Gregory's Server
Reading through the French prosecutor's press release re: Pavel Durov and Telegram, it's still not clear what is going on, but the last three items are a big red flag.
|
17 posts total
My dudes, Telegram is not an e2e messaging app like Signal or WhatsApp. Telegram is more like Twitter. It is a social media app that is mostly public content that also happens to have DMs, where you can turn on e2e messaging with questionable cryptography that most people never even bother to use.
Show previous comments
  @evacide Thank you for this. I use it with severel people daily and had no idea! I keep writing "privacy for cats" instead of "privacy for cars" in my work calendar, which leads to a very different mental image of what my job looks like.
Show previous comments
A lot of people who are not experts in domestic abuse think they're making a clever point by informing me that if an abuser has physical access & login credentials, the game's already over. I am very tired and do not have the energy to explain why making spying easier for abusers is bad, actually.   @evacide@hachyderm.io For people that work in an industry that prides itself on how they're all experts at scaling shit and "delivering exponential value", it's "funny" how they can never be made to understand how scaling harmful things also exponentially magnifies the harms.  @evacide I assume I missed a post about how Microsoft’s new Recall feature is a potential nightmare for people who are being abused or are otherwise associated with abusive or controlling people, and this is in response to the “well actually” crowd? "...a would-be hacker would need to gain physical access to your device, unlock it and sign in before they could access saved screenshots." I've got some news for Microsoft about how domestic abuse works.
Show previous comments
@evacide@hachyderm.io thinking about that time I watched emails disappear in real time (and later learned this was how certain email addresses were scraped)  Signal has finally introduced usernames so you can use it without giving out your phone number. This is the number one feature I have seen prevent people from using Signal for many years and I’m happy it’s here!
Show previous comments
  If you have a uterus and you live in the UK, it's time to update your threat model to include police testing you for the presence of abortion meds and requesting data from period-tracking apps: https://www.tortoisemedia.com/2023/10/30/british-police-testing-women-for-abortion-drugs/
Show previous comments
 @evacide That's sad. I dreamed about visiting again and maybe even moving there, for a long time now. But the place doesn't exactly seem to change for the better. It seems, that I would like to stay away, because I am a woman. @evacide Oh helpless me! I don't know, how to be a woman. If only I would have a man to tell me to just "use the moon" there would be no patriarchy, no sexism anymore.  @evacide@hachyderm.io "Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised."
Show previous comments
@evacide oh that’s less impactful than i thought if the feature that rotates the identifier when the device is unassociated and scanning for networks didn’t work, i’d actually be scared 🦋 @evacide Oh FFS, they were using the HW identifier in mDNS advertisements? That makes me extremely sad.
Show previous comments
If you're mad at EFF for making it possible to use Chrome with less tracking instead of yelling at people to use a different browser, then I assume you have never heard of harm reduction. Giving people digital privacy and security advice means meeting people where they're at. Otherwise, you're just running your mouth to make yourself feel smart.
Show previous comments
@evacide also some people are forced by work or circumstance to use it, mitigation is perfectly valid ❤️  @evacide There are advocacy groups that create converts, and others that hunt heretics. The story of why Elon Musk fired most of the election integrity team after saying he would expand it is stupider than I even imagined. The team's manager liked a tweet calling Elon a dipshit.
Show previous comments
 @evacide is calling your boss a dipshit legally protected workplace speech? asking for a friend
 The thing that surprises me more is that there was an "election integrity team" in the first place. Everybody go update your iPhones. The new 0-click vuln exploited by NSO Group is sent via a malicious image in iMessage.
Show previous comments
 @evacide can we please stop using memory-unsafe languages to gangle arbitrary input from the public. Also, I have the iOS 17 beta, is that version safe? Mozilla's new report on the data privacy of modern cars is nightmare fuel. Enshittification has definitely hit the car industry: https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/
Show previous comments
 @evacide ALSO: I believe this is why GM is breaking up with Apple's Car Play in new models. They'd prefer that you use their built-in stuff, easier to scoop up data. I know a lot of folks are PISSED the new Blazer won't have car play.  there was this recent report from @josephcox yet seems crazy that only requires vin to lookup?! Superb articles from EFF. They need wider circulation. The car industry has been harvesting occupant data for more than two decades. It probably makes more money from it than selling the car. As EFF points out, the range of data collected or inferred from a plethora of car sensors is invasive. Location, speed, direction, steering and pedal movements, naturally. Add heart rate, temperature, alertness level through facial and body cameras, collected and used without knowing consent. It has come to my attention that some of you are very concerned about data brokers collecting your data, but are not familiar with the work of @yaelwrites and the Big-Ass Data Broker Opt Out List. Please enjoy: https://github.com/yaelwrites/Big-Ass-Data-Broker-Opt-Out-List I'm just going to leave this essay on "movement narcissists" right here for people to read at their leisure. Thinking of Daniel Ellsberg today and the transformative power of bringing secrets to light and holding the powerful to account. A brain implant changed a woman's life, helping her to manage to her epilepsy. Then the company that made the implant went under and the implant was removed against her will. This is the grim meathook future we were promised and I hate it. https://www.technologyreview.com/2023/05/25/1073634/brain-implant-removed-against-her-will/
Show previous comments
@evacide tracks very closely to the nightmare future envisioned in so many cyberpunk stories. |
@evacide Would "providing a cryptology tool" mean I'd get arrested for bringing my laptop to France? It has GPG, ssh, and sshd on it, not to mention openssl. That let's me use rsync to back up some directories. I'll use GPG to encrypt a separate copy of Firefox login data.
@evacide Didn't France once ban encryption over the Internet? I expect that to work as well today as it did in the early 20C when the International Telegraph Union tried it.
@evacide where did you find this document?