@Khrys@mamot.fr @ggus@mastodon.social Ohh, just gave #orbot a try using #GrapheneOS 27 in 5-6 hours.

@derekmorr

Let it go, already. No one uses MobileCoin. You can’t even find an exchange to buy it.

Then why does @signalapp still have that shit in it? @Mer__edith could've pulled that #Shitcoin yet refuses to do do!

The Cloud Act is a non-issue. Signal doesn’t have data on users, so they can’t be forced to disclose it.

That's literally wrong!

• #Signal not only collects #PII in the form of a #PhoneNumher but explicitly is able and willing to use that to dsicriminate against users and restrict app functionality based off their presumed juristiction. There is no "legitimate interest" for.doing so nor any legal mandate to do so (unless we excuse the ehole #MobileCoin-#Scam!)

It’s been 30 years, and no one uses xmpp. Let it go.

Wrong again. Otherwise there wouldn't be thriving ecosystems and Apps to this day. It's just that corporate shills refuse to acknowledge that Signal - like all centralized, proprietary, #SingleVendor and/or #SingleProvider kessengers before and after - will inevitably die as their business model is not sustainable. Sake with #ICQ really. The only exceptions are those that abolish #privacy for #profit, integrate actually working payments or sellout to a #cyberfacist #government (all those apply to #WeChat!)

It’s shocking that people who claim to care about security and privacy push niche apps with terrible UX and no PFS like Delta or XMPP instead of the only private messenger with any real market share, Signal.

You know what's shocking to me: People who are unable or rather unwilling.to acknowledge that Signal is garbage and it's requirement for a #PhoneNumber kills any #privacy benefits it may have on paper by virtue of being at best pseudonymous (assuming the userd don't live in a juristiction that demands "#KYC" for even prepaid #SIM cards (ime. #Germany) or god forbid even #IMEI|s (i.e. #Turkey has a literal allowlist that'll kick any device off it's MNOs after 90 days within 365 days.

• The #UScentric approach to #privacy and #threats makes Signal absolutely useless in many cases, and I do speak here from experience.

I'd rather help people onboard #XMPP+#OMEMO like @monocles and/or @gajim or #PGP/MIME like @delta & @thunderbird (incl. setting them up with #Orbot / #TorBrowserBundle / @tails_live so their traffic gets through @torproject and doesn't provide any useable IP addresses.

• I've literally been there and done that!

As for #Sustainability, providers like https://monocles.eu finance themselves by subscriptions (starting at €2 p.m.) which people can pay fully anonymous using #CashByMail and #Monero on top of common payment methods (i.e. SEPA wire transfer)...

• So even if you think "#monocles is a #honeypot" that is mitigateable ciz unlike with Signal you can choose your own client, choose a different provider & exervise self-custody of all tue keys!

Make ANY #Messaging Service #E2E #Encrypted With #PGP by Mental Outlaw

https://www.youtube.com/watch?v=mu2TVYJE5Gc

Signal bro signal :D a PGP is also fine tho
Signal on steroids => #Molly-FOSS with #Orbot via #tor 💡#metadatamatters #privacymatters #sidechannelsmatter
One could also send PGP messages via Signal/Molly 🤣 💡

Why should #orbot be more than 100 MiB?

#tor #android

@torproject
I'm not sure how closely you're involved with the Orbot project, but since the latest Android update, Orbot no longer reliably connects to the network. Most attempts to establish a connection to the Tor network fail, and when data does get through, it's extremely slow.

Interestingly, the Tor Browser works just fine without any issues.

#Orbot #TorNetwork #AndroidUpdate #PrivacyTools #ConnectivityIssue #TorBrowser #CyberSecurity #OpenSourceTools

@Unshakled unfortunately #orbot drains battery life super fast, the @guardianproject needs to investigate this

https://github.com/guardianproject/orbot-android/issues/297

https://github.com/guardianproject/orbot-android/issues/1091

@harmonia_amanda
– #Orbot, pour l'utilisation de Tor.
– #HashDroid, pour créer et vérifier des sommes de contrôle.
– #TableTop, pour convertir des nombres, décoder des messages, lancer des dés, etc.
– #Conversations, pour clavarder (mais ça permet d'autres choses, comme le partage de fichiers, la visio…).
– Bon, après, #OrganicMaps et #StreetComplete ont déjà été mentionnées, alors je vais m'arrêter là…

@froge @fj I'm not replacing @signalapp with "random tools" but good options.

Like @delta & @thunderbird as well as @monocles / #monoclesChat & @gajim which work flawlessly over @torproject / #Tor using @tails / @tails_live / #Tails and @guardianproject / #Orbot respectably.

• Also these allow not only #SelfHosting but just work and I'd highly recommend #monocles as a hoster which finances iself by users paying and allows #anonymous accoubts & payments including not just #Monero but also #CashByMail!

Considering the costs of even acquiring and upkeeping an #anonymous #SIM, I'd rather pay €2 p.m. for #XMPP+#OMEMO and #PGP/MIME-supported #eMail with the option of self-custody than $2,50+ p.m. just to keep a phone number.

• Plus I don't run around with a #tracking device that could be used to #deanonymize me any second...

Or is anyone here expecting @Mer__edith to risk jail for life amd not comply with #CloudAct?

• If #Signal was as secure as advertised, it would've been shutdown like #EncroChat and #SkyECC!

It stenches like #ANØM, because NOTHING IS FOR FREE and running a #VCmoneyBurningParty is expensive...

@CppGuy yeah, @torproject really got better since I started using @guardianproject / #Orbot 15 years ago because in #EDGEland, #Tor is a #PerformanceProxy!

#WhatsMissing: A tool to check if #TorBridges are still available/online/reachable that one can use either #standalone (with #TorBrowser and/or #Tor Expert Bundle) or on @tails_live / @tails / #Tails.

• Cuz I do run into issues and kinda want to sort #Bridges by availability so I don't waste time on a #TorBridge that is down and also thin-out the list of bridges that ain't online anymore.

Whilst I do acknowledge that @torproject do disrecommend having a huge list of Tor Bridges on hand, I do regularly need them for contacts who are behind a #GreatFirewall and can't #SSH-Tunnel out of it.

• Sadly #BridgeDB doesn't offer good #filtering options so one can't just query types effectively like "I need #webtunnel on #IPv4" or "I can only use Ports 80 & 443 on #IPv6" which may work.

Espechally being able to filter for #IPv4only and not just #IPv6only is something I miss, alongside the filter for #PluggableTransports type as @guardianproject #Orbot seems to only handle #obfs4 and not webtunnel or #meek at all...

• I'm pretty certain that merely pinging a bridge at it's port isn't working as a shure-fire way to check for it's availability.

@clubchonky I disagree.

• OFC @torproject / #Tor never was designed for low-latency, high-bandwith useage, but that's not the point.

IMHO using @guardianproject / #Orbot as a #PerformanceProxy even makes throttled #WWAN networks bearable!

• In terms of scale, Tor is pretty good and if all peers are within Tor, shit works just fine...

@truls46 Ein gutes Gegenbeispiel zu @signalapp ist @monocles / #monoclesChat:

• Es werden keine persönliche Daten verlangt!

• Es wird ein offener Standard (#XMPP+#OMEMO) genutzt, sodass #SelfCustody und #Datenhoheit gewährleistet ist!

• Der Dienst ist zwar kostenpflichtig (€2 p.m.), aber komplett anonym bezahlbar (inkl. #Monero & #CashByMail)!

• Nutzung von @torproject #Tor wird nicht verhindert oder blockiert; @guardianproject / #Orbot wird unterstützt!

• In #Deutschland gibt's immernoch #Rechtsstaatlichkeit, anders als in den #USA!

• Anders als #Signal ist #monocles ehrlich, was Sicherheit und Datenschutz angeht...

Ich denke mal das sollte hinreichend meine Argumebte darlegen.

• Kernpunkt ist und bleibt: Signal ist bestenfalls gemeingefährlich-inkompetent oder ein #Honeypot!

@truls46 #facehoof

• Deshalb schaut mensch vorher sich um.

Ich empfehle nur Server die ich selbst getestet habe, außerdem hilft @torproject / #Tor & @guardianproject / #Orbot dabei, diese idealerweise als #OnionService zu erreichen.

• Wo keine #PII wie #Telefonnummer oder #IPs verlangt, abgefragt, übermittelt oder gespeichert werden, können diese auch nicht ausgehändigt werden.

@erebion @inaruck Ich widerspreche da vehement, da es naiv ist alles in de Verantwortung eines einzelnen Anbieters zu geben.

• Als Gegenbeispiel kann @monocles / #moniclesChat aps Client gelten welcher mit sinnvollen Voreinstellungen kommt und ausm Stand @torproject / #Tor - mittels @guardianproject / #Orbot kann.

Nicht kann das Vermitteln von #ITsec, #InfoSec, #OpSec & #ComSec ersetzen, und alle die naiv daran glauben, dass @signalapp / #Signal deren Arsch retten wird, dürften genauso door reinglotzen wie die Opfer von #MINERVA / #RUBIKON aka. #CryptoLeaks.

• Die #USA sind mit #Trump|s #Machtübernahme und #Glechschaltung weder eine #Demokratie noch ein #Rechtsstaat und ist daher wie #Russland oder die "V.R." #China als unsicherer Standort zu betrachten, gerade weil #Cyberfaschismus alla #CloudAct offen existiert!

@1seidla @kuketzblog @Geograph @shango #Orbot vom #Guardian finde ich ok: https://github.com/guardianproject/orbot-apple

Aber es gibt so viele, man muss echt schauen, dass man die richtige App erwischt: https://apps.apple.com/us/app/orbot/id1609461599

@nanoelquant @torproject @guardianproject @mullvadnet when you use #Orbot, you should use localhost:5400 for #DNS queries...

• It's the port used to provide #Tor - DNS...

@Beggarmidas @Em0nM4stodon personally, I do consider #Smartphones an attack vector and recommend everyone to use @tails_live / @tails / #Tails or at least @torproject / #Tor via @guardianproject / #Orbot and ideally open, #PublicWiFi like @freifunk / #freifunk.

Fortunately, @monocles / #monoclesChat integrates Orbot Support so it's just a few taps to get everything tunned through Tor!

https://docs.monocles.eu/apps/torify.app/

If @signalapp cared, they would've #decentralized and put their backend on Tor and not demand #PII like a #PhoneNumber.

Addendum: Funzt wieder. Danke an @Natanox !

Weiß irgendwer warum der #Jabber / #XMPP-#Server vom #CCC / @CCC nicht unter dessen .onion - Domain via @torproject / #Tor erreichbar ist?
https://infosec.space/@kkarhan/113974956128605484

Ist das nen #Bug von @monocles / #monoclesChat, @guardianproject #Orbot oder warum 404'd das?

#FollowerPower: :boost_ok:

#OnionService #Debug #Debugging

#WhatsMissing is an #Android-#ROM that is the equivalent of @tails_live / @tails / #Tails, which includes @torproject / #Tor and @guardianproject / #Orbot support from the get-go and forces everything through Tor (system-wide #Torification) if not only allows to connect to #OnionSedvices using #orWall...

• Because that would have a similar audience and really complement peoples' needs.

Ideally make it like an #image file to put on a #RaspberryPi #CM5 / #CM4 / #Pi400 / #Pi500 / #Pi4 / #Pi5 to work with a bunch of #WWAN modules for #data, #SMS & #calling (needed with some SIMs to get shit done)...

Issues aside it's now 15 years since I started using #Tor / @torproject & @guardianproject / #Orbot on #Android full-time.

• Not just for #privacy, but because it acts as a #PerformanceProxy on #throttled #German mobile networks!

Because in #EDGEland they yeet users to 64kBit/s if not even lower to 16kBit/s past paid bandwith and instead of properly renegotiating the bandwith, they trottle connections by reducing the packet rate / dropping packets, making it as #laggy as a #GSO-based #SATCOM connection!

• On top of that, almost all #MNO|s & #MVNO|s illegally use RFC1918 Address space, *espechally 10.0.0.0/8 for #CGNAT, thus bricking #VPN|s and sadly @BNetzA doesn't really give a damn!