Political World Embraces Encrypted-Messaging App Signal Amid

>Current and former senior aides to Mr. Cuomo also have the app. So do City Council members Daniel Garodnick, David Greenfield and Corey Johnson. Other users are Howard Wolfson and Marc La Vorgna, aides to former Mayor Michael Bloomberg.

>Nearly a dozen officials or aides close to Mr. de Blasio are on the app, including press secretary Eric Phillips; Nisha Agarwal, who serves as commissioner for the mayor’s Office of Immigrant Affairs; and Dan Levitan, a political adviser.

>Dick Dadey, executive director of the Citizens Union, an ethics group, said he understood why politicians and their aides would seek to avoid a repeat of the WikiLeaks scandal. But he said that by using apps like Signal, they also could be keeping conversations private that should be made public under freedom of information laws.

>“There are consequences to our democracy when public officials or their aides are resorting to keeping their conversations private in this way,” Mr. Dadey said.

I bet the DNC doesn't use Signal.

File: 1483489690748.jpg (85KB, 640x502px) Image search: [Google]

85KB, 640x502px

mfw GPLv3

>>58682287
>I realized I needed a safer encrypted way to communicate—and NO I have never communicated with any Russians on Signal

"What are you pulling me over for Officer, and by the way there are no girls chained up in my basement"

>wsj.com

More like sjw.com

File: merchant.png (1MB, 4282x5000px) Image search: [Google]

1MB, 4282x5000px

>>58682298
>Daniel Garodnick
>David Greenfield
>Howard Wolfson
>Dan Levitan
>former Mayor Michael Bloomberg.

The chosen trust their fellow chosen (((Moxie Marlinspike))) to keep them safe.

Bitches don't know about my qtox

>>58682416
>qtox

enjoy your security holes

>>58682287
1. It requires google apps
2. Running your own server is not supported and they want to make it as difficult as possible.
3. the server gets metadata about which phone number talks to which phone number.

>>58682525
Enjoy, goy

>>58682287
>fears about hacking
hey trump its me, ur brother

>>58682287

Oh, I use that app. I enjoyed it.

I am still skeptical about the safety in the long run though.

1. How are they paying for the bill to host these servers?
2. Aren't they still a single point of failure? Why can't I use my own servers instead?

Is wire better ?

(desktop version available, Signals does not have one)

>>58683648
Wire uses the Signal protocol and is open source now so if you need the desktop client, go for it.

>encription enables terrorism
>but it's OK if we use it

>>58683735
To be fair, why would you want your enemies to plot against you in secret?

You always want the best for you and the worst for your enemies.

You think liberals are happy that Trump aides use Signal?

>>58683700

thanks.

Still nobody to talk to.
Converting others (family/friends/normies) to do so would be so tiresome för mig.

>>58682525
1 is not legit as you can use microg and google push is only used for device wakeup
2 and 3 are sadly legit

>>58683735
>encription

lol

>>58682525
Point 1 ID moot as there is a Google free version on f-droid. But the other two points are very real and concerning, resistance like especially the meta data part.

Tyпoй тpeд.

>>58683776
>>To be fair, why would you want your enemies to plot against you in secret?
Well we don't have a choice of "privacy for the Good Guys, but not for the Bad Guys" - however you define which groups are good and which are bad. The choice is "privacy for anyone who wants it" and "privacy for nobody". Well, privacy for nobody, unless they refuse to use the special backdoored crypto, which is a great way to hurt law-abiding people while not impeding criminals or terrorists.

>>58682358
He's just saying that he hasn't used Signal to communicate with Russians.

He isn't discounting any other method.

>>58682525
>1. It requires google apps
Strictly for GCM/FBM which, if encrypted before being passed to the methods, is just a carrier for the encrypted data and a robust push server network for delivery.

>>58684897
You're totally right. I'm just saying that it's ok to not want your enemies to have an advantage.

>>58683648
Wire is much better. Looks better, has more features, just as secure, and has a desktop client. Signal is trash.

>>58685432
Wire's desktop client isn't exactly what you want though...

>>58682287
>not using Conversations
Why?

>>58682436
>use cell phone
>bitch about security holes

k

>>58682287
I find it strange how they describe the key derivation process, but there's absolutely no mention of entropy sources.
Shit that's not based on passwords has to use a true random number generator to make keys, and most consumer devices don't have those.

>>58685965
How about shaking your phone for 30 seconds?

>>58686112
Did signal developers mention that?

>>58686138
No.. i meant how god a sourve of entropy would it be?

>>58686176
Probably pretty good but it would be faster to take a picture with camera and hash it.

What do you guys think about DIME from the lavabit guy?

What about matrix? https://matrix.org

100% Open source
Decentralized
Federated
Easy to run your own server
End-to-end crypto based on the double ratchet that has seen a formal audit
Main client (riot.im) has builds for windows, mac, Linux, web, android and iOS
Active, open development community on matrix itself

>>58686369
Oh yeah it also has bridges into other communication silos like slack, irc and telegram

>>58686369
>webRTC
dropped
>cloning discord UI
dropped x100000000

>>58686369
It's ok but doesn't have a real desktop client. Just a web one.

>>58686462
Huh?

>not federalised
>uses google services
>requires phone number for registration

>>58687481
*federated

>>58682525
>https://github.com/copperhead/Noise
Signal fork called Noise that supports running without GCM so that makes point one null

>>58682287
trump doesnt even use email, he has carriers

Why doesn't standard point to point texting use encryption?

Just use Threema.

>>58682525
>Point 1 ID moot as there is a Google free version on f-droid.
Are you sure about that? Moxie said that they wouldn't put it in F droid because they felt it wasn't secure enough and it lacks features necessary for making durable software

>>58682287
>Phone verification
>A shitton of permissions including location, camera and microphone for an SMS app

This thing's bullshit

>>58688486
>microphone
You can send voice messages.
>camera
You can take photos in the app itself to send.
>location
I don't know what it is using this for.

>>58687551
because standard texting was invented 40 years ago and even if it used encryption it would be obsolete/ineffective nowadays

>>58688656
you can send a google maps link with your location

>>58688780
Ah, I see, I didn't check the giant attachment button.

I'll leave it here: https://blogs.fsfe.org/larma/2017/signal-backdoors/
tldr; Signal is just your average botnet messaging app.

>>58683776
>You think liberals are happy that Trump aides use Signal?

I'm liberal

Why wouldn't I be? Why would I be happier if their messages were unsecure and exploitable?

>>58687521
>COPPERHEAD
Truly the GOAT android devs. I run CopperhadOS on my Nexus 6P and it feels so good to be finally free from the botnet. I don't use Noise though, I'm more of a Jabber+OMEMO guy.

Designed by a hair growing hippie faggot error a queer self-given name, and it need your phone number. Oh Edward cuck Snowden uses it, wow must be great.

That's enough for me to delete signal. I also recently deleted WhatsApp and have not looked back - now I see who my true friends are. I informed everyone of my move to Wire app

Yet only 2 friends have joined me with it. The rest can fuck off. Mostly bitches I've fucked in the past few years anyway

Wired ticks all the boxes security wise, and also has a great UI. Perfect

>>58688370
it's a fork
and moxie is overrated

>>58689694
>Designed by a hair growing hippie faggot error a queer self-given name

Just say Jew

>>58689297
So you can more easily exploit them.

>>58689694
The problem with Moxie is not that he is a kike, it is that he is an obnoxious know-it-all faggot that for some fucking obscure reason got elevated to semi-god oracle status by certain people in the security community.

Signal leaks metadata though.
That's pretty much enough to incriminate everyone if you actually need privacy.

Does anybody know of an IM solution that doesn't leak metadata?

>>58691113
XMPP + OTR/OMEMO + TOR

How does signal/wire make their time worthwhile? They make no profit...

>>58691649
They are open source and funded by grants and venture capital.

Why do you care if they profit when their software is FOSS? Do you see all other FOSS software making a sustainable profit?

>>58691113
Try Conversations on android or ChatSecure on ios. Conversations is far superior though!

>>58691849
>>58691211
What if I want synchronised chat history on my computer as well? (On all of Windows, OSX, and Linux preferably.)

I ask because this isn't just me using but a whole, um, political party. We're using Telegram currently and yes, I know it's not secure enough, but for my government it should be enough (for now). But I am looking to move my whole team's communication to something more secure in the long run.

>>58691849
Then I can't really talk to iOS users.

>>58691871
You want Matrix/Riot for that. It's a more team-based software anyway and is more secure than Telegram.

>>58691921
I am following Riot/Matrix, but it seems it's still a bit immature currently (the group chat E2E encryption is still iffy, and the whole E2E encryption itself is still unaudited, isn't it?)

>>58691211
true patrician's choice

>>58691787
If a company isn't making profit by advertising they are doing it by selling customer information.

>>58691933
True. I'd wait as well.

>>58691971
>If a company isn't making profit by advertising they are doing it by selling customer information.

So is Firefox selling your browsing data?

Is Signal selling your message history?

>>58691909
you can retard
they both work on XMPP

>>58682287
the creator is a massive faggot

it demands real world identification to use

The android version demands nonfree software for NO reason, and aforementioned Flamboyant McFakeName C&Ds anybody who tries to work around it

>>58691787
>open source

>but not open anything else

>>58692008
iOS doesn't have as good an XMPP client as Conversations on Android.

>>58691871
You need a server which supports message carbons (XEP-0280) and message archiving (XEP-0136).
I never used the latter tho, so I can't be really sure about that, maybe that's not the right XEP.
Be advised that to use end-to-end encryption right technology illiterate people need some training, the shit we are talking here (Conversations, OMEMO, etc) will look like rocket science to the average political science graduate.

>>58691113
Phone numbers aren't metadata. Anybody who compromises Signal's servers has complete knowledge of the real world identities of users, who is talking to who, etc- everything but the messages. Why? Because the kike who is hailed as a scion of security THOUGHT PHONE NUMBERS WERE ANONYMOUS.

>>58692039
says literally in the post you replied to >>58691849

>>58691971
You forgot the third option: they are making money by being paid by the government to monitor high-priority targets

Did you use your real, actual phone number for Signal? Congratulations, the government has a list of everyone you've been talking to and how much.

>>58691999
yea sure point out a few edge cases to try and invalidate my argument. A few non profits doesn't mean most companies are for profit.

>>58688370
faggie mcfakename shut that down ages ago

>>58692138
>Congratulations, the government has a list of everyone you've been talking to and how much.

Even a terrorist wouldn't give a fuck.

>>58682374
haha epic....

Considering DNC was compromised through internal leaks and social engineering, I don't think this is going to help at all.

File: c0a4e2af1bf907e0eccc0ac19ac8ff2d23c29e065a73465f5734d7e66359c2ab_1.jpg (34KB, 671x693px) Image search: [Google]

34KB, 671x693px

>mfw i use silence

>>58692996
Silence is fucking great software, they are even working on adding XMPP support.
I have mixed feelings about having a single app managing both SMS and XMPP chats tho.
SMS is the definition of insecure shit while XMPP, if used the right way, is by far the best instant messaging protocol.

>politician's are ignoring that a lot of the Clinton mails were encrypted with PGP
It's not about tech, it's about having trusted people around you and not pissing the shit out of them

File: full.jpg (83KB, 1280x852px)

83KB, 1280x852px

Aren't politicians supposed to use one time pads for serious shit?
People are so spoiled these days.
I bet most of them prefer voice to text systems like a bunch of morons.

>>58693296
I'd rather keep all my apps separate

Anything that runs on a proprietary operating system, especially on a mobile one, is not safe from spying. Nothing stops Google or Apple from keylogging your inputs or taking screenshots of your activities without your knowledge or consent. Even if you have access to the source code of the application itself, it doesn't change the fact that you're using a botnetted operating system to run it.

>>58695960
Your Linux isn't safe either, goy.

>>58696704
Hack me faggot, my ip address is: 127.0.0.1
Kill yourself.

>>58684102
>microg
You have to recompile the kernel to use it iirc

>>58684354
Libresignal is no more. It was deleted from fdroid because this Moxie faggot wants to have full control and doesnt want forks with "signal" in their name. More importanyly the said faggot doesnt want forks to use his servers, and atm the old libresignal build doesnt work anymore.

>>58690086
That fork is no more

>>58684524
Couldnt translate it, huh?

>>58691871
If anything don't use Telegram, thats abhorrent. You will need an xmpp server set configured to support 'modern' XEPs such as MAM and Carbons for the functionality you seek. You can then Conversations on android and Gajim on Lin/Win. This is for a fully self hosted, secure infrastructure with the ability to sync and do e2e encryption. Add raz0r @ conversations.im if you need more halp

>>58697672
I dont like the interface of gajim
Not that anon

>>58697672
And you forgot to mention ChatSecure on iOS

>>58697672
By the buy, does conversations support e2e MUC?

>>58697762
Gajim ui is quite bad indeed. However its the only x-platform client that can do OMEMO, MAM, Carbons, Http upload and inline images.

Is there any solution capable of voice calls?

>>58697795
It does if the muc is private and non-anonymous

>>58697810
I wonder what makes it so bad. I cant explain it.

I wish pidgin and psi plus supported all that stuff...
I think pidgins going to get omemo support by mid 2017.
Btw theres a Profaniert omemo plugin incoming.

>>58697820
Cool. I wonder if they are going to implement voice call functionality as well.
Atm one has only two options for voice chats - Signal (redphone) and mumble

>>58697855
https://omemo.top to see current support status / plans

>>58697855
>>58697892
if you wanna talk more about this tech add raz0r at conversations.im and I invite you to our /g/muc

>>58697502
no you don't.
How did you find /g/ if you are this tech illiterate
>>58697543
Works on my machine :^)

>>58698136
Well, I launched mine one of these days and it basically said it cant function.

>>58698136
https://sandervenema.ch/2016/11/why-i-wont-recommend-signal-anymore/
As for microg I took it from this article

>>58698136

There is a way to use Signal without depending on GCM, but that uses microg, and that asks people to basically re-compile their kernel (at least I had to in my case). This is not something you can ask of non-technical users

>>58698173
>>58698301
>>58698350
Turns out the retard is the one who wrote that article.

I digress about signal though. Silence is exactly the same minus the dependencies on the botnet.

>>58685125
u still need to have all the google blob blackbox shit on your phone

>>58687481
this

>>58689240
thanks, good reading

>>58698375
Having googled it

The installation requires signature spoofing, which can be enabled in a number of ways
https://github.com/microg/android_packages_apps_GmsCore/wiki/Signature-Spoofing

It doesnt really require recompiling but still is far from being straightforward for regular users

>>58692018
yiss

real spies go to the water fountain in the public park to communicate secret info.

The water noise is white enough t drown out what you are saying.

Only luserz use signal.

>>58698569
No where does it tell you to recompile your kernel.

Retards seem to latch on to recompiling a kernel as some sort of magic that solves all problems.

>>58682358
>and NO I have never communicated with any Russians on Signal
How would they know if it's so secure?

>>58697957
Are you sure you dont have some privacy settings blocking subscription messages and incoming messagesfrom jids not in your roster?

>>58682287
>Political World
>Embrases a (((Google-services))) botnet app made by a jew

wew

File: conversations_logo.png (31KB, 388x388px) Image search: [Google]

31KB, 388x388px

>>58685740
Came here to post this.

If the (((corporate/propaganda))) media are shilling this, you can almost guarantee it's shit.

Use XMPP instead, it's been around forever, open protocol, decentralized, choice of numerous clients on pretty much every platform (as mentioned, Conversations is very nice on Android and available in F-Droid). And with OTR you have end to end encryption.

File: 1458628824037.png (10KB, 429x431px) Image search: [Google]

10KB, 429x431px

>>58687481
This

Use XMPP with OTR instead (Conversations / Pidgin, etc.)

File: 356437584526447.png (267KB, 420x420px) Image search: [Google]

267KB, 420x420px

>>58689204
>trusting Google

>>58682383
can you not

File: 1417193925198.png (330KB, 330x319px) Image search: [Google]

330KB, 330x319px

>>58682287
>Obama and Clinton are users

HAHAHAHAHAHA

After Obama had the world's largest surveillance program, that Snowden revealed

>>58699777
It's only from a technical perspective superior.
user experience is inconsistent as fuck
definitely not foolproof
OMEMO needs wider client support

>>58697778
Is it still being developed on iOS? Because it's not on Android.

I used to use ChatSecure. They stopped developing it and recommended Conversations instead. Been using that now and really happy. It's a nice client, less buggy than ChatSecure was. You can tell it's more mature software. Easy to use, too.

>>58682287
Every "encrypted" messaging/email app that is allowed to exist by the government is already compromised.

>>58699980
>the guberment
not everyone lives in some shithole like amerilards or bongs

i prefer this
https://en.wikipedia.org/wiki/IPoAC

File: IMG_20160709_210501.jpg (3MB, 5312x2988px) Image search: [Google]

3MB, 5312x2988px

>>58699980
Hmmm, I wonder who could be behind this post. jpg

>>58700026
America is tapped into every fiber cable in the world, this was officially revealed in snowden docs.

>>58700083
Why would the nsa admit that there is no secure app?

File: 1403771783402.png (170KB, 550x689px) Image search: [Google]

170KB, 550x689px

>>58700209
>Why would the nsa admit that there is no secure app?
Disinformation to make you lose hope and say fuck it instead of encrypting your shit.

Why would I use signal when I'm already using silence?

>>58700526
Then don't post here you dumb nigger

>>58700603
It's a legitimate question you fuckwad, that's why I'm posting.

>>58691933
e2e has been audited actually

https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last/

I wish there was a good messenger that normies would use that is also secure.

>>58682287
I'm okay with this if it'll make Signal get more traction and popularity.

>>58699907
User experience with Conversations is p.much foolproof and consistent

>>58699956
It is, because recently it has gained omemo support

>>58682337
kek, everytime

Isn't open whisper systems NSA in disguise?

>>58700738
no its not

>>58702601
Pretty much this.
I use Signal but no one I know does, so it's just a Messaging replacement.

>>58699777
fantastic_comment, get out

>>58703822
no

>>58701364
Whatsapp is somewhat secure. Unless you are specifically targeted for doing something very suspicios

>>58702601
Signal requires your phone number, lacks some features and is somewhat centralized. There are better options out there.

>>58704507
Conversations?

>you're making this thread every day now

No security service that demands you real identity as a prerequisite for using it is worth using, and no designer of such as system can ever be taken seriously

Faggie Fakenamestein is not your friend.

>>58704555
Wire, mostly, which is normie friendly and has all the features you'd want. It's basically an encrypted Skype.

And if you want fully open source decentralized stuff then there are some options too, but not so normie friendly.

>>58704459
>owned by Facebook
Moot point

>>58703061
Yes it is because they are both based on the same project.

>>58705202
It's not a legit question because it is based on the same project you dumbfuck. There is no need to ask why you need to use the original.

>>58691871
We found a Kirchnerista from Argentina

>>58706000
>There is no need to ask why you need to use the original.
>Two different projects, are the same exact project
This is what you sound like.

>>58704614
>a moot point
A point by Moot: 4chan is pseudo-anonymous, but if you get in legal trouble he has no problem providing information to authorities.

The same is true for WhatsApp, but it is indeed secure so-long as the phone isn't compromised, and neither side discloses their key via the "report" feature.

Read a fucking White Paper.

>>58699777
+1

>>58706759
They are the same

>>58692043
what kind of training? i am interested in these things but my knowledge is lacking too much for me to pick one other then based on these types of discussions

>>58691999
>So is Firefox selling your browsing data?
It does by default. But you can disable that in about:config or by installing one of the forks.

What's the difference between OTR, OMEMO, XMPP and conversations.im?

>>58687527
You mean he is using RFC 1149? What a bold choice.

https://tools.ietf.org/html/rfc1149

>>58682374
WSJ is a right-leaning news outlet