“Signal is being blocked in Venezuela and Russia. The app is a popular choice for encrypted messaging and people trying to avoid government censorship, and the blocks appear to be part of a crackdown on internal dissent in both countries…”

    • ReversalHatchery@beehaw.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      It depends. Somehow it has to discover the peers. Other than that, they could block traffic between residential IP addresses and there goes large part of the P2P network

      • Todd Bonzalez@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        Russia and Venezuela are huge hotbeds of piracy from populations without access or capital to access most forms of entertainment.

        Breaking P2P in this manner would basically be getting rid of the circus part of bread and circuses. Not a good move for an authoritarian.

  • D61 [any]@hexbear.net
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    blocks appear to be part of a crackdown on internal dissent in both countries.

    Or… you know… at least for Venezuela, the USA constantly fucking around with their elections and politics and local assets using Signal or something. Maybe, I dunno?

    • Railcar8095@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      Yeah. Telegram, should be next, there’s a huge risk with it too. And email! Social networks too, just in case. And postal mail, we can’t forget that. We should crack down any form of uncensored communication.

      All for the benefit of the people, of course. \s

      • D61 [any]@hexbear.net
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Self defense is self defense, would we expect some different behavior from a country being attacked from outside interests with publicly accessible end to end encryption services?

        • Railcar8095@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          5 months ago

          Publicly accessible: reviewed and audited by hundreds of teams that confirmed there’s no backdoor. Venezuelan, Russian and Chinese governments didn’t find the holes, even having access to the code. If they did, they would be exploiting it to… reeducate.

          Yeah, I would expect to trust that. Still, you said yourself, the problem is that is used by dissidents. And we can’t have that, right?

          • Open source, except when they do not publish it. Funded incredibly heavily buy the United States Intelegency Agencies. That would be more than enough to raise red flags for any nation that is not on the best terms with the United States.

            Signal in all likelyhood is a honey pot

            • fira959@lemmy.ml
              link
              fedilink
              English
              arrow-up
              0
              ·
              4 months ago

              Funded by the US? Well thats the entire internet, including Tor, Linux and Matrix…

              Amazing how much BS is spread here

              • The server is arguably more important, that is where the data and meta data itself are stored. Linux has never hid its source code for a year, and matrix can be self hosted.

                I mean if you want to trust a honey pot go right ahead

                • fira959@lemmy.ml
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  4 months ago

                  Your claim about it being a honey pot is entirely baseless. There is a significantly better chance you are working for the US to prevent people from using signal…

      • Novman@feddit.it
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        In UK don’t ban them, but jail you if they don’t like your posts, more democratic.

            • Railcar8095@lemm.ee
              link
              fedilink
              arrow-up
              0
              ·
              5 months ago

              Keep going, then. Any other country to mention, seeing how it’s important to you? Russia? China? Italy? India? Pakistan?

              I somehow feel your “broad” is actually quite narrow. Usually happens with the whatabautisms

              • Novman@feddit.it
                link
                fedilink
                arrow-up
                1
                ·
                5 months ago

                Why going so long when we have a near, english-speaking , clean example of a country famous for the free speech. If you have the highest example of human rights why check the rest.

                • Railcar8095@lemm.ee
                  link
                  fedilink
                  arrow-up
                  0
                  arrow-down
                  1
                  ·
                  5 months ago

                  So much from broadening… As soon as I mention any other suddenly there’s no point checking other countries.

        • Railcar8095@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          5 months ago

          Unrelated to what the previous person is saying (banned because it was used by dissidents), but still, we have the source code. If you’re arguing they are somehow accessing the data, what’s encrypted and what isn’t is known.

          • RedWizard [he/him, comrade/them]@hexbear.net
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            Signal knows who you are taking to. You can build a network of contacts based on that information. When you send messages your phone number is protected but your ip address is not, and the receivers phone number is not protected. So you can find two people chatting based on that information. The app automatically sends a delivery receipt when a message is received to the other user, exposing the senders phone number and IP address.

            However, opposition in the country is backed by western agencies and NGOs, and likely their primary means of communication is signal since it’s backed by western intelligence, meaning, western actors believe it to be safe from external interference.

            I’m not arguing that the west is reading messages. I’m arguing that they believe it’s a safe haven for their agents because they pay money to ensure it’s safe for their agents. If it wasn’t, they wouldn’t use it. Its the same reason why the intelligence community in the west is a large supporter of the tor network. They use it in the field and operate their own exit nodes to protect their operations.

            • Railcar8095@lemm.ee
              link
              fedilink
              arrow-up
              0
              ·
              4 months ago

              That’s what you fail to understand. It’s open source, it has been audited. Venezuela and any other country can check and crack the encryption if has holes in it. The long first paragraph is something that’s not a secret, but widely known.

              You know what’s also safe? Encrypted emails. VPNs. Matrix.

              If you think this is a movement against foreign agents, you should think it’s useless too. For a sufficiently motivated agent, this will be trivial to overcome. For the general population? Not so much.

              Unless next all forms of private communication re forbidden, of curse. Surely what people on a privacy community advocate for.

                • Railcar8095@lemm.ee
                  link
                  fedilink
                  arrow-up
                  0
                  ·
                  4 months ago

                  Which ones? Signal? Likely. Secure mail and VPN? For sure. Can “foreign agents” use them? Certainly.

                  Who will have a hard time to use them? General population. Signal is the privacy communication service with the lowest barrier to entry, in terms of cost and setup complexity. Not a tool for spies, but for average Joe.

                  What service do you recommend BTW? That ensures government cannot snoop and prevents “foreign agents”. It seems that any privacy is a risk, so I’m curious what a privacy minded person thinks should be OK.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        5 months ago

        We can’t have individual thinkers running around can we. We need a shared vision that is dictated from the top down.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      5 months ago

      I’m pretty sure Venezuela was unstable before the US started getting involved.

      Anyway Signal is secure so that shouldn’t be the problem. It has more to do with the government working to crush civil liberties and independent thought.

      Same story in all authoritarian countries

      • ☭ Comrade Pup Ivy 🇨🇺@lemmygrad.ml
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        4 months ago

        First no Venezuela was stable before US medeling.

        Second, “is secure” is quite a leap, it is funded to a sickening extent by the United States government, has gone about a year before opening up its source code, and is in the US where there is a law that says if the US government says show us everything and keep quiet, they have to do that. There are real concerns

        Or you can uncriticaly say “Athoritarian Country” with no defineing term there, or real understanding of Athoritarianism and disreguard all concerns from these countries.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Matrix isn’t secure depending on how you use it. It also doesn’t protect individual identities terribly well.

      Simplex Chat would be the better option however the main Simplex Chat server and matrix server could end up blocked as well.

      • Dessalines@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        5 months ago

        Matrix is entirely self-hostable, and you can turn off both federation, and the requirements for any linkable identifiers.

        Signal by contrast requires your phone number, isn’t self-hostable, and is based in a five-eyes country.

        • Lemongrab@lemmy.one
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          Matrix doesn’t protect metadata, which is arguably just as (if not more) important than message data. Signal by contrast does protect metadata and proper implements Perfect Forward Secrecy for all chats. I do think Signal’s centralized design and phone number requirements problematic, but Signal still has many merits. Such as its massive user base for a AGPL-only project.

            • Lemongrab@lemmy.one
              link
              fedilink
              arrow-up
              0
              ·
              4 months ago
              • AGPL-only is a license, I didn’t want to misrepresent the license by being general. I was just trying to say that it is surprising that a fully open source application like signal has a large user base.
              • PFS isnt enabled by default for group chats and generally feels messy as the end user to deal with. I was unaware that they have properly implemented it for group chats as well.
              • My point about metadata still stands. Matrix still does not protect metadata (one eg: reactions to messages are in unencrypted).
              • ReversalHatchery@beehaw.org
                link
                fedilink
                English
                arrow-up
                0
                ·
                4 months ago

                PFS isnt enabled by default for group chats and generally feels messy as the end user to deal with. I was unaware that they have properly implemented it for group chats as well.

                Isn’t it? Maybe I’m misunderstanding something, so let’s start from the definition. PFS is when future joined users can’t read messages sent before they have joined, right?
                In that case, it is not just implemented, but cannot be avoided and is a major hassle to deal with. In my understanding when someone joins, all members start a new olm session, meaning they now encrypt future messages with a new key. The old keys are not being sent to the joined users, not even if the room has been set up to allow reading history, and this results in them only seeing undecryptable messages, and all the metadata you’re taking about (except when the client hides these to reduce new user’s confusion).

                Former keys are not shared among clients for now because there’s no mechanism (for now, but this is planned) to verify that a new member is actually a legit member, not just someone popped in by the server admin by DB editing or whatever.
                Earlier there was a workaround mechanism, where with element clients, when you have invited someone, your client has sent keys to all the previous messages which it had, to the invited user. That was not (yet?) reimplemented in their new crypto library, but apparently they’re working on it.

                But the point is, that afaik PFS is on and cannot be disabled for encrypted rooms, new rooms are encrypted by default, you have to toggle that off by yourself if you don’t want it, and it can’t be toggled off after room creation.

                My point about metadata still stands. Matrix still does not protect metadata (one eg: reactions to messages are in unencrypted).

                That’s right. I don’t think that’ll ever change, but it’s for sure that it’ll not change for a long time, because fundamental changes would be needed.
                But! For when that is a concern, you are not entirely unprotected. For example you can set up a room to never federate, or only federate with specific homeservers. If your group runs their own, on owned real hardware, information can’t really leak from your control.

  • Dessalines@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    Smart move, considering Signal is a US-hosted centralized service that has to comply with US NSL laws.

    These comments below seem to be unaware of all the issues privacy advocates have of signal.

    • ivn@jlai.lu
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      I don’t get it, are you really arguing that Russia and Venezuela are blocking Signal to protect their citizens from American snooping?

        • QuadratureSurfer@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          5 months ago

          Isn’t the whole point of something like End-to-End Encryption so that not even the company themselves can read your messages?

          In that case it wouldn’t matter even if they did turn the info over.

          Edit: I read more into the page you linked. Looks like those NSLs can’t even be used to request the contents either way:

          Can the FBI obtain content—like e-mails or the content of phone calls—with an NSL?

          Not legally. While each type of NSL allows the FBI to obtain a different type of information, that information is limited to records—such as “subscriber information and toll billing records information” from telephone companies.

          • XTL@sopuli.xyz
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            The company, or any middleman, can read your messages if they have the keys. In many services, the keys come from the company. EEE is only as trustworthy as the clients and processes you use.