Friendly reminder that Signal is funded by (tax-deductible) donations. And you can donate crypto:
​
(TBH, I had never really thought about how they were funded until I noticed the "Donate" link while reading their response.)
Here's how my dumb brain understands it:
His friend sent him a youtube link in WhatsApp. WhatsApp does link previews in its messages--and somehow, when the link loaded, Youtube knew that it was this dude looking at the link.
Fun fact: that's a classic OSINT technique to find people who are on the run. Send them an email with an embedded image saved on one of your websites, and then just wait for him to open the email--when he does, you can see what IP address loaded the image and boom--now you know where he is.
Also fun fact: Signal has taken steps to prevent this from happening: https://signal.org/blog/i-link-therefore-i-am/
I just downloaded Signal to try it out, it's open source, and co-founded by Brian Acton who co-founded WhatsApp and left Facebook after the merge when they asked him to lie to the EU about their intentions to merge WhatsApp and Facebook Messenger. It seems to be nice, haven't tried it in anger. The desktop version is its own app, I'd have preferred a browser based option like WhatsApp web but that's a minor quibble.
Unlike a lot of other technology projects, Signal is structured as a non-profit. We're supported directly by users like you, similar to organizations like Wikipedia. You can donate here: https://signal.org/donate/
We will never sell ads, and we've designed Signal to not know anything about anything (including no trackers or analytics), so we couldn't target ads even if we wanted to (which we don't).
I have a hunch it could be related to https://signal.org/blog/cellebrite-vulnerabilities/ and the followup https://hothardware.com/news/cellebrite-physical-analyzer-software-no-longer-supports-iphones
What kind of phone does your wife have that they inspected?
For me one of the biggest problems with slack (right after the fact it's proprietary and controlled by a company I don't trust) is that you need to pay, if you want full access to chat history. In theory you could use API to write a bot storing history somewhere, but it seems to be against terms of service (point 6.5).
Also, I still remember how slack suddenly changed their TOS and took my data as hostage. There was no option to decline new TOS and take my current chat history away. Fuck them.
Developer on Signal Desktop here.
IMO, Signal does not have an issue here, but of course I'm biased.
We go to great lengths to avoid the "metadata problem". We've been subpoenaed a few times and have been able to produce very little. We know when someone signed up for an account and when they last accessed the Signal service, but that's basically it.
We achieve this, in part, with something called "sealed sender". It's like a letter with no "from" address written on the envelope.
We also do limited logging and don't hold onto messages after they're delivered.
As others have mentioned, we're also working on adding usernames. Please know that this is a massive technical effort (the biggest I've seen in my time here) and will take some time, but it's definitely a priority.
As a developer on the Desktop app, I know full well that Signal is far from perfect. But I don't think our service suffers from the "metadata problem".
I agree discord is a shit platform for privacy. I also think that most of the time the top one priority is to create a community with a low entry barrier so anyone can organize and work together. And discord works well because a lot of people use it.
But again, if your group can move to another platform where you have privacy that's amazing and you should definitely do it. Try element.io to replace discord or signal.org to replace telegram and whatsapp.
I'm actually happy you put the OOPS there. You know why? Because a friend of mine came across your post and told me about it. And why should I care? Because I designed the damn thing :)
Some time ago I made an app for the Slack platform called "/oops" and this is the logo I designed for it, your post is how I realized it's the first result in Google when searching for the word "oops".
For people using SailfishOS, CopperheadOS, and other Android-app compatible operating systems that don't include Google Play, the following might be equally (if not more) newsworthy:
Today, Open Whisper Systems (the team behind Signal) set up a way for people to install the official Signal Android client from outside of the Google Play Store: https://signal.org/android/apk/
When announcing it on the OWS Community Forum, Moxie Marlinspike said that this is a "harm reduction strategy since people are already running random APKs signed by other random people".
You can use real private messaging. Right now virtually uncrackable encrypted messaging exists but no one uses it for some reason.
For the people asking about it: https://www.openpgp.org
It looka like Signal is a better solution: https://signal.org/
This is the same company that Moxie Marlinspike absolutely embarrassed in a blog post recently after they claimed they could extract data from Signal. https://signal.org/blog/cellebrite-vulnerabilities/
Beep. Boop. I'm a bot.
It seems one of the URLs that you shared contains trackers.
Try this cleaned URL instead: https://signal.org/blog/keeping-spam-off-signal/
If you'd like me to clean URLs before you post them, you can send me a private message with the URL and I'll reply with a cleaned URL.
That's why when I'm tonsil-deep in pussoir, I use Signal.
Its end-to-end encrypted communication ensures that my taint reaches my eyes unmolested by man in the middle interlopers.
Wave was way ahead of its time imho. Sure, it was unfocussed, never reached critical mass, and so on; but the underlying idea is great.
I can’t help but compare it to Slack, which does so much less but still manages to be so very useful. (And Slack doesn’t even touch collaboration.)
Just goes to show that there’s so much more to be explored in term of digital communication and collaboration. IM is just the very tip of the iceberg, Wave and Slack give us a taste of what’s to come …
I’m sure Wave will return (in spirit). When done right, this stuff will be amazing.
They've had it for a while... but they seem to slowly be rebranding from discordapp to discord, for example their twitter
I know for a **fact** that they've had discord.com since they changed their twitter to @discord, but i'm pretty sure they've had it for longer
I predict this subreddit will be renamed soon
Matrix is great! Its a chat protocol that has many front ends your users can choose from. The most popular front end is Element.
Why use matrix?
At its core, the protocol is just for routing messages between clients and servers. This means you can join multiple servers (hosted by other matrix users). There's also bridges between other chat services so you can do all your communication in one place.
Also, with Jitsi integration you can do video calls directly in the app.
The Signal team have vouched for WhatsApp in the past https://signal.org/blog/there-is-no-whatsapp-backdoor/
Granted that was a few years ago and there’s no telling if WhatsApp has changed since then. But Signal haven’t announced a change in stance regarding WhatsApp, so it’s probably safe enough, assuming you’re ok having your metadata mined…
Speaking of fire, Signal's very recent blog post as a response to a company, Cellebrite, claiming to be able to extract data from the app is pure gold. Their response could be summarized as "Just don't" but that does in no way make the full read any justice. It's a mood lifting read!
Direkt zum Original:
https://signal.org/blog/cellebrite-vulnerabilities/
"By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me."
Haha, klar "vom LKW gefallen"... Sympathisch, ja. Aber glaubwürdig?
PGP is hard to use and not very practical for direct messaging.
Signal is a much better suggestion, slick UI and easy to use. Also very secure (especially if you verify each other's private key) and open source.
End to end encryption betekent dat facebook niet kan meelezen. Wat ze via whatsapp wel weten is met wie jij praat en wanneer, wie er in je contactenlijst staan, in welke groepen je zit, wanneer je online bent, en als je dat aan hebt staan je locatie.
Edit: Een goed alternatief voor whatsapp is signal, die houden niks van je bij (bestaan van donaties) en gebruikt dezelfde encryptie als whatsapp (Eigenlijk is de encryptie in whatsapp bedacht door een van de mensen achter signal). Ik gebruik signal om te communiceren met de paar mensen in mijn vriendengroep die wel wat geven om privacy, maar het is lastig om de rest van whatsapp af te krijgen.
Signal is the only widely available, multi-platform secure messaging tool. True end to end encryption (you and your recipient have the only keys) and minimal metadata (Signal logs only the age of your account and the last time you used the service. thats it). Stop using other messaging tools if the contents of your messages are private. https://signal.org
re: online status and location, Signal does not have this by design. It would be a privacy leak. Signal actually gives a shit about real privacy. https://signal.org/bigbrother/central-california-grand-jury/
Just a reminder, Open Whisper System is a non-profit, who run a privacy conscious service for free. They don't get the benefit of billions of dollars of advertising money here compared with FB and WhatsApp.
Please do donate if you value their service. https://signal.org/donate/
There are huge profits to be made in grey-market call termination, especially so if international calls have to otherwise go through a single carrier that dictates insane international rates. In most of the profitable countries, the local cell calls are dirt cheap as is labour to man the stations, so the sim gateways, the sat uplinks (or occasionally DSL) and the simcards are quickly paid off and then it is just profit. Even more fun when that carrier is owned or invested in by members of the royal family or local equivalent, and they use the army to hunt down these 'pirates' and protect their interests.
If you want to get a sense of the profits, look up Cuba on the Skype Rates website, it is currently $0.089 connection fee and USD $0.80/minute, or North Korea at USD $0.70/min or Madagascar at $1.07/min landline ($1.09/min mobile). It doesn't take long or much call volume to cover your costs.
Not too long ago, Cellebrite announced "support" for Signal Messenger. This "support" is only for unlocked phones where Signal Messenger is also unlocked. Cellebrite makes devices that download any available info from many phones, locked or unlocked. An Android phone that is freshly restarted will expose minimal data. A decrypted phone (after you enter your password the first time), even when the screen is locked, will offer a little more data, still not much though. Something to note is that some things, like the alarm you set and named "Remember to dump the body from the drum," are accessible from your encrypted & locked phone.
The Signal organization "found" a Cellebrite UFED that "fell off a truck" and they found numerous vulnerabilities. Read the blog post here. It's not very long nor technical. Pay attention to the last paragraph, LMAO.
It's possible that law enforcement is looking for the pretty little files that "don't do anything" that Signal Messenger uploaded to a few random people's phones. I read a legal blog post suggesting that the US government might try to prosecute someone under the CFAA if these files do damage to any of their Cellebrite UFED machines, possibly with the goal of going after Signal Messenger.
Just a thought.
https://twitter.com/signalapp/status/1261364662840385536
> Giphy was just acquired by Facebook, but GIF searches in Signal have been protected by a privacy-preserving proxy from the very beginning. The Giphy SDK isn't included in the app at all. You can read more about our approach to handling animated GIFs here: https://signal.org/blog/signal-and-giphy-update/
Signal has already been subpoenaed by the FBI and couldn't produce content, https://signal.org/bigbrother/eastern-virginia-grand-jury/. You won't find Telegram recommended by security advocates because it doesn't have the reputation Signal does.
"All-in-one voice and text chat for gamers that's free, secure, and works on both your desktop and phone." - Discord It also allows the uploads of videos and pictures.
There is a more work oriented platform called Slack, that also has the ability to text chat(pictures, videos, whatever) in a group based setting except that it does not have voice chat.
No. The username and discriminator are both required to identify a user; the only reason it exists, as far as I can tell, is to allow at most 9999 people to share a username (and even then, popular/short names have already started to become unavailable). If you try to change your username, and the combination of your current username and your discriminator is already in use, the number will have to change as well.
The ACTUAL user ID is a 64-bit number that you can get by turning on developer mode and selecting Copy ID (but it can't be used to send friend requests, so that doesn't help either.)
Looks like they've changed it a couple months ago; here's an archive: https://web.archive.org/web/20180702223031/https://signal.org/workworkwork/
I actually copied it from a message I sent a friend when I first read it. (Over Signal to boot, hah.)
Signal is open source, tried and tested, and end to end encrypted. It requires your number so you can communicate with anyone in your contracts (those without Signal).
They've proven through a court order that they could not help the big brother.. The only things they were able to share were the time the user registered and the last time they've used Signal.
I don't think any of the other alternatives have this much battle experience and trust.
Signal is basically an alternative to your regular SMS and calling app, so of course it will require those permissions. If you only want to communicate with Signal users, then go the route explained in the article you linked and use a burner number and not all any permissions.
It's interesting that they still have access to Facebook and WhatsApp. It is unfortunate that Signal is no longer domain fronting though I know Telegram was doing this as well (and for some reason hasn't gotten a similar letter?). I'm not a networking guy, but wouldn't encrypted DNS help resolve this issue? Not that people have access to it on their phones, but my understanding is that you'd have to shutoff access to the DNS (like CloudFlare (1.1.1.1
)or Google (8.8.8.8
)).
Before anyone goes screaming "Copying Discord"
Wanna leave that there. Existed before Discord, for quite some time. Discord itself is the copy.
https://a.slack-edge.com/3dba7/marketing/img/downloads/screenshots/win10_screenshot.png
> You proposed some bullshit alternative from what the rest of the planet uses.
Slack is used by organizations around the world, including NASA JPL, Time Magazine, BuzzFeed, and Harvard's administration. In fact, the moderator corps at /r/science uses Slack to manage their activities. There's nothing "alternative" about it; it's the de facto king in its domain, team communications.
You're free to do whatever you want. The topic of this thread is collating advice on tools that can be used by academics to help with their job. I've personally found Slack to be an exceptional tool, and I'm sharing my experience here.
Signal explains quite nicely how "disappearing messages" should be treated.
> Disappearing messages are a way for you and your friends to keep your message history tidy. They are a collaborative feature for conversations where all participants want to automate minimalist data hygiene, not for situations where your contact is your adversary — after all, if someone who receives a disappearing message really wants a record of it, they can always use another camera to take a photo of the screen before the message disappears.
FUD!
>Jennifer Caukin, a spokeswoman for Skype, has a different slant. Caukin said, “Skype made the decision to retire Skype for Asterisk several months ago, as we have prioritized our focus around implementing the IETF SIP [Session Initiation Protocol] standard in our Skype Connect solution. SIP enjoys the broadest support of any of the available signaling alternatives by business communications equipment vendors, including Digium. By supporting SIP in favor of alternatives, we maximize our resources and continue to reinforce our commitment to delivering Skype on key platforms where we can meet the broadest customer demand.
Basically, instead of continuing to use their shitty proprietary standard they decided to use an open, ratified standard. Asterisk supports SIP just fine, meaning anyone with an asterisk pbx can still integrate with the skype network just fine. Only now Asterisk doesn't even have to bundle the proprietary code anymore! This isn't even a hypothetical, it's already available.
This is a win for open source and standards, not the other way around.
We like them today because they responded to a subpoena last week with basically "lol, we don't know anything".
We like them over the long term because they're a messaging app that just sends messages.
>In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software. Files will only be returned for accounts that have been active installs for some time already, and only probabilistically in low percentages based on phone number sharding. We have a few different versions of files that we think are aesthetically pleasing, and will iterate through those slowly over time. There is no other significance to these files.
Slack for team communication. It really is much better then hangouts/messenger, and its app supports all major OS'es. Basically it's a communicator tailored for the needs of teams. It supports easy file transfer, thematic soubgroups, copy-pasting everything you want etc. In short I highly recommend it https://slack.com/
For those who missed it this particular company specializes in getting data from phones that have already been unlocked and requires the phone to be physically present.
There was an interesting blog written in April by the CEO of Signal (a secure messaging client) where he basically got a hold of one of their boxes and had a close look https://signal.org/blog/cellebrite-vulnerabilities/ that some of you might like to read.
They make a "messaging app". So it's going to be very young, very outgoing, very social.
So they're going to be looking for fresh-faced go-getters who think they're going to disrupt the industry. Essentially, if you've been working in the field for more than 5 years, you're going to be too jaded to "fit".
For them, drinking is a social activity, not something you do to dull the pain.
Edit: Link here
We just expanded our new scrim finder to Rainbow Six Siege, and I thought /r/Rainbow6 might like to check it out. How it works is that you create a team and add your team members, pick a time to play, and we'll notify you via Discord or through the app once we've found you an opponent. We pull stats for everyone on the team so we can figure out platform/region and match you to a similarly-skilled team.
It's only been available for Overwatch to-date (/r/overwatch thread, but R6 has been our #1 most requested game since then, so I'm hoping you all enjoy it. I'd love to hear your feedback if you get a chance to try it out! Thanks :)
I'll use this comment for a shameless plug for the Matrix protocoll and their main client Element. They have end to end encryption by default that works across mutliple devices with users across multiple servers. All code and specifications are completely out in the open and thus independently verifiable to be secure, you can even host your own entire infrastructure if you want and still stay in touch with people from other matrix servers.
You’re downloading the intel version of zoom. Rosetta is the “translation layer” that lets your non intel Mac run intel software in emulation. It’s fine/safe/free.
BUT: get the m1 version of zoom. It will perform better.
Why Telegram? Telegram is known in crypto circles to be a bit shady to put it mildly. They invented their own encryption algorithms which is a big no-no when it comes to crypto. Is based or originated out of Russia meaning Russian state can try to interfere and/or influence. Ultimately is a privately help for-profit company meaning they can change their direction any moment they want to turn a profit.
If we really want to recommend a truly privacy-first messaging app, it should be Signal (https://signal.org) not Telegram.
From my comment below:
Basically it transcribes your voice as you're talking and tries to make a chat message out of it, in this case it looks like it was going English <-> English. My fiance is overseas for college, and when this first installed as part of an update, it read her localization and somehow decided that Scotland = Spanish somehow...so everything she said was being plopped into the chat box in truly awful Spanish. I guess it's supposed to be handy or something, but it was also transcribing me speaking in English very, very poorly. As in "You should probably get a CT scan for tumors in your brain" badly.
https://signal.org/bigbrother/cd-california-grand-jury/
The top level of the link where this doc is from. Only the PDF of court docs opened for me
Before people strap on the tin foil, please consider that your data in signal is end to end encrypted and they are unable to provide anything, especially chat transcripts to the court
I just donated to them - they are a non-add / non-subscription app. If you like their platform, I would encourage anybody here to do so as well. Signal >> Donate to Signal
Imo, I don't see any advantage of telegram over signal
edit:
From /u/redditor_1234 on /r/privacy
>Unlike Telegram, Signal does not need a 2FA option to protect against SS7 vulnerabilities. > >The Telegram servers collect every Telegram user's contact list and every message, photo, video and document that they send in the default chat mode, and unless the user has enabled the 2FA option that is buried in the app's settings page, the service allows anyone who can hijack the user's phone number or intercept their SMS messages to instantly have access to all of that user's cloud based data. > >In contrast, the Signal servers don't collect any contact lists and all Signal communications are end-to-end encrypted. If someone were to intercept a Signal registration code or hijack a Signal user's phone number and use it to register on a new device, the attacker would not gain access to any of the user's data, because it would all be stored locally on the targeted user's own device(s). The user's safety numbers would change, and the app would automatically alert everyone who has previously communicated with the targeted user's number, preventing anyone from accidentally calling or sending sensitive information to the hijacked number.
Signal is trustworthy. I've tried intercepting their VOIP streams and was unable to on either end. Admittedly it's been a few years since I've done any professional security analyses and I may be behind on the latest and greatest tools, so grain of salt.
Properly deployed encryption is unbreakable. Even the still in-vitro quantum computer would only be able to slightly shorten prime factorization in asymmetric ciphers.
Paranoia is good and healthy. But knowing the capabilities of your adversary is equally important. Real-time decryption of even weak cipher suites isn't feasible, real-time processing and analytics is another beast entirely. So I wouldn't be worried about being randomly eavesdropped.
However if you're being targeted, they're are plenty of ways to exploit the biggest weakness there is in encryption. The user.
Edit: added link
I know zoom has been in deep shit for not ensuring End to End encryption and stuff like that with their general product, but this particular product likely does offer the HIPAA-compliant stuff (my Girlfriend's agency used it until they went to MS Teams).
No agency in the world would be caught dead using something that would flag them in an audit. It would be a mess to say the least
If one reads the actual post on the Signal blog, the author notes the Windows-based Cellebrite software includes s couple Apple DLLs, apparently in violation of Apple licensing.
The blog also says they're not putting landmines on every device, just randomly placing them on a small percentage of devices.
A couple quotes from Signal...
Just funny:
> By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me. As I got closer, the dull enterprise typeface slowly came into focus: Cellebrite. Inside, we found the latest versions of the Cellebrite software, a hardware dongle designed to prevent piracy (tells you something about their customers I guess!), and a bizarrely large number of cable adapters.
About the DLLs:
> It seems unlikely to us that Apple has granted Cellebrite a license to redistribute and incorporate Apple DLLs in its own product, so this might present a legal risk for Cellebrite and its users.
About the landmines:
> In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software. Files will only be returned for accounts that have been active installs for some time already, and only probabilistically in low percentages based on phone number sharding. We have a few different versions of files that we think are aesthetically pleasing, and will iterate through those slowly over time. There is no other significance to these files.
Speak at the special city council meeting this Friday at 11:30am.
You can attend via Zoom or phone
1) By phone (888) 475-4499. Webinar ID: 971 4719 4171. Click *9 to raise a hand to speak.
2) By online https://zoom.us/j/97147194171
Alright, for those of you who spend a good two minutes getting a 500 error and wondering what the heck everyone else was talking about in this thread:
DNSCrypt for Mac. Encrypts all DNS queries between your machine and OpenDNS and a few other DNS providers that don't log queries. For the security conscious who don't want their ISP tracking dns requests.
Slack - Team chat/productivity software. Totally free, allows you to invite an unlimited number of users. Mac, iOS and Android apps, plus Chrome extension/web version for every other OS. Use it to keep up with my team, it's a nice mix of IRC with tons of extra features built in like file sharing, integrations with other apps like Trello, etc. Lets us have separate rooms for each client, a room to screw around and post stuff we find on Reddit and just a place to chat about work that's fully archived and searchable.
This isnt the first time and wont be the last. Unless its a huge conspiracy it appears Signal does not have access to anything as it all encrypted and they only have access to the timestamps and creation date. https://signal.org/bigbrother/central-california-grand-jury/
My reply was in blue, but another cringing friend's response to follow was better than mine. I am more than saddened by this opportunistic use of this funeral to peddle MLM.
If you just have to know which company is wonderful enough to peddle to funeral attendees, I put the link here so you can learn more. Starts at the top of the hour.
Spoiler alert. It's Zija.
Edit: Typos
Signal uses the Firebase notification service which depends on Google Play Services. They do not send your messages through the Google Service, but they will use it to notify the app, that there is a new message to be downloaded. If you removed Google Play Services, then that service doesn't work in the background.
I'd recommend downloading the Signal APK installer from https://signal.org/android/apk/ which uses a custom notification service (uses more battery than the Google version) and updates itself.
They can if they never store it in the first place. There are no laws saying you’re required to store customer data.
Relevant post from Signal yesterday: https://signal.org/bigbrother/central-california-grand-jury/
This is not my main field of study (though you may have watched the webinar I did recently which covers Shakespeare’s connection to the fascinating conundrum of Precession — https://zoom.us/recording/play/_AbVF7yyUnXJ3alCPU-rItKtdcEi_fIgDDPp_Qn5BFXl_7P7CkUfWI1LcrakuWCU — Password: YogiBard.)
My understanding is derived from The Holy Science (a book by Sri Yukteswar, the guru of Paramahansa Yogananda). In it he states “From 11,501 B. C., when the Autumnal Equinox was on the first point of Aries, the sun began to move away from the point of its orbit nearest to the grand center toward the point farthest from it, and accordingly the intellectual power of man began to diminish. . . The period around A.D. 500 was thus the darkest part of Kali Yuga and of the whole cycle of 24,000 years. . . From A.D. 499 onward, the sun began to advance toward the grand center, and the intellect of man started gradually to develop. During the 1100 years of the Ascending Kali Yuga, which brings us to A.D. 1599, the human intellect was so dense that it could not comprehend the electricities, Sukshmabhuta, the fine matters of creation.” (I guess we were ALL trolls back then! Isn’t that interesting? Shakespeare came at the very end of the last Kali Yuga or Dark Age… when he was definitely most needed!)
So according to this most revered sage, Sri Yukteswar, we’re presently 418 years into the Ascending Dwapara Yuga. Thus the height of the next Golden Age (Satya Yuga) will be A.D. 12,499.
Hang in there… it’s getting better all the time! Only 10,482 of your Earth years to go. :)
Any company on that scale will have prepared and published (e.g. for Slack: https://slack.com/security ) audited security controls, written on the premise that any of your employees could be an illiterate monkey pressing random buttons, or in collusion with the Commies, or both. It's far from an infallible system, but a lot of work goes into securing SaaS platforms from malicious actors /within/ the company - work that often wouldn't happen if you self-hosted.
I too suggest this, excellent tool that allows you to form mesh networks over Bluetooth and wifi. If this is too advanced, Signal messenger is another excellent tool for end-to-end encrypted communication over Cellular and the Internet.
Pete is speaking today at this event near the end
The United for Infrastructure 2021 Kickoff Event May 10, 2021 from 12:00 PM–3:00 PM
> Keynote Conversation: Administration Leadership and The Transportation Agenda The Honorable Pete Buttigieg, U.S. Secretary of Transportation
>Moderator: Brendan Bechtel, Chairman and CEO, Bechtel Group, and Chair, Business Roundtable Infrastructure Committee
> Register: https://zoom.us/webinar/register/8416165466749/WN_tgat3JxkTrmbdglh-ipsWg
https://unitedforinfrastructure.org/event/leadwithinfrastructure/
They are very much involved in mass surveillance. For example
We just launched our scrim finder for Rocket League and I thought this sub might like to check it out. The TL;DR is that you pick a time to play, we work on finding an opponent for you in the background, and we notify you via the app and Discord once we've found a match for you. It's meant to make it easier to find more constructive and competitive matches with other organized groups.
We've launched it for a few other games (example) and we've been getting a lot of requests for Rocket League since then, so I hope this sub finds it useful. ~~It's only for 2v2 right now, but we'll likely expand to 1v1 and 3v3 if 2v2 ends up being used a lot~~. Since everyone seems to prefer 3v3, we're 3v3 now. Feedback/thoughts/feelings/questions welcome!
I am. Buyers beware: - Steam voice chat doesn't work - The microphone (and webcam) do not function in the Steam Web browser, so you can't use services like Wire Web to get around the broken Steam voice chat problem, you have to go to desktop mode to talk to people. - Although I haven't tried it myself, Flatpak's shortcuts supposedly can't be used from within Steam BPM - So far, no one has been able to figure out how to get GOG games (or anything else using the same installer, such as DRM-free games from Humble Bundle) installed in such a way that they can be launched from within Steam BPM - To install some of the most trivial software available for Debian or Ubuntu downloaded as deb files from the Internet, you have to manually edit a text file in desktop mode to enable the Debian repo, and it is not clear if this will someday have negative consequences since this configuration is unofficial/unsupported - Switching from desktop mode to Steam BPM is unreliable - sometimes it will become unresponsive to input so you have to do hard-reset - Unlike in Ubuntu, some games will have broken audio out of the box requiring hacky workarounds - Sometimes the system will refuse to shutdown and just run forever showing the SteamOS logo, forcing you to hard-shutdown - You can't use the Steam Controller to type anything in desktop mode. Yes, on the Steam Machine with a Steam Controller, you have to plugin an external keyboard!
On the plus side, the update system is very nice. I am surviving with it by using Discord for voice chat (it is one of the few debs I downloaded that actually installed properly). Surprisingly, if you start a voice call in desktop mode, and then switch to Steam BPM, after a few seconds you will both be able to hear each other -- even though desktop and Steam BPM are two different users running in two different X contexts.
I find that pretty hard to believe, but that's not based on a whole lot. Its feasible in theory, just feels unlikely given the proficiency of our government. While its not directly related, I do know that ASIO works with big consulting firms to leverage "big data" (sorry for the cringey corporate term).
ASIO maintains a list of individuals who are considered to be "of interest", however this list is far larger than feasible to have humans monitoring its members. In other words, there aren't enough ASIO members to track all activities of members on the list. So instead they have systems that look for behavioural patterns, and flag those who deviate from their "normal" patterns. That narrows down the list significantly, so that ASIO can keep an eye on those who might be preparing for something. If it can be determined that someone intends to commit a terrorist activity, ASIO might be able to stop them right before any innocent people are hurt.
Coming back to your original question, I say its feasible in theory because we know voice recognition is absolutely possible and easily accessible - so it stands to reason that if ASIO can access your phone calls, a bot could theoretically flag those that include specific keywords. Its unlikely because the sheer volume of calls that would be flagged would be enormous - and those terms on their own aren't indicative of intention to commit a terrorist act.
If you're a fan of your privacy, you might like to swap out your SMS app for Signal - its open source and has the best encryption I'm aware of in a messaging app. https://signal.org
Signal posted the story themselves. I don't see what RT being a russian propaganda outlet has to do with it.
It's sparking outrage because it's outrageous. This isn't some made up story, it happened and it's a topic that lots of people are concerned about.
Если (когда) менты отберут у вас телефон и разблокируют его, им нужно будет вытащить из него информацию. Есть два способа: 1) глазками прокликать иконки на рабочем столе, просмотреть чаты и документы 2) вытащить информацию на компьютер и исследовать её с удобством. Для этого есть специальные программы.
Один из производителей такой программы для властей разных стран — Cellebrite, недавно публично хвастался, что умеет вытаскивать данные из Signal. Это правда, если власти смогли разблокировать телефон, то они могут вытащить из него все чаты, так же, как могли бы увидеть их глазами. Эта программа используется спецслужбами по всему миру для проведения официальных и не очень официальных криминологических экспертиз.
Сегодня Signal выложили ответочку. Они где-то раздобыли (в оригинале «fell from the truck» — «свалилась с телеги, нашли на дороге») официальную коробочку с этой программой, исследовали её и обнаружили в ней тонну уязвимостей. Таких уязвимостей, что можно составить специальный файл, который при наличии его на телефоне жертвы получает полный доступ над компьютером, который пытается вытащить с него информацию (жертва и агрессор меняются местами). Можно заставить софт Cellebrite написать что угодно во все криминологические экспертизы, которые есть на этом компьютере. Не только в текущий, но и все последующие.
Пост они закончили следующим абзацем: «мы теперь начнем прикладывать к Signal'у специальные красивые файлы. Они не несут никакой пользы, просто эстетически очень приятные. Причем файлов у нас много и они разные. Приложим мы их только давно зарегистрированным пользователям и только части отловить и исправить все ошибки у вас не получится. Никакой связи с предыдущим текстом этот абзац не имеет. Просто нравятся они нам.»
Троллинг 90го уровня.
Ах да, ещё они обнаружили, что Cellebrite нелегально использует библиотеки Apple в нарушении лицензии. У Apple дорогие и хорошие юристы.
This is the link to the position, correct?
https://slack.com/careers/3294039/university-recruiting-specialist
This does not look like an entry-level role, and a base salary around $100k does not sound unreasonable for a fairly independent-sounding coordinator role requiring a few years' prior experience at a tech company including travel expectations.
>What you should have
>
>2-3 years of recruiting experience, university / campus experience preferred but not required
>
>Familiarity with building and engaging with diverse student pipelines
>
>Passionate about the candidate experience and building inclusive programs
>
>Willing to potentially travel (when safe to do so), predominantly domestic
>
>Ability to prioritize, flex, and work in a fast paced, constantly evolving environment
>
>Detail oriented, ability to multi-task and comfortable using data to drive decision making
I think you've gotten worked-up for no reason.
Thanks! I made a team comp recommendation feature a while back, it uses that engine. Here's a link to play around with it and here's a reddit thread with some more info.
Even if we assume that secure chats are reallysecure (which, as you point out, has been debated by many experts), the biggest problem with Telegram is that nobody I've come across uses them because they don't sync between devices. This is very crippling in this day and age. Wire handles that smoothly and Signal requires a strange Chrome plugin solution.
Matrix should be the obvious secure federated replacement for all of these softwares.
All they're doing is reposting their own version of a post on Signal, rewritten and sensationalized.
https://signal.org/blog/the-instagram-ads-you-will-never-see/
Russian propaganda sites should be permanently banned from Reddit.
Before today I've never heard of Telegram (was reading a Google Allo post where everyone was raving on about it 'cause Google Allo sucks')...
Though if you're looking for a proper Skype alternative, maybe 'Wire' is something to look into? Made by one of the founders of Skype (and has end-to-end encryption).
On a side note, is Telegram really that good? In my friend circle everyone just uses whatsapp and Skype mainly...
Courts give zero shits whether a piece gets sectioned under "Blog" or "News." Published information is published information.
Skype costs $13.99/month for unlimited worldwide calling, or $2.99/month for US/Canada. Refuse all donations above that. Or if it feels gross, consider it a business expense and claim it on taxes. It's a pizza per month.
Again, I'm sorry if I seem inhuman or uncivil. I'm a journo; clarity and brevity are my bread and butter. But I didn't call you an asshole or something. The piece has potential, but needs a lot of improvement. It reads like it was written by someone inexperienced who didn't have an editor to say "go back and try again." Both are true, and I don't hold either against you personally.
And one more tip: Setting GJP as your minimum bar is like a surgeon saying he's satisfied with being better than the guy dissecting neighbourhood cats.
Stick with it.
> “Signal Technology Foundation is an independent nonprofit charity and tax-exempt under section 501c3 of the Internal Revenue Code.”
From https://signal.org/donate/
So they're allowed to use the word “Donate” on Google Play.
Why not Hangouts? It has an Android client, an iPhone client, a web client, a Chrome client, and it's available in Gmail. What did you win by using Allo?
Hey man. I think it's great that you're doing this and getting so much interest.
Let me suggest [https://slack.com/]. It is honestly the best coordination tool I have seen so far. You can make different private chat groups, have topic-based chat groups, integrate 3rd party services, upload files (there's even a code snippet thingy :).
Speaking as a 4th year Computer Science student, you might want to open positions for "mentors". Programming can be daunting just starting out, and often what people need isn't "what is the answer" but "how the hell do I find these answers?!". I think people with experience could volunteer to mentor and would be really useful.
Lastly... Good luck :) I signed up to study a subset of programming I have little to no experience with, so I'll see how it unfolds!
Element https://element.io/ as a way to access the Matrix works really well and you can link any identifier you want, ie phone, email, id. It's e2e encrypted and decentralized; you can message, as well as do voice and video calls. The problem is getting people to adopt it socially. For me Element it's superior to Signal, but few know about it.
Just an FYI for all of you who don't want your chat apps spying on you. To be secure you need to use an app that Is end to end encrypted by default, Is fully open source and auditted and does not save unencrypted backups of conversations. Whatsapp fails on the unencrypted backups and not being open source and auditted. The two you want to look at are:
ELI5
Signal he's referring to is https://signal.org/en/ the non-profit messaging app, not publicly traded.
Signal Advance Inc SIGL is a company in Texas whose share price has hovered around 10 cents for year, lost $125,000 last year and last tweeted in 2016. I would imagine they are very confused right now.
Jesus, people.
Hello! I am Ludmila Yamalova, a U.S. qualified lawyer, practicing in the U.A.E. for the past 13 years. I will be hosting a FREE legal webinar, catering to issues relating to Family Law and that of divorce, in accordance with both current and upcoming legislation.
Feel free to join me today (May 26th), at 4:00pm GST.
Joining link: https://zoom.us/j/99895704538
> I don’t think there is anything at this time to suggest they plan to close the source.
Also: they can't! While 3rd party contributors don't retain copyright due to the CLA, the same CLA asserts that they can make proprietary licensed derivatives, but they assert that all those contributions are always made available under an OSI approved license:
> Your Contributions and such derivative works, as well as the right to sublicense and have sublicensed all of the foregoing rights, through multiple tiers of sublicensees, provided that in all cases, Signal Messenger will make Your Contributions available under an OSI-approved open source license.
I guess they technically make a proprietary Signal client and server, but it wouldn't really make a lot of sense given that they would basically require a full-time lawyer to start separating source repositories :'-)
EDIT: IANAL
Here’s the link to the lovely webinar with the author and illustrator of the children’s book Mayor Pete. Fingers crossed the link works.
Download the .deb file from here and double click to install:
While choosing the downloads, select Ubuntu 14+ because you probably have ubuntu 18/19/20. Then choose 64/32 bit version according to your operating system. If you don’t know how to check the bits, roughly speaking, computers with around 4 GB or more of RAM use 64 bits
I highly doubt this. Surprisingly, most tech workers don't want to be 100% remote.
> the vast majority of global knowledge workers (72%) prefer a hybrid arrangement that combines the home and the office. Workers are far less enthusiastic about going all in on one environment: Only 12% would prefer working from the office all the time, and 13% want to work from home full-time. Slack survey of 9,000 tech workers
It's nice to see your coworkers in person, and you cannot beat the bandwidth of working within physical question-asking distance.
I think the only real change from pandemic is that companies/careers that have previously been anti-WFH or resistant to the idea will have to start offering 1-2 days a week WFH as a policy if they want to retain employees. There's no longer any valid argument against it, as we've already proven that it works fine.
You can get an official apk at https://signal.org/android/apk. They've got the signing key there for you to verify the download. Plus you'll get notifications when there's an update to download.
Also fantastic how they reverse-engineered the iPhone cracking system from Cellbrite, say that 1) it's a hot mess security wise, thus 2) it's vulnerable to running outside code that can modify the output of the Cellbrite system so that output is totally unreliable and 3) by the way, we are moving various files around in our system that we are not saying are code to mess with Cellbrite if you ever try to use Cellbrite on a device with Signal, but... we ARE moving odd files around, just sayin'.
https://signal.org/blog/cellebrite-vulnerabilities/
It's both hilarious and amazingly brutal.
Hey, sorry that you're in such a crappy situation.
Do forgive me if I say anything useless because I'm not super experienced with slack, but my husband uses it at work so I know what you're talking about, and you certainly shouldn't be singled out because of it.
From some googling, it seems that you should be able to display all emojis in plain text, is this an option? See this article (under "Change your emoji display"):
​
Hope it works out!
der Signal Messenger (engl. Website, offiziell)
Leider wenig verbreiteter aber guter Messenger. Quelloffen, so sicher wie es aktuell so wird.
O Signal (aquele app de bate-papo) em Maio rodou uma série de anúncios na plataforma do Facebook exatamente pra demonstrar o nível de espionagem dos caras.
https://signal.org/blog/the-instagram-ads-you-will-never-see/
Os anúncios que o Signal subiu na plataforma são apenas com um texto escrito, mas extremamente específico, sobre a pessoa que o visualizava. Por exemplo:
"Você está vendo esse anúncio porque você é um instrutor de pilates recém-casado e você adora desenhos animados. Esse anúncio foi restrito à sua localização (La Jolla, em San Diego na Califórnia). Você curte blogs sobre paternidade, e está pensando em fazer uma adoção LGBT."
No artigo linkado tem esse e outros exemplos.
> About your installation part I totally disagree. It's not always that case always. Until and unless you visit Github to install certain program.
It is the case with Zoom, which is not on GitHub, and explicitly named by OP: https://zoom.us/download?os=linux
And it doesn't really matter if it's always the case or not. It matters if popular software does this, because if someone can't figure out which version they need to download and remember that on Windows it's always just a one-click download solution, they aren't gonna stay on Linux.
Social media is specifically designed by billion dollar companies to get you addicted, to feel left out, to condition you to look for headlines and not the story. Honestly, it's pretty toxic, the only people who use social media and aren't slaves to it are the elderly who have no idea how it works much less how it's "supposed to" work.
All the while they collect private information about you and sell it to the highest bidder. A lot of people think, what's the big deal? I don't mind if companies know I love my dog or what I eat for brunch, but you'd be surprised how much they really know about you: https://signal.org/blog/the-instagram-ads-you-will-never-see/
I've entered the phase in my life where I don't really have many friends. I've shed most of the people that were barely friends or just acquaintances and now have a lean 4-5 friends that I talk to regularly and I know I can count on them for anything from a birthday greeting without social media prompting them to all the way to if I need to bury a body. I'm honestly pretty happy with the friends I have and we don't need social media to keep in touch. We send each other photos, gifs, and funny stuff and have actual conversations about how their kids are doing, if they're thinking about buying a new car, etc. You know, stuff that actually matters.
When it comes to keeping up with news, scores, whatever else I'm interested in, Google does a much better job of figuring out what I like and giving me credible (after I changed a bunch of settings) articles/sources better than my cousin I never talk to could.
I will admit I do still have an Instagram account but I never post anything on it I don't really follow anyone I know. I just scroll mindlessly for a laugh if I have 10 minutes to kill while waiting for someone.
TL;DR social media is toxic and quitting it had no consequence to my life.