Does that mean that other apps like signal for example have back doors?

Do criminals have a knowledge of exploits in the recommended messaging apps?

  • Ephera@lemmy.ml
    link
    fedilink
    English
    arrow-up
    13
    ·
    20 days ago

    I’ve definitely also thought about, if our government gets taken over by fascists, how do you organize a rebellion?

    And yeah, Signal definitely has some weird fucking shit going on. As far as I’m aware, they don’t allow you to use their centralized servers, if you don’t use their provided build of the app. They don’t seem to have a mechanism to enforce that, so you could still use a self-compiled build, but if all your friends are on a compromised client, you can’t talk to anyone anyways.

    Well, and then there’s also the great stupidity that Signal requires a phone number. In my country, you can’t sign up to a mobile phone plan without revealing your full identity. If the fascist government realizes that I’m part of the rebellion, they can make my phone number disappear in unfortunate circumstances.

    So, yeah, I’d at least want to self-host the communication platform. I’d probably use an existing open-source solution, but would try to audit at least part of it…

      • Ephera@lemmy.ml
        link
        fedilink
        English
        arrow-up
        7
        ·
        20 days ago

        I thought I heard so, too, but when I tried to research it, all that came up is that you can publicly hide your phone number and instead give people your username, but you still need the phone number for sign-up. I really do not know, though, if search engines are failing me again…

        • Cheradenine@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          5
          ·
          20 days ago

          That’s correct, you still need a phone number for sign up. between contacts you can use usernames.

          So Signal has your phone number, your contacts only have it if you use your number instead ofgiving them a username.

    • Mikina@programming.dev
      link
      fedilink
      arrow-up
      2
      ·
      20 days ago

      I think that simply knowing about PGP and using it with traditional platforms will go a long way. If you add some steganography to the mix, it can go a long way.