the White House has, for the past decade, provided more than $6 million to the program, which allows the targeting of the records of any calls that use AT&T’s infrastructure

the program takes advantage of numerous “loopholes” in federal privacy law

the DAS program has been used to produce location information on criminal suspects and their known associates, a practice deemed unconstitutional without a warrant

(This website is a bit annoying.)

  • xmr_unlimited@monero.town
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Yeah but can you trust the people you talk with not to install shitty stupid apps, or click on stupid links that compromise their device that then lead to accesa to your measages and phone number?

    • Saki@monero.townOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      That’s a great question to ask! The biggest weakness of any “mathematically private” communication channel is not mathematical, but simply humans (users): Alice, Bob, and also the channel itself implemented by a human coder Chris.

      While we don’t need to be paranoid but as a matter of fact, even assuming Alice does everything right, Bob may be sloppy, saving decrypted plain text in a random place (even uploading his own secret key to “cloud” or something, assuming it’s good idea to have a back-up of important files). Also the channel might have a hidden backdoor, perhaps side-channel, unknown to Chris.

      It seems important to be aware of these possible human factors.

      Also there is this big problem of metadata (this AT&T thing seems to be also largely about metadata).

      [Additionally, though less importantly, most cryptography is based on unproven mathematical conjectures, like y=f(x) is easy to compute but it’s hard to get x from y. Which may be relevant when the one-wayness is based on the difficulty of factorization as in RSA.]

    • ᗪᗩᗰᑎ
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah but can you trust the people you talk with not to install shitty stupid apps

      You can’t, but the threat exists regardless of what service you use.

      Regarding my phone number being leaked, I’m okay with that risk. It’s relatively easy to ignore/block unknown contacts and I’m not in any threat should someone discover it. For anyone who absolutely needs anonymity, they may want to wait until user names are rolled out and use another service for now.

        • Saki@monero.townOPM
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          What’s important when you’d like to have absolute privacy or anonymity is, to realize that you can’t. “Use this, and no one can read your message.” is a typical mistake. “This service is world most secure” etc. is just a lie. Anyone who claims that privacy can be simple/easy is either a liar or doesn’t know what they’re talking about.

          A rare example of honest/true statements, on the other hand, can be seen on the Cock.li website: http://rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion/

          How can I trust you?

          You can’t.

          In this specific case about the US, though, what’s most important is obviously to somehow stop this unconstitutional surveillance by the government (only making AT&T happy and rich). Please, don’t waste a lot of money to invade normal people’s privacy when you already have trillions of debts 😢

        • ᗪᗩᗰᑎ
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          While I agree with your statement in general, I think its still early and dangerous to be recommending simplex as a viable alternative. It hasn’t stood the test of time nor been independently audited. I’m keeping my eye on it as it seems like a viable alternative, but I’d hesitate to recommend it to anyone who may be at risk.

          • IP2@monero.town
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            Hence the “may already…” depending on use case obviously. You can’t really recommend anything to someone who may be at risk, certainly not Signal. Not that I have anything against Signal (I use it daily and have been for years) but anonymous it isn’t, not in big part of the world anyway.