Comment by maqp

1 year ago

>You can have your phone compromised (especially when I know your phone number, Signal I’m looking at you) or be subject to other means of attacks, exposing everything.

Knowing someone's phone number doesn't automatically let you compromise their device. This is such a ridiculous argument.

>I would rather know that this app is not secure so I don’t share anything important, while keeping secure communication to other means.

This is nirvana fallacy. It's essentially saying "We should not talk about Telegram lying about its security, when in reality nothing is 100% secure". Yeah, nothing is, there's always an attack. That doesn't contribute anything of interest to the topic, it just tries to kill the criticism. And I'm saying this as someone who has worked on this exact topic for ten years: https://github.com/maqp/tfc

2 comments

maqp

Reply
tamimio  1 year ago

> Knowing someone's phone number doesn't automatically

One way or another, phone numbers are like home addresses in the digital world. Once exposed, it’s just a matter of time and resources dedicated to that. Not to mention, sometimes it’s just needed to cross over the identity, that’s it.

> This is a nirvana fallacy. It's essentially saying

I didn’t say that. As I mentioned in the other comment to you, some or a lot of people just don’t care about security, and as long as this info is known, it should be treated just like any social media.

Great project with TFC, I never heard of it, but it looks interesting. I would definitely give it a try! I have a question though: does your project require a phone number? If not, why? And would you recommend Signal to anyone who is after security, privacy, and anonymity?

  • maqp  1 year ago

    >If not, why?

    Because that's the trade-off you make when you want high entropy unique usernames to prevent enumeration attacks. They become long and random. There's still a "phone number". It just looks something like 4sci35xrhp2d45gbm3qpta7ogfedonuw2mucmc36jxemucd7fmgzj3ad. You know that string and you can make a computer somewhere in the world accept some GET requests. Who knows if Flask, or whatever is part of the stack, has zero-click vulnerabilities.

    And yes obviously I would recommend Signal to anyone who wants content privacy. Since Signal offers only narrow by-policy metadata privacy (unless you're on burner hardware), I'd ask them if they wanted metadata privacy, and if so, I'd point them to the direction of Cwtch https://cwtch.im/. I wouldn't recommend TFC unless endpoint compromise was part of their threat model. It's complicated and nuanced in the deep end of the pool.