the White House has, for the past decade, provided more than $6 million to the program, which allows the targeting of the records of any calls that use AT&T’s infrastructure
the program takes advantage of numerous “loopholes” in federal privacy law
the DAS program has been used to produce location information on criminal suspects and their known associates, a practice deemed unconstitutional without a warrant
(This website is a bit annoying.)
This is why I push others towards Signal for communication. Only myself and them will have record of what was said and I make them disappear after 4 weeks.
Yeah but can you trust the people you talk with not to install shitty stupid apps, or click on stupid links that compromise their device that then lead to accesa to your measages and phone number?
That’s a great question to ask! The biggest weakness of any “mathematically private” communication channel is not mathematical, but simply humans (users): Alice, Bob, and also the channel itself implemented by a human coder Chris.
While we don’t need to be paranoid but as a matter of fact, even assuming Alice does everything right, Bob may be sloppy, saving decrypted plain text in a random place (even uploading his own secret key to “cloud” or something, assuming it’s good idea to have a back-up of important files). Also the channel might have a hidden backdoor, perhaps side-channel, unknown to Chris.
It seems important to be aware of these possible human factors.
Also there is this big problem of metadata (this AT&T thing seems to be also largely about metadata).
[Additionally, though less importantly, most cryptography is based on unproven mathematical conjectures, like y=f(x) is easy to compute but it’s hard to get x from y. Which may be relevant when the one-wayness is based on the difficulty of factorization as in RSA.]
Yeah but can you trust the people you talk with not to install shitty stupid apps
You can’t, but the threat exists regardless of what service you use.
Regarding my phone number being leaked, I’m okay with that risk. It’s relatively easy to ignore/block unknown contacts and I’m not in any threat should someone discover it. For anyone who absolutely needs anonymity, they may want to wait until user names are rolled out and use another service for now.
For anyone who absolutely needs anonymity, simplex may already be better.
Just now (~ 1 hr ago), EFF also recommended Signal.
https://ssd.eff.org/module/how-to-use-signal How to: Use Signal | Surveillance Self-Defense Last Reviewed: October 31, 2023
Signal is a free and open-source application for Android, iOS, and desktop that employs end-to-end encryption to keep communications safe. Signal has certified to courts that it only maintains two types of user data available to law enforcement: timestamps of when each account was created and the date that each account last connected to the Signal service.
(I also agree with you about simplex, still too early and iffy.)
That is even more annoying and worse for privacy (reCaptcha)!
The linked website is not paywalled. Just click the chevron (V) to hide the annoying thing, or simply disable CSS:
On Tor Browser, LibreWolf, or normal (less privacy-oriented) Firefox:
- View → Page Style → No Style
- On keyboard:
[Alt], [V], [Y], [Enter]
PS: If you don’t want to open it directly, do this search and use ANONYM ÖFFNEN (much cleaner: many annoying things auto-filtered + they can’t see your IP)
