this post was submitted on 26 Sep 2024
156 points (92.4% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54577 readers
277 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I saw some threads here about Telegram and piracy stuff being banned. So, as an experimental alternative, I created a public Signal group for piracy.

Maybe it'll be useful?

Before joining

Signal supports usernames and hiding telephone numbers. Here's a blog entry on how to do so. You might want to:

  • set a username
  • change your profile name (these are two separate things!)
  • hide your phone number
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 1 month ago (2 children)

Good idea overall, unfortunately they still have your IP and phone number which means Europeans are still implicated

[–] [email protected] 54 points 1 month ago (2 children)

Signal doesn't collect IPs and therefore can't even hand them out. It's been requested in 2021. Here's a list of requests from authorities they were allowed to publish. I've looked through 3 of the most recent and nowhere do they reveal IPs.

[–] [email protected] 12 points 1 month ago (2 children)

Sure they don't log the IPs, but it is technically impossible to not know the IP when you're running a centralized service.

[–] [email protected] 7 points 1 month ago (3 children)

What are the "popular" alternatives? Telegram stores everything, WhatsApp doesn't allow usernames, Matrix requires IPs too...

[–] [email protected] 7 points 1 month ago (2 children)
[–] [email protected] 9 points 1 month ago (1 children)

Despite their claims of total privacy, I imagine, like any software company, they have full access to their own back end including encryption keys and server logs. Meaning they can and probably will moderate their own platform if there is enough pressure from nation states/IP owners.

[–] [email protected] 12 points 1 month ago (1 children)

You are welcome to audit the source code and host the backend yourself.

[–] [email protected] 8 points 1 month ago (1 children)

You understand that, for everyone except for a complete network pro, that is worse for security and privacy, right?

Don't get me wrong, it's great that you can.

But the reason piracy websites struggle so much with long term stability isn't because they're hosting the wrong software.

[–] [email protected] 9 points 1 month ago* (last edited 1 month ago)

If you don't put trust on someone something, you left yourself to trust and do all the works. However, you don't trust yourself either, sadly I can't offer any solutions.

[–] [email protected] 4 points 1 month ago

TBH I would just use email over TOR and encrypt communication with PGP. Rotate identities every now and then and you should be fine. Yes it doesn't have forward secrecy but it removes the effort to find the "right messaging" service and is instead ubiquitous (and you can sign up for anonymous email addresses online too, which makes it even better).

[–] [email protected] 1 points 1 month ago
[–] [email protected] 4 points 1 month ago (1 children)

The phone number is not connected to the messages. That’s the only thing they have. It is the best app for privacy.

[–] [email protected] 5 points 1 month ago (1 children)

Arguable in it being "the best app for privacy". Can you link to a source which shows that phone numbers are not linked to accounts? (Why do they need them anyway?)

[–] [email protected] 5 points 1 month ago (1 children)

They have published requests from the law enforcement and their responses to these requests. The only unencrypted data they have is the phone number, a date of sign up and a date of the last login. That is it, everything else is encrypted and they cannot access it whatsoever.

[–] [email protected] 2 points 1 month ago (6 children)

The problem is, if you're in Europe, your phone number is associated with your identity

[–] [email protected] 4 points 1 month ago* (last edited 1 month ago) (2 children)

No you don't.

I can go to the corner shop/local garage right now, buy a SIM card for 99p and then buy a top-up voucher in cash to have a completely anonymous phone number.

Albeit is the UK in Europe again? 🙈

edit: where I would be worried if my privacy was on the line is I could also go to the local pawn shop / Cash Converters to ensure that SIM card isn't associated with an IMEI I've previously used and buy in cash a cheapo phone.

[–] [email protected] 3 points 1 month ago (1 children)

The last time I bought a SIM in the UK I was told specifically I could not buy it with cash.

[–] [email protected] 2 points 1 month ago

I don't know if you're in the UK right now but I can tell you right now that I can go round the corner and buy a SIM card in cash plus a top-up voucher, from someone like this guy

https://www.coregroup.co.uk/assets/img/cards/independent-retail-sim-distribution.jpg

[–] [email protected] 3 points 1 month ago (1 children)

Same in a few other European countries. I'm doing it right now with a few SIMs. You can also go on holiday to another country, get a few temporary SIMs there for a few quid and fly back home with the "contraband". Really not hard.

[–] [email protected] 3 points 1 month ago

Aye, I've seen this misconception before and suspect it's specific countries in the European continent where you have to register.

[–] [email protected] 3 points 1 month ago* (last edited 1 month ago)

So what? The law enforcement knows you have an account and knows the sign up date and last login. That doesn’t affect your privacy whatsoever. Besides, Europe isn’t a monolith. You can absolutely buy and use a SIM card without disclosing your name in some countries.

[–] [email protected] 3 points 1 month ago

But, again, all they can prove is that you signed up to Signal and when you last signed in.

[–] [email protected] 2 points 1 month ago

Exactly. Signal is private, not anonymous

[–] [email protected] 2 points 1 month ago (1 children)

I believe the same is true in the US.

[–] [email protected] 1 points 1 month ago (1 children)

It is not. You do not show any ID to get a phone number

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (1 children)

You also don't need to show any ID for a business to meet "know-your-customer" regulations. Can you get a phone number without revealing your identity?

[–] [email protected] 1 points 1 month ago (1 children)
[–] [email protected] 1 points 1 month ago (1 children)

Isn't the same true in the EU, then?

[–] [email protected] 1 points 1 month ago (1 children)

Only if you don't have to show your ID to get a number

[–] [email protected] 1 points 1 month ago (1 children)
[–] [email protected] 1 points 1 month ago (1 children)

In countries where you MUST show your proof of identity to get a number, pray tell me what kind of OPSEC can you employ to not do that?

[–] [email protected] 2 points 1 month ago

Travel across the border where you can? Ask a friend abroad to send you a SIM card? Maybe even find a service to buy a SIM from?

[–] [email protected] 1 points 1 month ago

Sometimes, but that's it. Authorities and signal itself can only say "this number has account with us since $signupDate and used it last on $usageDate". Signal can't say "we know $number is talking to $otherNumber" nor can they say "$number is in $group talking to $users".