Comment by notepad0x90
10 hours ago
Keep in mind that with secure messaging, if the other side gets compromised, your chats with them are compromised. This seems obvious, but with signal groups of a large size, they're effectively public groups. Signal insists on using your phone number too, refusing user ids or anything that will make analysis hard.
Don't use Signal for organizing anything of this sort, I promise you'll regret it. I've heard people having better luck with Briar, but there might be others too. I only know that Signal and Whatsapp are what you want to avoid. Unless your concern is strictly cryptographic attacks of your chat's network-traffic and nothing more.
> Signal insists on using your phone number too, refusing user ids or anything that will make analysis hard.
That is no longer true, you can use user IDs now.
For the other problem, you can enable self-deleting messages in group chats, limiting the damage when a chat does become compromised. Of course, this doesn't stop any persistent threat, such as law enforcement (is that even the right term anymore?) getting access to an unlocked phone.
It doesn't mean much if it isn't the default, even then people who got it prior to that use phone numbers, you can protect yourself maybe, but not other people in the group. But it's good they're doing this now.
No cryptography will protect a group that allows a traitor to join. The fundamental problem is vetting, and you really just can't do that remotely.
Not traitor, but compromised user. Given enough targets, one of them will have their device compromised. Of course the FBI has access to things more powerful than pegasus I'm sure (Just guessing).
It can protect the identity of the members, though.
Apparently, one member of the group uploaded a personal photo as an avatar.
I've also heard of side-channel attacks on Signal that could allow for profiling a user's location, which with the FBI's resources could presumably eventually result in identification.
1 reply →