Some are quick to promote apps as being safe for your use just because they are encrypted. I will talk about how many of the popular apps that are commonly t...
No, this video talks about the tiniest bit of metadata leak as if it’s the end of the world, when it isn’t.
Putting all the apps at the same level is complete bullshit. Telegram doesn’t even really do E2EE (it’s off by default and only available for a fragment of the features provided by Telegram), and ProtonMail and Tutanota are completely different from Signal with regards to what they protect from.
His solution is to self-host emails. That’s out of reach for 99.99% of internet users, and doesn’t prevent any form of tracking. If you self host, you may be able to create infinitely many emails but they will all be identifiable to you because they all share the same domain name… If you use a VPS to host your email, your host can also access your running VM and all its data and there’s nothing you can do about it, or even detect it.
ProtonMail, Tutanota, Signal are not designed to help you detonate a nuclear bomb in new york. They’re designed to prevent the NSA from doing mass surveillance. And if you suddenly become a high value target, government agency might have access to some metadata through them, but that’s true for almost any service you use, and those are going to give them much less metadata and are much more likely to try to fight in court to avoid having to share it.
This video also completely ignores the fact that at some point humans play a role. Even if everything is encrypted and no metadata exists, it is still very easy to just trick your friends and family to give away info about you. Unless you live in the woods with no contact at all, it will be much easier to just go through real people than breaking into theses systems relevant xkcd.
People (including me) do say just use Signal, because I’m not talking to Snowden, I’m talking to random people who don’t know shit about computers and theses services are a very easy way to reclaim a lot of privacy without sacrificing features. Even I don’t bother hosting my own stuff or refrain from communicating with other people just because they’re not using tools that are way too complex for the normal user and lack features that every other service offers…
He does mention that he self-hosts and uses it to talk only to people on his own network, but in 99.999% of people that will mean only talking to themselves…
I think you are not the target of this video. The target of this video are people who do not think about threat modeling at all and just assume it is safe to use because e2ee and Signal marketing BS and continue using these services the exact same way as they used gmail or Facebook messenger before. And he is right to point out that that immediately invalidates most of the privacy benefits due to metadata leakage.
And he is right to point out that that immediately invalidates most of the privacy benefits due to metadata leakage.
That’s just not true?
Switching from Messenger to Signal will always be a huge step up regarding privacy and security, no matter what your threat model is. Some metadata potentially (we don’t have any evidence that Signal has ever leaked anything) leaking is much better than knowing your metadata (and data) is being used to track you constantly…
I think you are not the target of this video. The target of this video are people who do not think about threat modeling at all and just assume it is safe to use because e2ee and Signal marketing BS and continue using these services the exact same way as they used gmail or Facebook messenger before
What? If someone doesn’t think about threat modeling I either explain it to them or build a reasonable model for them. I don’t tell them to go live in the woods because otherwise there is one bit of information about them that might leak…
I think an important difference is that we are comparing companies that definitely sell your metadata to companies that could sell your meta data but where there is no known case (to me) that they actually do, e.g Signal. So it comes down to trust.
Not really. One of the main points he makes in the video is that phone-number use in an inherent metadata leak and even without Signals involvement it can be used to reverse track a social graph without you being able to do anything about it.
And this is not a theoretical threat either, something like that was done to identify democratic activists during the recent Hong-Kong protests and put them in jail.
You (as aggressor) scan all your known mobile numbers agains let’s say Signal and discover that some numbers use Signal. That I understand. But now what? Unless you are the company Signal you would not have access to further data, or ?
Sure you can easily get further data by for example asking the phone companies for cell-tower log-in location and times. This you can then narrow down against your list of Signal using suspects and either remotely infect their phones with a trojan or simply snatch up the hardware at a “random” police check and access the already decrypted messages with identifiable phone-numbers of all the group-members.
Compare that to a messenger that does not use phone numbers at all and even does not transmit network IDs to other group-chat members. Then the police has no idea who to target and no reasonable indication that could be used with a judge to get a search warrant either.
And this is not a theoretical threat either, something like that was done to identify democratic activists during the recent Hong-Kong protests and put them in jail.
Which is totally bonkers since surveillance happens primarily in transit. If he’s communicating with someone through PGP via Protonmail, it’s just as secure as if he would do it through his own email. All of his banking details - things like that - are just as exposed on any email service (except maybe Google cause they read your inbox for “user experience”).
When it comes to states spying you then there is no safety. The state can always just send someone over to put a gun on your head (or the legal equivalent) and voila, you yourself give them your data.
And I understand that states are very different in their (perceived) legal integrity, but if I should guess ( no evidence) then all the encryption and safety development benefit criminals most. Also some journalists and dissidents but mostly criminals to do their criminal business and in the whole, if you have the fortune to live in a state that can be mostly trusted I prefer that Police has some lever identity this kind communication. Not in-similar to when Police is allowed to tap your phone (after a judge signed off). Not many people where concerned about that.
So so in the end I feel the bigger threat are private companies who sell all your data for the highest bidder regards of the bidders intention. And provided you trust Signal, ProtonMail and Tutanota then they definitely reduce the risk there (imho).
Even with a gun to your head you can still make the choice to say “no”. This is always the case - you always have the choice to refuse, you just have to be prepared to live with the consequences.
I needed to be police vetted for a job and they wanted to know lots of stuff about me, including who I’d slept with in the last five years (becaue, allegedly, this information could be used to blackmail so… Well so why would I tell the rozzers, exactly…? Anyway, getting off my point). I refused to tell them because the people I’d slept with hadn’t given their consent. I was refused the job *shrug
No, this video talks about the tiniest bit of metadata leak as if it’s the end of the world, when it isn’t.
Putting all the apps at the same level is complete bullshit. Telegram doesn’t even really do E2EE (it’s off by default and only available for a fragment of the features provided by Telegram), and ProtonMail and Tutanota are completely different from Signal with regards to what they protect from.
His solution is to self-host emails. That’s out of reach for 99.99% of internet users, and doesn’t prevent any form of tracking. If you self host, you may be able to create infinitely many emails but they will all be identifiable to you because they all share the same domain name… If you use a VPS to host your email, your host can also access your running VM and all its data and there’s nothing you can do about it, or even detect it.
ProtonMail, Tutanota, Signal are not designed to help you detonate a nuclear bomb in new york. They’re designed to prevent the NSA from doing mass surveillance. And if you suddenly become a high value target, government agency might have access to some metadata through them, but that’s true for almost any service you use, and those are going to give them much less metadata and are much more likely to try to fight in court to avoid having to share it.
This video also completely ignores the fact that at some point humans play a role. Even if everything is encrypted and no metadata exists, it is still very easy to just trick your friends and family to give away info about you. Unless you live in the woods with no contact at all, it will be much easier to just go through real people than breaking into theses systems relevant xkcd.
People (including me) do say just use Signal, because I’m not talking to Snowden, I’m talking to random people who don’t know shit about computers and theses services are a very easy way to reclaim a lot of privacy without sacrificing features. Even I don’t bother hosting my own stuff or refrain from communicating with other people just because they’re not using tools that are way too complex for the normal user and lack features that every other service offers…
He does mention that he self-hosts and uses it to talk only to people on his own network, but in 99.999% of people that will mean only talking to themselves…
I think you are not the target of this video. The target of this video are people who do not think about threat modeling at all and just assume it is safe to use because e2ee and Signal marketing BS and continue using these services the exact same way as they used gmail or Facebook messenger before. And he is right to point out that that immediately invalidates most of the privacy benefits due to metadata leakage.
The technologies used in Signal protect a lot against metadata leakage. Group information is encrypted, your contact list isn’t stored on their servers (it is sent but obscured and uses a lot of tricks to make it harder for them to access it). They also have sealed sender which enables them to reduce the metadata they collect.
That’s just not true? Switching from Messenger to Signal will always be a huge step up regarding privacy and security, no matter what your threat model is. Some metadata potentially (we don’t have any evidence that Signal has ever leaked anything) leaking is much better than knowing your metadata (and data) is being used to track you constantly…
What? If someone doesn’t think about threat modeling I either explain it to them or build a reasonable model for them. I don’t tell them to go live in the woods because otherwise there is one bit of information about them that might leak…
I think an important difference is that we are comparing companies that definitely sell your metadata to companies that could sell your meta data but where there is no known case (to me) that they actually do, e.g Signal. So it comes down to trust.
Not really. One of the main points he makes in the video is that phone-number use in an inherent metadata leak and even without Signals involvement it can be used to reverse track a social graph without you being able to do anything about it.
And this is not a theoretical threat either, something like that was done to identify democratic activists during the recent Hong-Kong protests and put them in jail.
Ok, out of interest, how does this work?
You (as aggressor) scan all your known mobile numbers agains let’s say Signal and discover that some numbers use Signal. That I understand. But now what? Unless you are the company Signal you would not have access to further data, or ?
Sure you can easily get further data by for example asking the phone companies for cell-tower log-in location and times. This you can then narrow down against your list of Signal using suspects and either remotely infect their phones with a trojan or simply snatch up the hardware at a “random” police check and access the already decrypted messages with identifiable phone-numbers of all the group-members.
Compare that to a messenger that does not use phone numbers at all and even does not transmit network IDs to other group-chat members. Then the police has no idea who to target and no reasonable indication that could be used with a judge to get a search warrant either.
Source?
https://www.zdnet.com/article/hong-kong-protesters-warn-of-telegram-feature-that-can-disclose-their-identities/
Note that while this is about Telegram, this problem of reverse phone-number lookup also exists AFAIK with Signal.
Which is totally bonkers since surveillance happens primarily in transit. If he’s communicating with someone through PGP via Protonmail, it’s just as secure as if he would do it through his own email. All of his banking details - things like that - are just as exposed on any email service (except maybe Google cause they read your inbox for “user experience”).
The only time he mentions email in the vid is to say that its not secure and you shouldn’t use it. Email was definitely not the focus of the vid.
Yeah fair enough, I’m just nit-picking for discussion’s sake to be honest.
When it comes to states spying you then there is no safety. The state can always just send someone over to put a gun on your head (or the legal equivalent) and voila, you yourself give them your data.
And I understand that states are very different in their (perceived) legal integrity, but if I should guess ( no evidence) then all the encryption and safety development benefit criminals most. Also some journalists and dissidents but mostly criminals to do their criminal business and in the whole, if you have the fortune to live in a state that can be mostly trusted I prefer that Police has some lever identity this kind communication. Not in-similar to when Police is allowed to tap your phone (after a judge signed off). Not many people where concerned about that.
So so in the end I feel the bigger threat are private companies who sell all your data for the highest bidder regards of the bidders intention. And provided you trust Signal, ProtonMail and Tutanota then they definitely reduce the risk there (imho).
Even with a gun to your head you can still make the choice to say “no”. This is always the case - you always have the choice to refuse, you just have to be prepared to live with the consequences.
I needed to be police vetted for a job and they wanted to know lots of stuff about me, including who I’d slept with in the last five years (becaue, allegedly, this information could be used to blackmail so… Well so why would I tell the rozzers, exactly…? Anyway, getting off my point). I refused to tell them because the people I’d slept with hadn’t given their consent. I was refused the job *shrug
I wouldn’t give the job to a rapist either. 🙃
To be clear, I meant consent for me to share their love-life with the police!
You’re a naughty person! But you did make me laugh.
I hope he just made a mistake when typing haha