> Repeatedly refusing to fix this widely reported issue with non-sensical explanations What are you referring to? An option to choose your backup location got added two years ago. It works on Android 10 and above.…
It does not proxy through your phone. After the initial setup, you can switch off your phone and the desktop client will work just fine.
> nobody is able to fund huge servers with millions of users without infinite money. For example, Signal and Telegram are both struggling with that currently I'm willing to believe that this is true for Telegram, since…
> if you newly join Signal, every Signal user in your address book will be notified No. People who have your number in their address book will be notified.
> Werner Von Braun was an actual nazi. He was also a great scientist. Some recent research suggests he might not have been that great a scientist after all. The story goes that he was an impostor who got to his position…
I work in academia in a STEM field. I've never seen or heard of a reviewer asking for access to the raw data used to produce a paper. Reviewers typically operate under the assumption that you're not trying to…
Weird, I don't remember ever seeing that and I don't have a last name set. Can't you just "confirm" it not to include a last name?
That's been fixed a few months ago. The setting now sticks until you manually change it back or your contact replies with a Signal message.
In the context of this talk, APN means "Apple Push Network", I think. The concern is that even if the service doesn't ask for a phone number directly, it does still have an APN or GCM/FCM push token. Through the push…
Maybe I'm misunderstanding what you're trying to say, but remote attestation is in fact exactly what they're doing with their contact discovery: https://signal.org/blog/private-contact-discovery/
Two small corrections: Signal-Android's backup works with a passphrase only (no QR codes involved) and does not cause safety number changes on restore.
Thanks for the link. I found the article to be pretty convincing until I decided to check out the WaPo article the author references in this paragraph: > Pyrethroid insecticides are supposedly low in toxicity to mammals…
For an explanation on how Signal achieves forward and future secrecy, see https://signal.org/blog/advanced-ratcheting/ (or https://signal.org/docs/specifications/doubleratchet/ for something more detailed).
Sure. Messaging via Signal (or via any other modern mobile messaging app) is designed to be asynchronous and doesn't require all participants of a chat to be online at the same time.
> It seems Nadim (the author of this paper) took it really badly when we called him out for intentionally spreading fake news this weekend. Is this seriously your official response to this paper? Is this an official…
> they're wasting resources implementing video chat which noone really asked for Could you expand on this? What data are you basing this on?
https://whispersystems.org/bigbrother/eastern-virginia-grand...
> Certainly a NSL might compel OWS to add additional logging NSLs cannot be used for that. They're a legal tool that can be used to extract certain types of information (such as subscriber information and maybe a little…
> What if I never want to share my location, take pictures, or send files? Don't use these features and / or disable the corresponding permissions.
> For that matter, there's no stopping Google from doing the same. That's the exact reason why package signing is decentralized in the Android ecosystem. All apps in the Play Store are signed by their developers.
This is a common misconception: NSLs are a legal tool that can be used to extract certain types of information (such as subscriber information and maybe a little bit of transactional information) that a service provider…
> Switching from Signal to WhatsAPP is very expansive because you need to rebuilt your social [graph] It's not and you don't, because your entire social graph is on your phone, in your address book. That's precisely the…
NSLs are not magic [0]. They are a legal tool that can be used to extract certain types of information (such as subscriber information and maybe a little bit of transactional information) that a service provider already…
Let the SMS verification expire and do a phone call verification. Concerning multiple devices: I use Signal on my phone and on two desktops, works perfectly fine.
Yeah, they prefer if you don't distribute your builds (i.e. something named Signal and / or using their servers) to other people (because they don't actually know what's inside the builds, they've got no update channel,…
> Repeatedly refusing to fix this widely reported issue with non-sensical explanations What are you referring to? An option to choose your backup location got added two years ago. It works on Android 10 and above.…
It does not proxy through your phone. After the initial setup, you can switch off your phone and the desktop client will work just fine.
> nobody is able to fund huge servers with millions of users without infinite money. For example, Signal and Telegram are both struggling with that currently I'm willing to believe that this is true for Telegram, since…
> if you newly join Signal, every Signal user in your address book will be notified No. People who have your number in their address book will be notified.
> Werner Von Braun was an actual nazi. He was also a great scientist. Some recent research suggests he might not have been that great a scientist after all. The story goes that he was an impostor who got to his position…
I work in academia in a STEM field. I've never seen or heard of a reviewer asking for access to the raw data used to produce a paper. Reviewers typically operate under the assumption that you're not trying to…
Weird, I don't remember ever seeing that and I don't have a last name set. Can't you just "confirm" it not to include a last name?
That's been fixed a few months ago. The setting now sticks until you manually change it back or your contact replies with a Signal message.
In the context of this talk, APN means "Apple Push Network", I think. The concern is that even if the service doesn't ask for a phone number directly, it does still have an APN or GCM/FCM push token. Through the push…
Maybe I'm misunderstanding what you're trying to say, but remote attestation is in fact exactly what they're doing with their contact discovery: https://signal.org/blog/private-contact-discovery/
Two small corrections: Signal-Android's backup works with a passphrase only (no QR codes involved) and does not cause safety number changes on restore.
Thanks for the link. I found the article to be pretty convincing until I decided to check out the WaPo article the author references in this paragraph: > Pyrethroid insecticides are supposedly low in toxicity to mammals…
For an explanation on how Signal achieves forward and future secrecy, see https://signal.org/blog/advanced-ratcheting/ (or https://signal.org/docs/specifications/doubleratchet/ for something more detailed).
Sure. Messaging via Signal (or via any other modern mobile messaging app) is designed to be asynchronous and doesn't require all participants of a chat to be online at the same time.
> It seems Nadim (the author of this paper) took it really badly when we called him out for intentionally spreading fake news this weekend. Is this seriously your official response to this paper? Is this an official…
> they're wasting resources implementing video chat which noone really asked for Could you expand on this? What data are you basing this on?
https://whispersystems.org/bigbrother/eastern-virginia-grand...
> Certainly a NSL might compel OWS to add additional logging NSLs cannot be used for that. They're a legal tool that can be used to extract certain types of information (such as subscriber information and maybe a little…
> What if I never want to share my location, take pictures, or send files? Don't use these features and / or disable the corresponding permissions.
> For that matter, there's no stopping Google from doing the same. That's the exact reason why package signing is decentralized in the Android ecosystem. All apps in the Play Store are signed by their developers.
This is a common misconception: NSLs are a legal tool that can be used to extract certain types of information (such as subscriber information and maybe a little bit of transactional information) that a service provider…
> Switching from Signal to WhatsAPP is very expansive because you need to rebuilt your social [graph] It's not and you don't, because your entire social graph is on your phone, in your address book. That's precisely the…
NSLs are not magic [0]. They are a legal tool that can be used to extract certain types of information (such as subscriber information and maybe a little bit of transactional information) that a service provider already…
Let the SMS verification expire and do a phone call verification. Concerning multiple devices: I use Signal on my phone and on two desktops, works perfectly fine.
Yeah, they prefer if you don't distribute your builds (i.e. something named Signal and / or using their servers) to other people (because they don't actually know what's inside the builds, they've got no update channel,…