529
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 23 Sep 2023
529 points (99.4% liked)
Technology
59674 readers
1878 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Yes. But signal is the gold standard, it's going to be hard to get your contacts onto any other platform.
https://www.privacyguides.org/en/real-time-communication/
Reviews the options nicely, I use briar, it's rough around the edges. But it does the job.
I've been meaning to try simple x, but I haven't given it a go yet.
You can follow the privacy guides guide on hardening signal, it's useful. Net net the easiest thing to do is disable your PIN, and ask any friends you're speaking with to disable their PIN.
https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/#signal-pin
Why are you recommending people disable their Signal PINs? Best practice as far as I’m aware is to set a secure passphrase (rather than a 4 digit PIN) and to enable Registration Lock.
This article is the only one I was able to find with a recommendation that you opt out of setting a PIN, and even there they recognize that if you set a secure passphrase instead of a PIN, you aren’t reliant on SGX’s security anymore.
That article also doesn’t talk about how having a PIN is required to enable Registration Lock. Since Signal is dependent on phone numbers, disabling Registration Lock makes you vulnerable to account hijacking attacks. I would personally be more concerned about my contacts having their accounts hijacked - with the only indication of this on my end being that their Safety Number changed - than by them using a 4 digit PIN; if I were to recommend anything, it would be for them to use a secure passphrase (like an EFF dice-generated passphrase or a 12-word BIP39 phrase) and enable Registration Lock.
Okay, thanks. I'll read both of those articles and for now disable my pin on signal and talk to my contacts.
Simplex is working pretty well for me. One of the people I chat with has an apple device so briar wasn't an option, otherwise that's probably what we would be using.