The FBI being revealed to secretly run an encrypted messaging service brings to mind the old adage that goes “good opsec will get you through times of bad crypto, while good crypto won’t help you get through times of bad opsec”

think about your threat model and practice opsec.

also think about what you say. is signal compromised? maybe, maybe not, obviously nobody can tell. are there any alternatives that have a lower chance of being compromised and that your normie friends could potentially use? no.

so don’t spread FUD and tell people to use signal

signal: like everything else in infosec, all you can say about it it’s that it’s better than the alternative™️

(if you do not have normie friends, feel free to use whatever encrypted messaging service you want, and tell your cypherpunk friends not to use signal, that’s fine)

Follow

by the way: the same is true about SSH, all encryption methods, all key exchange mechanisms, etc. nothing is “inherently secure”, everything is secure to some extent according to your current knowledge and for a limited period of time.

practice opsec. do not rely on tools.

“technical tools will not solve social problems”, i.e. “tech won’t save us”

Sign in to participate in the conversation
Mastocafé

This is a mastodon instance for social justice activists, LGBTQIA+ people, and activists in general See the Goals and technical details, and Rules and privacy policy pages for more information