this post was submitted on 22 Nov 2024
58 points (96.8% liked)

Privacy

32103 readers
597 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

If you don't know me, I make frequent write ups about privacy and security. I've covered some controversial topics in the past, such as whether or not Chromium is more secure than Firefox. Well, I will try my hand again at taking a look at some controversial topics.

I need ideas, though. So far, I would like to cover the controversy about Brave, controversy around Monero and other cryptocurrencies, and controversy around AI. These will be far easier to research and manage than Chromium vs. Firefox, for example. I'd like to know which ideas you have!

Which controversial privacy topics do you know of that you would like to see covered?

PLEASE DO NOT ARGUE ABOUT THEM IN THE COMMENTS!

Please save any debate for if/when I make a write up about the topic. Keep the comments clean, and simply upvote ideas you would like to see covered. I won't be able to cover everything, so it helps bring attention!

Above all else, be kind, even if you don't agree with an idea or topic :)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 27 points 1 day ago (2 children)

Signal as a centralized meta-data honeypot.

[–] [email protected] 2 points 1 day ago (2 children)

Oh boi I’m trying to get people to use simplex exactly because of this. I managed to bring most people to Signal and they’re cool with it because it just works, but I don’t trust them at all. Sure there was this court order where they didn’t have any user data except account created date and last active date, but since almost everybody uses either Google‘s or Apple‘s push notification servers turns out that doesn’t matter so much from what I undertstood.

[–] [email protected] 1 points 12 hours ago (1 children)

Google‘s or Apple‘s push notification servers turns out that doesn’t matter so much from what I undertstood.

Can you elaborate? It's my understanding that push notifications are only used to trigger Signal to check if there are messages - the message data and who/what triggered it is not being sent to Google/Apple. If you don't trust push notifications, you can always use a De-google'd phone and the Signal APK which will fallback to polling the server; this will obviously impact battery life as the app needs to constantly be checking for new messages.

[–] [email protected] 1 points 7 hours ago

I‘m referring to them handing over the data to law enforcement of the US and other unknown governments.

What exactly they hand over I can’t tell you, it might be harmless. In the case that they revealed they used push notifications data to identify a pedophile who was using some encrypted messaging service. I hope he gets what he deserves but for us it means we shouldn’t trust anything that uses Apple‘s or Google‘s push notification servers.

Yeah I know about Molly etc., but the point is, no one I know is going to degoogle their phone and use that. It would be easier if they’d just use a more private, decentralized app that also doesn’t ask for a phone number ffs.

[–] [email protected] 2 points 1 day ago (1 children)

You can use your own builds of Signal (or preferably Molly-FOSS) including a self-hosted server. You can bring your own push notification as well.

[–] [email protected] 1 points 1 day ago

I think that’s really cool. Unfortunately most people won’t be doing that, they don’t even care that WhatsApp, etc. are scraping all their data :(

[–] [email protected] 5 points 1 day ago

💯 but can it be a honeypot when the OG promise was connection not meta security?