this post was submitted on 10 Aug 2024
587 points (98.5% liked)

Privacy

32108 readers
437 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

"Signal is being blocked in Venezuela and Russia. The app is a popular choice for encrypted messaging and people trying to avoid government censorship, and the blocks appear to be part of a crackdown on internal dissent in both countries..."

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 184 points 3 months ago* (last edited 3 months ago) (2 children)

It’s like a medal of honor for a privacy preserving app 😄

[–] [email protected] 39 points 3 months ago (3 children)

Indeed. If whatsapp isn't on the list, then I have all the confirmation I need.

[–] [email protected] 21 points 3 months ago (4 children)

The Russian government has also allegedly begun preparations to block the WhatsApp messaging app.

https://kyivindependent.com/messenger-signal-blocked-in-russia-media-says/

load more comments (4 replies)
load more comments (2 replies)
[–] [email protected] 18 points 3 months ago

"Banned in 15 dicatorships!"

[–] [email protected] 52 points 3 months ago (7 children)

could matrix.org be as easily blocked, since it's decentralized I'm wondering?

At least it means that Signal is working as intended if they are blocking it, I guess that they don't have back doors.

[–] [email protected] 41 points 3 months ago (1 children)

Being decentralized prevents DNS or IP blocks but not blocks through DPI.

Signal has an option to masquerade it's traffic as regular HTTPS, I don't know if Matrix can do such a thing.

https://x.com/signalapp/status/1821979304626155930

[–] [email protected] 27 points 3 months ago (6 children)

I can answer this! All matrix calls are over https APIs. Ports and addresses are stored in a text file on the base domain or in DNS txt entry.

load more comments (6 replies)
[–] [email protected] 17 points 3 months ago (2 children)

Matrix is in fact decentralized but in reality it is not so much, I don't know the number exactly but the majority of users use the matrix.org server

[–] [email protected] 11 points 3 months ago (8 children)

Those numbers only include instances that have telemetry enabled

load more comments (8 replies)
load more comments (1 replies)
[–] [email protected] 12 points 3 months ago (1 children)

could matrix.org be as easily blocked, since it’s decentralized I’m wondering?>

Or SimpleX?

[–] [email protected] 9 points 3 months ago

It cannot be easily blocked especially if you use your own homeserver every homeserver replicates the channel and it can operate without the original server! That's why signal and telegram are inherently flawed.

load more comments (4 replies)
[–] [email protected] 39 points 3 months ago (4 children)

blocks appear to be part of a crackdown on internal dissent in both countries.

Or... you know... at least for Venezuela, the USA constantly fucking around with their elections and politics and local assets using Signal or something. Maybe, I dunno?

[–] [email protected] 17 points 3 months ago (7 children)

Yeah. Telegram, should be next, there's a huge risk with it too. And email! Social networks too, just in case. And postal mail, we can't forget that. We should crack down any form of uncensored communication.

All for the benefit of the people, of course. \s

[–] [email protected] 20 points 3 months ago (22 children)

I mean signal was funded in part by the US intelligence community up until last year.

[–] [email protected] 21 points 3 months ago

The current president of Signal is also still happy to do interviews with US-defense-oriented think tanks like Lawfare.

They probably still are funded by USIntel, considering how interested RFA was in pushing Signal in privacy-oriented spaces.

load more comments (21 replies)
[–] [email protected] 19 points 3 months ago (29 children)

In UK don't ban them, but jail you if they don't like your posts, more democratic.

load more comments (29 replies)
[–] [email protected] 8 points 3 months ago (9 children)

Self defense is self defense, would we expect some different behavior from a country being attacked from outside interests with publicly accessible end to end encryption services?

load more comments (9 replies)
load more comments (4 replies)
load more comments (3 replies)
[–] [email protected] 27 points 3 months ago (11 children)

Would peer to peer apps be resistant to this sort of thing?

[–] [email protected] 24 points 3 months ago (1 children)

Yes, but you'll have to install them from sources other than what governments deem official. Like F-droid.

Now, if they block p2p traffic that's a different story

load more comments (1 replies)
[–] [email protected] 10 points 3 months ago (1 children)

It depends. Somehow it has to discover the peers. Other than that, they could block traffic between residential IP addresses and there goes large part of the P2P network

[–] [email protected] 10 points 3 months ago

Russia and Venezuela are huge hotbeds of piracy from populations without access or capital to access most forms of entertainment.

Breaking P2P in this manner would basically be getting rid of the circus part of bread and circuses. Not a good move for an authoritarian.

load more comments (9 replies)
[–] [email protected] 27 points 3 months ago

Signal honored!

[–] [email protected] 25 points 3 months ago (5 children)

why telegram is not blocked? makes you think...

[–] [email protected] 21 points 3 months ago (2 children)

WhatsApp supposedly uses Signal protocol.

Why is THAT not blocked? Certainly they wouldnt roll their own encryption and bypass Signal security protocols after having Moxie come in, right? Right????

[–] [email protected] 8 points 3 months ago

Russia is reportedly planning to block WhatsApp as well.

load more comments (1 replies)
[–] [email protected] 16 points 3 months ago

Telegram is not secure, I guess if you can listen to it better not block it.

[–] [email protected] 9 points 3 months ago* (last edited 3 months ago) (2 children)

I mean it was blocked before Signal was blocked. Russia somewhat famously badly broke their Internet trying to shutdown telegram... and eventually gave up.

I'm guessing Signal finally has enough market share to get the Russian government's attention but not enough market share that they think the web of proxies that kept Telegram online will keep Signal online.

load more comments (2 replies)
load more comments (2 replies)
[–] [email protected] 21 points 3 months ago (6 children)
[–] [email protected] 18 points 3 months ago (7 children)

I wrote this, but I'd also like to add Drew Devault - Why I don't trust signal. There's a huge disconnect between what privacy advocates are saying about signal, and what reddit "privacy" communities think about it. If you read the article I linked, you'll see its because the Open Technology Fund (a US state-run entity), actively pushes signal in privacy spaces.

load more comments (7 replies)
load more comments (5 replies)
[–] [email protected] 17 points 3 months ago* (last edited 3 months ago) (3 children)

Honestly I would've expected it to be blocked much earlier

load more comments (3 replies)
[–] [email protected] 15 points 3 months ago (3 children)
[–] [email protected] 17 points 3 months ago (9 children)

Matrix isn't secure depending on how you use it. It also doesn't protect individual identities terribly well.

Simplex Chat would be the better option however the main Simplex Chat server and matrix server could end up blocked as well.

[–] [email protected] 28 points 3 months ago* (last edited 3 months ago) (3 children)

Matrix is entirely self-hostable, and you can turn off both federation, and the requirements for any linkable identifiers.

Signal by contrast requires your phone number, isn't self-hostable, and is based in a five-eyes country.

[–] [email protected] 11 points 3 months ago (7 children)

Matrix doesn't protect metadata, which is arguably just as (if not more) important than message data. Signal by contrast does protect metadata and proper implements Perfect Forward Secrecy for all chats. I do think Signal's centralized design and phone number requirements problematic, but Signal still has many merits. Such as its massive user base for a AGPL-only project.

load more comments (7 replies)
load more comments (2 replies)
load more comments (8 replies)
[–] [email protected] 11 points 3 months ago (2 children)

Probably mostly because almost nobody uses it.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 11 points 3 months ago* (last edited 3 months ago)

Why countries that do not prosecute political dissent bock apps used by political dissenters? /s

[–] [email protected] 11 points 3 months ago (5 children)

Smart move, considering Signal is a US-hosted centralized service that has to comply with US NSL laws.

These comments below seem to be unaware of all the issues privacy advocates have of signal.

[–] [email protected] 20 points 3 months ago (1 children)

I don't get it, are you really arguing that Russia and Venezuela are blocking Signal to protect their citizens from American snooping?

[–] [email protected] 24 points 3 months ago (8 children)

All countries should ban US-domiciled companies like signal, or any communication platform hosted in Five-eyes countries, and especially ones domiciled in the US, which has to adhere to National Security Letters.

https://www.eff.org/issues/national-security-letters/faq

[–] [email protected] 10 points 3 months ago* (last edited 3 months ago) (3 children)

Isn't the whole point of something like End-to-End Encryption so that not even the company themselves can read your messages?

In that case it wouldn't matter even if they did turn the info over.

Edit: I read more into the page you linked. Looks like those NSLs can't even be used to request the contents either way:

Can the FBI obtain content—like e-mails or the content of phone calls—with an NSL?

Not legally. While each type of NSL allows the FBI to obtain a different type of information, that information is limited to records—such as “subscriber information and toll billing records information” from telephone companies.

[–] [email protected] 10 points 3 months ago (1 children)

You can read my article, or Drew Devaults on why he doesn't trust signal, which get more into this, but the short version is that US security forces don't have time to read the content of everyone's message anyway, they care more about the metadata: message timestamps and social graphs.

Signal stores all that data (via required phone numbers, meaning its linked to your real name and address), and via the US's key disclosure laws, it would be illegal for them to tell you that the US government is hoovering up that data.

load more comments (1 replies)
load more comments (2 replies)
load more comments (7 replies)
load more comments (4 replies)
[–] [email protected] 11 points 3 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 9 points 3 months ago (1 children)

Unless you click the “unblock” button.

Gotta love Verge.

load more comments (1 replies)
load more comments
view more: next ›