103 sats \ 2 replies \ @davidw 10 Nov 2023
Imagine if they pivoted to Nostr auth 🤯
reply
0 sats \ 0 replies \ @kepford 10 Nov 2023
That would be very surprising to me.
reply
0 sats \ 0 replies \ @_b_o_n_e_s_ 11 Nov 2023 freebie
isn't it open source. couldn't someone do this now? I think there's an android build that's slightly modified eg uses tor by default or something
77 sats \ 6 replies \ @kepford 10 Nov 2023
I know in the US it is much harder to get a cell phone number without KYC than it used to be. It is still doable and you can use services like silentlink to do so with bitcoin. But, I am not aware of how difficult this is to do in other countries. Anyone care to share?
reply
112 sats \ 0 replies \ @knorozov 10 Nov 2023
Mexico is easy.
Aside from that, registering anything with phone numbers is a total No Go security wise.
reply
126 sats \ 3 replies \ @kr OP 10 Nov 2023
silentlink was easy to set up for me in canada, but i was only using it for data.
having a local phone number that i could receive texts on became important eventually, and ultimately ended my silent link experiment.
the one thing i couldn’t get around was that my bank required 2FA and they only allowed 2FA via text or call.
reply
95 sats \ 1 reply \ @petertodd 10 Nov 2023
silent.link has an option to get a number too. But it costs more money.
reply
10 sats \ 0 replies \ @kr OP 11 Nov 2023
true, silent link’s price for a number is much more than a cheap canadian carrier though, so went that route
reply
0 sats \ 0 replies \ @btcpt123 11 Nov 2023
crypton.sh provides an online SMS service, good rates
reply
0 sats \ 0 replies \ @3fc979ad1a 11 Nov 2023 freebie
impossible in Belgium, I need to drive to the Netherlands to buy a sim without KYC
66 sats \ 0 replies \ @davidw 10 Nov 2023 freebie
Definitely about time. But curious timing, after waiting so long.
The cost of creating a new username and spamming users is zero and extremely scalable now. If they did this, they’d have to integrate with some other form of “hooman” verification I imagine. Probably via a one-off payment, like Twitter seem intent on pushing.
reply
20 sats \ 3 replies \ @freetx 10 Nov 2023
Not sure about still using signal after the Tucker debacle....
Tucker claims he was texting russ.ian contact setting up interview with P u t in - and afterwards contact from intel agency read back his text to him over the phone.
reply
32 sats \ 1 reply \ @petertodd 10 Nov 2023 freebie
Quite likely that the "Russian contact" was an FBI agent. Nothing to do with Signal's security.
reply
10 sats \ 0 replies \ @kepford 11 Nov 2023
Its very annoying when media figures say crap Luke this with no follow up. It goes both ways. If there is an issue let's expose it so it can be fixed. I still wonder if Tucker is an asset sometimes. Don't trust him.
reply
10 sats \ 0 replies \ @kepford 11 Nov 2023 freebie
First off don't trust someone like Tucker on technology things. Second it is very likely the issue was human security failure. It almost always is. We are the weakest point of failure.
Also very possible the message was SMS and not over signal. They used to have this feature. If it were an actual weakness in Signal he should contact the devs and report it so they can resolve it.
I don't trust Tucker either. We should not be basing our opinions on media figures period. Even if you agree with them. Trust the math or don't use Signal.
reply
42 sats \ 0 replies \ @random_ 10 Nov 2023
Welcome to 2012
reply
67 sats \ 2 replies \ @03365d6a53 10 Nov 2023
signal cannot be self hosted, insists on google locate-ya captchas, the build cannot be reproduced, and is heavily phone number centric
it's honestly no different to facebook whatsapp or telegram
time to switch to truly private messengers like Simplex, Session, Briar, or self hosted matrix/element
reply
0 sats \ 1 reply \ @kepford 11 Nov 2023
It is different. It has flaws like those you mention but you are over simplifying incorrectly.
reply
0 sats \ 0 replies \ @03365d6a53 11 Nov 2023 freebie
it does have differences that make it better than all the other phone number based systems
still better to avoid anything that collects phone numbers though
if you must use Signal servers, it's best to use Molly as the client, and a throwaway or virtual phone number
121 sats \ 1 reply \ @Coinosphere 10 Nov 2023
Think I'll stick with 0xChat, thanks.
reply
0 sats \ 0 replies \ @ryu 11 Nov 2023
More people on Nostr concerned about the metadata leakage of NIP-04 messages needs to use 0xChat and its Secret Chats feature.
reply
0 sats \ 0 replies \ @knorozov 10 Nov 2023
Finally.
reply
0 sats \ 0 replies \ @ceife 10 Nov 2023
Try to kill Session App
reply