also #CashByMail!

Considering the costs of even acquiring and upkeeping an #anonymous #SIM, I'd rather pay €2 p.m. for #XMPP+#OMEMO and #PGP/MIME-supported #eMail with the option of self-custody than $2,50+ p.m. just to keep a phone number.

• Plus I don't run around with a #tracking device that could be used to #deanonymize me any second...

Or is anyone here expecting @Mer__edith to risk jail for life amd not comply with #CloudAct?

• If #Signal was as secure as advertised, it would've been shutdown like #EncroChat and #SkyECC!

It stenches like #ANØM, because NOTHING IS FOR FREE and running a #VCmoneyBurningParty is expensive...

@cmccullough that being said I can recommend @monocles which do not require any #PII wjatsoever and allow #anonymous payment via #Monero & #CashByMail!
https://monocles.eu/more/#payment-section

Another option may be @Stuxhost ...

@ckrypto if@signalapp@mastodon.world wasn't complying with #CloudAct, @Mer__edith would be in jail.

Not to mention even if Signal keeps their "#OpenSource" code updated - which is doubtful, NOONE can actually #verify that it's the code you actually use - regardless if #backend / #Server or #client / #App!

• #Signal is as secure as #ANØM, otherwise it would've been shutdown ages ago.

Also if Signal was designed for #security, it would've been #decentralized as #XMPP+#OMEMO and not demand #PII like #PhoneNumbers which oftentimes cannot be obtained anonymously in many juristictions at all!

• Only #MultiVendor & #MultiProvider standards can be secure, regardless if OMEMO or #PGP/MIME.

By comparison, @delta doesn't require any PII, only an #eMail account, and @monocles isn't a #VCmoneyBurningParty but sustainable due to #subscription and they don't even require any personal details for #payment: #CashByMail and #Monero are accepted.

• Not to mention neither #DeltaChat nor #monoclesChat are pandering #Shitcoin #Scams like #MobileCoin that don't work even for #TechLiterate #CryptoBros!

Again: It's Signal alone who have to evidence they are trustworthy, and all I get are "#TrustMeBro!" replies, which means they are not to be trusted.

• Not to mention, it's just not sustainable to run a #service without #revenue, even if it's run entirely by unpaid volunteers and gets all it's #hosting and #costs donated, someone has to pay for expenses due to #abuse of a service (which is an inevitability come mass adoption)...

Whereas with #XMPP I can completely setup my own server and client, even build my own if I don't trust anyone else and pay someone to audit the code.

• Signal as a #centralized, #SingleVendor & #SingleProvider service is inevitable vulnerable to #RubberhoseCryptoanalysis, and #Meredith will break if not doing so means jail for life until she does!

Whereas with XMPP & PGP/MIME #eMail I can layer @torproject / #Tor over it, make it an #OnionService and keep that thing under my bed with a literal killswitch...

@truls46 Ein gutes Gegenbeispiel zu @signalapp ist @monocles / #monoclesChat:

• Es werden keine persönliche Daten verlangt!

• Es wird ein offener Standard (#XMPP+#OMEMO) genutzt, sodass #SelfCustody und #Datenhoheit gewährleistet ist!

• Der Dienst ist zwar kostenpflichtig (€2 p.m.), aber komplett anonym bezahlbar (inkl. #Monero & #CashByMail)!

• Nutzung von @torproject #Tor wird nicht verhindert oder blockiert; @guardianproject / #Orbot wird unterstützt!

• In #Deutschland gibt's immernoch #Rechtsstaatlichkeit, anders als in den #USA!

• Anders als #Signal ist #monocles ehrlich, was Sicherheit und Datenschutz angeht...

Ich denke mal das sollte hinreichend meine Argumebte darlegen.

• Kernpunkt ist und bleibt: Signal ist bestenfalls gemeingefährlich-inkompetent oder ein #Honeypot!

@Beggarmidas @Em0nM4stodon

For comparison monocles / @monocles doesn't collect any #PII whatsoever and one can get their #Apps not only for free (or choose one's own #clients because unlike #Signal they only use open & standardized protocols!) but also pay using #CashByMail and #Monero for maximum #privacy.

So it's not a #VCmoneyBurningParty but actually #sustainable!

@Chiquidrakula @COSAntiFascists @iris @Em0nM4stodon @cryptoparty@mastodon.earth @cryptoparty@chaos.social @thunderbird

#FACT: It's not real #E2EE unless you have100% #SelfCustody of all the keys!

• By contrast, @monocles are upfront and honest that if you use their #WebMailer's built-in Encryption / Decryption, your Keys *will be stored on the Servers [Something that @protonprivacy / #ProtonMail does too but tries to leave out as a little detail]...

Thus the correct way as #monoclesMail says is to use your own client and keep your keys to yourself.

• Cuz unlike #Proton, #monocles actually offer standard protocols to use with regular eMail clients

Now OFC, monocles charge €2 p.m. for their starter account but they also accept #SEPA #WireTransfer, #Monero, #CashByMail, #Stripe and #PayPal for #payments, so it's pretty flexible and affordable given they don't put #ads in your #inbox or invade user privacy!

@lucasmz @Avitus @david_chisnall the benefit of #XMPP+#OMEMO is that there are several providers, including free options...

• @monocles also supports #Monero and #CashByMail for those that can't use #PayPal, #Stripe or #SEPA.

All #PII incl. #PhoneNumbers can and will be abused by existing governments and if users don't pay, then they are the product and their data is the one to be sold.

• #KYC IS THE #IllicitActivity WHEN IT COMES TO #ComSec!

After all, you have the same cost problem with phone numbers. Even if one doesn't pay per line/number and never pay for calls and texts, they still have to top it up to extent validity.

• And again: It's way easier for a government to demand an ID for a #SIM that works in networks around their country (i.e. #Turkey demands registration on a per-#IMEI - basis *with #ID) than to tunnel XMPP+OMEMO through @torproject over #EDGEland-speed #2G networks.

Plus you relying an unfixably insecure #Telephony makes a system inherently unsafer than it needs to be...

• This is how people get caught!

Also #Signal is able and willing to use said PII to restrict and ban users and if I were some dissident in Cuba or North Korea or even just Eritrea or Yemen I'd not rely on non-enforcement of #OFAC / #USML / #ITAR since Signal can obviously distinguish & identify accounts by virgue if their #PhoneNumber!

• Always think "How can this be weaponized against someone?" when it comes to #privacy!

@Ciela @thelusciouslibra I can recommend @monocles tho you should never ever rely on any #eMail hoster, but use #PGP which is easier than ever thanks to @thunderbird on #Desktop and #Android!

Also #monocles does have a cool #eMail client and don't demand extra for #IMAP & #SMTP as well as offering #PayPal, #Stripe, #SEPA #WireTransfer, #CashByMail and #Monero for payment, and they cost as little as €2 p.m.

@n_dimension Granted, "Encryption at Rest" should be the default given #GDPR & #BDSG.

My main gripe with @Tutanota and @protonmail / @protonprivacy is that they don't do #IMAP4 & #SMTP or #Paywall that basic functionality.

OFC, @monocles unlike #CockLi does require a #paid #subscription but in return they do accept #CashByMail & #Monero on top of #PayPal, #Stripe and #SEPA...

@Sustainable2050 not much, given that @signalapp is also incorporated in the #USA ,thus falls under #CloudAct and that is inherently incompatible with #GDPR!

• Consider #XMPP + #OMEMO for truly #secure and #private communications.

Providers like @monocles may charge like €2 p.m. for that, but in return they don't demand any #PII like #PhoneNumbers, allow for #anonymous accounts and payments via #CashByMail and #Monero and that's a small price to pay for #SelfCustody of all the keys and having noone look into messages...

https://monocles.eu/more/#payment-section

@zdl @evacide that any the fact that @signalapp is incorportated in the #USA, making them susceptible to #GDPR & #BDSG-incompatible #cyberfacist bs like #CloudAct.

• If #Signal cared, they'd completely #OpenSource #backend and #frontend as well as #decentralize and refuse to collect any #PII (like #PhoneNumers) at all!

Remember: #KYC IS THE ILLICIT ACTIVITY when it comes to #Communication!

• To me Signal has a stench like #CryptoAG (aka. #MINERVA / #RUBIKON), #EncroChat and espechally #ANØM (aka. #OperationIronside / #OperationTrøjanShield)...

Compare that to @monocles / #monoclesChat which don't demand any PII or KYC and allow people to pay for their services with #Monero and #CashByMail besides #SEPA #WireTransfer, #Stripe & #PayPal whilst supporting both decentralization (#XMPP is not a #SingleVendor / #SingleProvider solution!), implementing real #SelfCustody (#OMEMO, #OTR & #PGP is supported out of the box) for all the keys, and proper #Anonymitiy (using @torproject / #Tor & @guardianproject #Orbot for #privacy), so in case they ever get a duely sumitted warrant by a court they'd have to comply with, they'll most likely have no data whatsoever on clients that could allow identification.

• And that is a good thing, because whilst very unlikely, one cannot exclude the non-zero chance of i.e. #MLAT|s being filed with knowingly false information by 3rd countries.

Also having no PII is a matter of reducing #liability in the sense of #DataProtection: All data requested and by #monocles is the bare minimum mandated for #accounting (i.e. only linking a payment like a #TxID / Transaction-ID to an account and then adding up validity/activation period).

• And since running a #Service costs money, the low #subscription to their #Services makes them independent from #ads, #crawling / #espionage against #customers and depending on #grants and #donations to keep the lights on, making it a #sustainable #business...

@doerk @xyhhx

I disagree since @signalapp to this day collects #PII in the form of #PhoneNumbers which are not "technically necessary"!

• Considering the #NSA's admission that "[they] kill based off #metadata!", and #Signal being subject to #CloudAct, I'd say that they, like all #centralized, #SingleVendor & #SingleProvider solutions, are inherently bad.

Whereas with like @monocles / #monoclesChat, I can anonymously register and use an account over @torproject / #Tor and even pay for it with #Monero or #CashByMail.

• And thanks to #XMPP+#OMEMO users have full #SelfCustody of all the keys!

I think it's worth the €24 p.a. for #eMail and #Chat...

@frox +9001%
I can recommend @monocles / #monoclesChat and @gajim as clients and for those that want a privacy-preserving, user-funded, privacy-first #XMPP service, #monocles is offering a good deal.

https://docs.monocles.eu/account/account/

Heck, you can pay with #Monero and even #CashByMail for maximum #privacy - no #PII required!
https://monocles.eu/more

@Hyolobrika @MarkAssPandi @Bwee @SuperDicq @monocles well, #Monocles also doesn't demand #PII and whilst they are commercial, you can pay them with #CashByMail and #Monero...

@FediTips @binaryequation EXACTLY THAT!

Even Premium Services like https://monocles.chat won't require any personal data whatsoever!

You can literally pay with #Monero and #CashByMail for an account there...
https://monocles.eu/more/#payment-section

https://infosec.space/@kkarhan/112128863094032256