Great. Now what the fuck am I supposed to be using?

>>56727902
XMPP + Conversation + Omemo.

>mentions tox
>call me a monkey
>deletes post
why'd you delete your post, you monkey? when was tox's last audit?

You shouldn't be using a cell phone at all since it's easy to track.

>>56727971
I have a life.

use whatsapp or signal? lol

>>56727902
iMessage obviously

>>56728014
>lol

>>56727902
Signal

>>56727902
>Telegram

I don't mind Russians having my data.

Anything I do as long as it's not against Russia, they're will be fine with it.

Is known where exactly Snowden is? He must be behind 9k proxies when tweeting or something.

>>56727902
Can someone justify this claim

>>56728108
lol what?

>>56728111
This, trips have spoken.
It's well known that Snowend is literally an illiterate

File: 1445726559014.jpg (187KB, 530x424px) Image search: [Google]

187KB, 530x424px

>>56727902
Use Bitmessage, a distributed protocol with no central authority.
>mfw no one can MiTM me
>mfw Bitmessage runs in a separate Qubes OS container
https://bitmessage.org

>>56728107
It's the US gov that has it all. AFAIK the servers are in the US so the US can grab all the traffic, and it's been shown that there is a high probability their cryptography is broken. The creator is NOT a cryptographer and he broke the #1 rule of crypto which is "never roll your own crypto." He's also said some really, really stupid things in the past

Use Silence

what's wrong with telegram? /g/ told me it's better than whatsapp in terms of security

what is the official /g/ telegram group?

>>56728146
Eh, I don't care either way.

Only messaging app i use is normal sms messaging and I only talk to my family because I have no friends :(

If USA wants to know when I'm coming home or am I depressed, feel free to have it.

>>56728107
>buying into FSB botnet created to gather intelligence on ISIS when there is a superior Chinese botnet called QQ

File: baka.jpg (40KB, 500x382px) Image search: [Google]

40KB, 500x382px

>recommendations for signal, imessage, and whatsapp

It's "by default". Just create a secret chat.

telegram has been shit for a while ive been watching people foolishly use it.

>seriously using (((tox)))
https://news.ycombinator.com/item?id=9036890

I cannot put into words how much I hate Edward Snowded. It is clear he is just an attention whoring faggot.

>>56727926
this is the best way to go

>>56728012
nobody gives a shit what you tell your friends

if you want to do anything privately, cellphones are out of the equation

>>56728150
NO

>>56728169
Nothing to hide... Nothing to fear...

>>56728230
>linking to the debunked shitpost
>not linking to Tox's vulnerabilities

>>56728256
Really?? I didn't notice that...

>>56727902
Wire. You know it's good because it's Swiss.

File: turtleneck.jpg (26KB, 730x280px)

26KB, 730x280px

>>56728256
>using a chat client that rolled its own
>using a chat client from the same guy that did vkontakte
>russian facebook
PATSY

>>56728316
is it on f-droid?

>>56728043
>rofl

>>56728316
What's the catch with this one? It looks like it has everything everyone wants and is E2E encrypted, but no one ever talks about it.

>>56728108
He's in Russia dumbass.

>>56728300
Kys NSA fag

>>56728438
There is no need to upset. =D

>>56728164
That's just an example, but Telegram for macOS logs every sent message in a cleartext file.

>>56728317
turtlenecks and babyskin are two signs of a person you can't trust.

>>56728150
This. Use Silence you fucking faggots. Stop using compromised app like Telegram/Signal/WhatsApp. If an app is too mainstream you could bet it has a lot of backdoot.

>>56728522
>signal
>compromised
citation needed, please.

>>56728517
I've never realized that, but it seems about right.

Savoir Faire Linux's "ring" is a mature equivalent to tox, made by a respectable consulting company. It's p2p, e2e encrypted, distributed and GPLv3 licensed. It's a perfectly good alternative and its client is SIP-compatible.

>>56728302
Just my depressing life.

>>56728572
And it's on F-Droid, for those who care.

>>56728545
Google dependencies. Need I say more?

>>56728522
Security on mobile phones is non-existant, though.

A crypto-anarchist friend of mine recommands me to use separate hardware (Raspberry Pi 2, Raspberry Pi Zero, SPI wiring, separate keyboard and wifi card bought as a "lot" in a hacker space) if I wish to talk privately through Bitmessage.

FOSS hardware (building your own code in an FGPA board) is an option too.

However, NSA-proof security on iOS, Android, BlackBerry, Firefox OS, Sailfish OS, Windows Phone 8, Silent OS, etc.: in the trash it goes.

That approach is a bit extreme, but I still wouldn't trust my mobile device though. And remember the Internet is made to share data, not to keep it secure: secure communications on 80 and 443 ports go in the trash as well.

File: question.jpg (31KB, 736x460px) Image search: [Google]

31KB, 736x460px

now serious answer only:

DOES end-to-end actually work for whatsapp, viber or telegram? telegram supports it for secret chats, and their website swears that nobody else can intercept them. but so does every other service offering end-to-end.

but then you read how terrorists get busted by using telegram that intelligence services have busted them with by using

>>56727926
>not normie friendly
>slow as fuck file transfer
>incompatible with anything else because omemo isn't widely supported
>server choice is luck and greatly affects user experience
no thanks.

>>56728137
Been using it for a while. Comfy af. Needs audit tho.

>>56728679
File transfer is as fast as the network allows it to be.
Everything else you are right, it's not hard to use but definitely not as plug-and-play as whatsapp.
As for the server I personally use ejabberd, it has great documentation and never let me down in the past years.

>>56728880
when i tried xmpp+conversations the file transfers were abysmal (but stable) 20KiB/s.
how are file transfer connections established? does cell provider NAT prevent fast connections?

>>56728111
WhatsApp has end to end encryption enabled by default, whereas Telegram has encryption to Telegram's servers but you must turn on end to end encryption manually. His claim is in this regard WhatsApp is more secure for people who are too stupid to know how to enable end to end encryption.

>>56728952
See >>56728500

>>56727902
read his fucking answer you idiot
>By default, it is less safe [...] dangerous for non-experts.

Use Telegram but use secret chats if you don't want anyone to read your messages.
Its crypto is said to have weaknesses, but as long as you aren't Joe Terrorist nobody will spend the effort to decrypt your chats.

I fucking hate how everyone claims just because Telegram doesn't encrypt by default it's unsafe.

>>56728653
those terrorists got busted because the gov intercepted sms authentication.
If they had used secret chats and verified the keys in person, like your supposed to do, they wouldn't have got busted.

>>56728946
What server did you use?
Ejabberd limit bandwidth usage for normal users to a very few Kbyte/s for security reasons.
However in the config file it is possible to add custom bandwidth shapers to increase the maximum bandwidth usable by a single user.
It is also advisable to use a socks5 proxy to speed up file transfer, in the case it isn't advertised by the server Conversation will revert to some very slow file transfer method (IIRC it converts the file in base 64, sends a small chunk of it at a time and always waits for ack before sending the next chunk).
Ejabberd already embed a socks5 proxy but it must be configured properly.

>>56729090
i used some random public server with good availability (turned out to be a fallacy). i don't have time for hosting and maintaining my own server.

File: Vkontakte.png (44KB, 1662x413px)

44KB, 1662x413px

>>56727902
VKontakte

>>56728500
is that bad? if the file is yours it doesn't matter. if you don't want to keep it just shred it

>>56729243
>Encrypted communications are logged in a cleartext file on your computer
>Is it bad?
Y-Yes

>>56728146
xor with a random letter of the developer's choice is all you'll ever need :^)

>>56729272
but it's on your computer, you're in complete control of it. you could literally just set up some shitty cron job that clears it every 30 seconds and you'd still have 99.99999% of your resources left

>>56729322
Are you telling me that the target Telegram user case knows what cron is? I bet 2/3rds of the people who're gonna to use it are forensics and black hats.

>>56729351
* who're gonna use it, my bad.

>>56729351
That's their messages, your'e already willingly giving up yours to them though, so if they want to give them away you're already fucked.

>>56729433
This is another point that's wrong with them indeed, but not the one I was referring to.

>>56727926
Also don't forget OTR plugin.
https://otr.cypherpunks.ca

>>56729194
This to be honest.

Vkontakte is the only social media I have
and even that I only have to communicate with the Russian and Ukranian шлoхи

>>56728164
Telegram is known not to be secure since the French/Belgian terrorist attacks.

sms just works

>>56728391
>no one ever talks about it.

That's because it works. (((They))) would rather you used broken shitty messengers that seem to have a lot of push behind them.

>>56728164
It isnt

Whatsapp is better, just stick with it.
Or use whatever the fuck you want and stop looking for approval.

>>56727902
>>56727902
Signal
whatsapp has implemented the signal protocol too
app is completely open too i think
not sure about the server side but could be too

>>56728600
>That approach is a bit extreme, but I still wouldn't trust my mobile device though.
It's not extreme at all, anyone knows that phones are severely compromised, even if you trusted the NSA and your phone manufacturer to not put backdoors most phones have serious CVE's related to the unmaintained closed source drivers

>>56728180
All of them have much better security for the tech illiterate than Telegram
>>56732014
>app is completely open too i think
It is
>not sure about the server side but could be too
It's open but the main dev of Signal doesn't want you running your own server, he doesn't federate with other servers aside from his own

File: tmp_9989-1473280111428-923838821.jpg (146KB, 1500x1500px) Image search: [Google]

146KB, 1500x1500px

>>56728587
Do you know how GApps works? If you did, this debunked argument of "MUH GOOGLE DEPENDENCIES" would no longer plague you mouth breathing retards.

Learn how it works.

>>56732599
>mouth breathing retards

The irony. You don't know shit.

>>56732658
The real irony is that hes right and people that run Android without gapps are fucking morons.

File: tmp_9989-1474123038531387006896.jpg (15KB, 400x244px) Image search: [Google]

15KB, 400x244px

>>56732151
Moxie (Dev of signal) doesn't mind others running instances of Signal and redistributing it under a different name because the software license allows it.

He doesn't federate (share user Base) because it's a clusterfuck for development as you've gotta coordinate with all the other companies which can be a bitch and time consuming. He tried already with Cyanogen when they were the main ROM provider for Oneplus One. Cyanogen fucked up multiple times and it held back development. I know because a friend of mine used their version of signal and it would be unreliable as fuck.

Tl;Dr - Use signal.

>>56732658
Explain why I'm wrong you fucking jew

>pro tip: I'm not so kill yourself

>>56732734

>Explain why I'm wrong you fucking jew

Because you ain't right you fucking nigger. Explain to all of us why you're right.

I'll save you the reply: you can't and I thought so.

>>56727902
>year 2000+15+1
>taking security advice from a KGB agent

>>56727902
>posts something completely out of context
>asks for alternatives

File: tmp_9989-1473279067758-1874535785.jpg (47KB, 500x683px)

47KB, 500x683px

>>56732765
OK here we go you successfully baited

Http://support.whispersystems.org/hc/en-us/articles/213190817-Why-do-I-need-Google-Play-installed-to-use-Signal-

>Why GCM is the only option to serve the signal users

It doesn't matter what pipe the data goes through as the messages are encrypted end to end.

it uses this https://developers.google.com/cloud-messaging/

They just use GCM to wake the phone once there is a message from the SIGNAL servers.

The worst Google could do with GCM is find out how often you connect and receive messages. Not even from whom just that you get messages and how often.

Answers your paranoia?

>>56728679
It is normie friendly . faggot

>normie
>faggot
>nigger
>jew
>hurr durr i've read the revision history on all these chat apps, I know more than U
is there a better chan yet?

>>56732974

I don't think that was what the other guy meant. Of course if the communication is end-to-end it shouldn't matter one way if GApps is there - that just means the content is encrypted and your communication is private.

What he meant was that GApps is closed source and is constantly checking in with Google:

>The trust in Android for its security and openness is unjustified. While AOSP Android is truly open source, the Google apps (and especially, Play services) are not. Thus it's impossible to determine what these components exactly do and which data is transmitted to the Internet without you knowing.

http://www.augmentedmind.de/en/articles/android-without-google.html

Even if you trust any part of the GApps to not be recording everything typed in some fashion (it is Google after all), there is still more metadata being gathered between the users using GApps on their phones.

Trying to eliminate GApps is removing a point of failure, a black box. It's almost analogous to the Management Engine on chinkpads. Yes, we know what Intel says it's for, but it is a massive unknown and could be used for basically anything.

>>56727902
>WhatsApp
>owned by Facebook
>Safe

Kek

>>56733140
Yes I see what you're saying and I completely agree.

However he's isolating the GApps and signal issue as if it renders any encrypted chat app useless.

The intel management is a very deep subject but yes we agree :-)

>>56733140
He said signal was compromised BECAUSE it uses GApps. See what I was objecting to?

>sabotage government program
>put national security at risk
>steal top secret information
>run away to foreign enemy nations like China and Russia
>sell said top secret information to foreign nations
>treated like a celebrity
>talks like hes some messiah and thinks his opinion matters on everything
>everyone eating it up
he cant keep getting away with it

>>56732974
>>56733268
The problem for many of us (as >>56733140
began to explain) is that we don't use gapps in the first place. Signal is compromised in a sense by requiring it, even if "it doesn't matter which pipe it goes through".

Besides, if it really doesn't matter, why send it through Google's and not one that we can place some amount of trust in? Why shut out the people that are actually diligent about their security?

>>56727902
low level contractor has opinions on things.. i lold

Retards itt be like
> "what is secret chats"
>what is password authentication
You are more stupid than whoever fucked up using it

>>56733318
Theres nothing wrong with google notifications. They cant possibly learn what ur writing in chats. Besides theres Signal without it and its working fine

>>56733335
Hes right in that telegram is not secure apart from verified secret chats which retards like op cant comprehend

>>56733493
>didn't even read the thread

>>56733573
I glanced thru. There s only 3 occurences of the word secret.

>>56733493
secret chat is not supported on windows

>>56733623
the other services don't even have a desktop version.

>>56733707
wire has :^)

>>56733623
Use Android VM

>>56733911
>Use Android
>expect privacy

>>56727902

>listening to a traitor and a snitch giving advice on how to keep secrets.

/g/ has really gone down the drain

>>56727902
B-but muh pony porn sticker pack

iMessage. However, it doesn't matter what YOU want to use, the other person has to be using the same thing. I can't iMessage someone using Telegram.

>>56734427

>tell people how tyrannical their government reall is and risk your way of life forever doing so
>traitor

Thank you for Correcting the Record.

File: torsignal.png (69KB, 672x376px)

69KB, 672x376px

https://twitter.com/Snowden/status/778592275144314884

I trust that's simple enough for you.

No, they are both not perfect, in significant ways. But yes, they are the best we've got right now.

WhatsApp's encryption is just as good (better at link-level, because Noise), but it's a huge shame about the Facebook phone number disclosure thing, I'd have to withdraw any recommendation due to that. It's still a good thing that they have the encryption, for the like a billion people who do use it anyway.

I've been meaning to take a closer look at Wire, and I'm sure I will at some point. I'm cautious and guarded about the possible startup exit plan/incredible journey to come and their nebulous plans for eventual monetisation. I think that'll end in tears in some way, even if Wire were technically perfect. (Hell, I trust LINE more about that - at least they know the Japanese and weebs will always buy cute stickers.)

>>56728952
Also MTproto is absolute shit.

>>56732974
That does allow for a carefully-positioned passive attacker to build a complete connection network graph, but none of the things discussed in this thread have any metadata protection anyway - that is a Hard Problem, still currently unsolved. I am working on it, but it will be years before anything I am working on will be ready for anyone to use.

>>56728164
Private encryption protocol, basically
> it's a reliable encryption system, trust us!
Signal and whatsapp are the same open, audited, proven protocols.

>666+666+666+6+6+6
>Having friends

>>56728168
One that you're not allowed in.

>>56735444
you mean the one with that poo in the loo that keeps shitposting all the time and that gurofag?

>>56727902
Is signal actually more safe if no one I text also uses it? isn't it just another party that has my texts that way?

>>56729272
Mate if you can read it, it's somewhere on the phone unencrypted.Encrypting communications is about keeping the line secure, not the phone. Use full disk encryption if you need to secure the phone as well.

>>56734716

>Also MTproto is absolute shit
Citation needed

>>56734716
Whatsapps closed source, innit? Who knows what their encryption really is?

EFF says Telegram is better than Whatsapp

>>56736300
P sure there was a blog post or whatever written by the guys behind signal when they saw whatsapp's implementation of the signal software, and they said it was good.

>>56736415
Who knows whats really inside that apk now?

>>56736453
of course they could have removed it, but they have no incentive to after putting that much work in.

Use Tor. Use Signal.

>>56727926
>omemeo

>>56736508
>Use Signal.
even if no one I know uses it?

>>56736486
They may have inserted a backdoor heartbleed or logjam style

>>56736577
those were bugs, you idiot. in software that the developers definitely saw the git logs to when they did the audit.

>>56736604
I didnt say they were intentionally left backdoirs. Anyway, for all i know it could have been deliberate.

What i meant with " heartbleed style" is that there are ways to totally bork an encryption program.
You should learn to read before resorting tocalling people names.

>>56736547
What if no one you know uses it because no one they know uses it?
It's better than most sms apps anyways.

>>56728391
asks for phone number

anything that does that is a botnet fampai

>>56736680
then you use whatever message app they use while trying to get them to convert

I have people that use GroupMe, WhatsApp, Telegram, FB Messenger, and plain old SMS
always trying to get people to move up

>>56736663
The lib is open source still, faggot.

>>56728422
Wow, that really narrows it down.

>>56729243
Yup, Dropbox can listen in on it.

>>56728422
>>56736855
>>56728108
Moscow

Here's what I want to know. WhatsApp says they can't read your messages. That means there's an encryption key that they don't have that resides in your phone.

>message person
>keys get exchanged
>whatsapp has copies of the keys

If the key exchange takes place through the servers of the company, they can promise they have end to end encryption and the message can't be decoded en route, but you cannot assume they can't just reach into your app and grab your encryption key.

PGP is the only way /g/entlemen

>>56727902
Snowden uses Signal if you like him so much

Why don't you marry him u queer

>>56727902
Just make a secret chat and enjoy your gf nudes, fagtron.
He said >by default

>>56729194
this

is wire on AUR or do I need to use their shitty build from source on (((github)) using (((node.js))) and (((grunt)))?

>really feels like i'm a web developer

>>56729040
>just because Telegram doesn't encrypt by default it's unsafe.

Yes, that's literally what is meant by the usage of the term "unsafe" you fucking moron.

>>56737346
Does signal have desktop support?

>>56737433
>>56737985
How do you enable end to end encryption in telegram? Couldnt find a setting.

>>56727902
>Less secure than WhatsApp
Including whatsapp store data on google clouds
>Telegram is le Russian botnet
Including telegram made by brothers to cover them from FSB

Face it: Snowden is pussy
>>56733302
And this

>>56739435
New secret channel?

>this level of insane OCD over muh privacy like we're all state spies
Just stop using shitty social media products and starve the beast, retards. You don't need a triple-hextuple GPG-quad HSS OpenGLGiganigga XJ-9-signed fifty bypass morse code IM client stored on a disintegrating pen drive to talk to Kyle from math class about Pokemon. Fuck me people are dumb.

>>56728164
Well /g/ was wrong again and said something retarded

>>56728184
The thing that's supposed to make "secret chats" "secret" is broken, is what we're talking about here.

>>56728517
Somehow I feel you have terrible acne

>>56735513
I was talking about a computer, and the fact of the screen prompt being unencrypted is a known risk factor; but that's not the same thing as logging every communication and keeping it stored in cleartext on the computer by default.

I severely doubt users would use it as it seems to be "hidden", there remain black hats and forensics. Great.

>>56739985
Yeah wtf russkis, I thought you knew better.

>>56728107
Telegramm has stopped operating out of Russia long ago mainly because russkis wanted data from Pavel.

>>56732703
sup, moron here
how's your battery life? do you share your activity feed with your spouse and kids?
>"okay google"
>"hairy transvestites in my area"
>of course i want to share my wifi password with jewgle, someone will fine them for 7 million and they'll pinky swear to behave

>>56732713
moxie is butthurt about people forking nongapps versions, and anally invades every single attempt made so far

>>56728164
Snowden will only recommend software that encrypt stuff by default.
And telegram encryption is shit anyway.

>>56741145
that's just for show because he needs to please google and the cucker government

deep down he is rooting for them to succeed and we all know it

File: 1445466957634.png (626KB, 400x400px)

626KB, 400x400px

>((Edward Snowden))

>>56741434
My golden rule is 'If it's on a list of things the British government wants to ban or have backdoors to then it's good to use'

>>56728091
That's just the Google botnet in disguise

>>56728500
Apple users deserve to be spied on

>>56742658
iMessage is the most secure chat app of them all. Only Apple devices have this.

File: 1445166042676.png (1MB, 989x1334px)

1MB, 989x1334px

>>56728137
>Qubes OS container

Can't get my fucking normie fag friends to use anything but Facebook Messenger reeee

What about the Discord botnet?