Could you summarise this for me, please? It is too long and upsetting to read.
I don't think an ability to form words that alone sound like a good argument in response to an ignored point, makes those good words have meaning when said. On 1/28/21, Punk-BatSoup-Stasi 2.0 <[email protected]> wrote: > On Wed, 27 Jan 2021 06:43:24 -0500 > Karl <[email protected]> wrote: > >> >> >> >> I want my messages preserved, so I don't worry about forward secrecy >> >> =S >> > >> > In that case it seems that signal has little to offer to you apart >> > from >> > their surveillance services tied to your phone number. >> >> =( obviously i like it because it cryptographically preserves the >> integrity of threads > > ok. > > >> >> this conversation ended up being unpleasant to me. i am changing my >> replies. >> >> I LOVE YOU PUNK! I HATE ARGUING! >> >> I LOVE FASCISTS AND FAKE LIBERTARIANS AND GOVERNMENT AGENTS AND >> SOCIALISTS AND TERRORISTS! > > funnily enough, there are more than a few people who belong to all those > categories at once. And fscism, socialism and terrorism are of course > closely related. > > >> > >> > In some ways signal is worse than pgp. For example, you don't need to >> > register with morlonpoke using a phone number to use pgp. You just >> > compile >> > it and run it. > >> >> WHO CARES. However: You don't need to register with morlonpoke to use >> signal _either_. You can _also_ just compile and run it, and numerous >> forks have _done_ that. > > > Maybe you can run your own signal server - how many people do that > though? > > On the other hand you cannot use the 'signal service' at signal.org > without > registering. As a side note of sorts : "Signal is a registered trademark in > the United States and other countries.". Plus : > > "You agree to use our Services only for legal, authorized, and > acceptable > purposes. " > ('acceptable'? 'authorized'? 'legal'? LMAO) > > "Signal’s Rights. We own all copyrights, trademarks, domains, logos, > trade > dress, trade secrets, patents, and other intellectual property rights > associated with our Services." > > https://signal.org/legal/ > > etc. > > > > >> I LOVE YOU PUNK! I HATE ARGUING! >> >> I LOVE FASCISTS AND FAKE LIBERTARIANS AND GOVERNMENT AGENTS AND >> SOCIALISTS AND TERRORISTS! I LOVE ANYBODY WHO HATES ME! > > > For the record, I don't hate you. As to your comment, are you > suggesting I > may be any of the above? > > > >> > >> >> and dangerous, and we need to cut the bullshit and get to stuff >> >> that's real, being honest about the problems of all the solutions we >> >> have? >> > >> > >> > Pretty much. I don't see signal solving any fundamental problem, >> > contrary >> > to what advertisers seem to believe. >> >> Nah it's incremental steps. > > > I see. So while govcorp takes 50 steps in the direction of total > tyranny, > signal takes one step in the opposite direction. That doesn't look like a > good situation or dynamic...for victims of tyranny. > > > >> Here's some relevant bullshit calling: >> >> Signal is run by a nonprofit. Talking about their behaviors in terms >> of marketing and advertising is poisonous to the global community, > > > Signal is a company. 'Nonprofit' is a state-law category. In reality, > Morlonpoke got 3 millions from the pentagon. That's 3 millions in profit for > morlonpoke, coming from the US military. > > Plus, do you think signal's employees work for free? Do you think > amazon-NSA 'hosts' signal servers for 'free'? Well admitedly, more than > likely signal does get a discount from amazon-NSA since they are putting all > their users 'metadata' in the NSA 'cloud'. > > >> in comparison to some of the marketing atrocities still going on in >> front >> of our faces. > >> You talk this way about people all the time. > > > Yes. I call bullshit out all the time. > > >> You are turning people >> who could help the things you say you are supporting, against each >> other. > > > That's you view. From my 'point of view', something like signal is > basically controlled opposition. Maybe you should start thinking what people > outside the US think about the US. I mean, the people who are not 'foreign' > US agents or sellouts. > > > >> > >> > >> > My point was/is that your claim about 'PFS' and pgp is wrong, that's >> > all. >> >> I'm not a cryptographer. I summarised theft of private key, >> compromise of devices, discovery of attacks via side channels, and >> cryptanalytic advances, all together into one inaccurate phrase that >> still produces the same behaviors in end-users if believed ;P > > > I'm not a cryptographer either but I can take a half-educated look at > what's being discussed. > > >> >> >> you often send insulting things, I'll treat the reply as my form of >> >> sending insulting things. >> > >> > yeah, people say insulting things all the time, while pretending to be >> > 'polite'. I insult people after they try to take me for an idiot. >> >> This "pretension of politeness" is a struggle to engage in actual >> rational discourse. > > > is it? Are you talking about yourself? My general observation (doesn't > necessarily apply to you), is that this 'pretension of politeness' is one of > the clearest signs of hypocrisy from 'first world' 'liberal' totalitarians. > It has nothing to do with rationality and everything to do with deception. > > > >> >> >> [personal experience description inhibited. meanwhile, maybe you've >> >> been mind controlled to argue on this list.] >> > >> > see, that sounds pretty insulting. But Ok. >> >> The things you say don't seem to logically line up all the time. > > > For instance? Please give some examples. > > >> This >> could be because I come from a really different place from you, >> because you are really upset, or because you have been manipulated to >> influence us. I'm inferring it's the first 2, but could use your >> confirmation. > > > Well, maybe I'm not being clear enough, or maybe you're misunderstanding > what I say. Or maybe both? > > >> you have been manipulated to influence us > > That remark is weird. First, when you say 'us', who are you talking > about? > What team is this 'us' team you are part of? Then how exactly you think I > was 'manipulated'? And by whom? > > > >> > >> > I 'snip away' stuff that I don't think needs to be quoted repeatedly. >> > Or >> > stuff I won't reply to because I don't think it's important. If there's >> > something you think it's important and I should reply to, then let me >> > know. >> >> Snipping's important. When bantering on this list, I'm usually in a >> flashback or something and it can be helpful to see reminders of what >> we're referring to. This is me being stupid, not really your fault, >> but I get frustrated around it. > > > ok > > > >> I haven't read the math or anything, but it sounds like it is >> exponentially more difficult to compromise an old message with forward >> secrecy, compared to without, similar to how bitcoin produces breaks >> of the sha256 hash, while also producing incredible security of data >> held by that same hash. > > > I don't know about "exponentially more difficult" but yeah the more keys > the better. > > > >> >> >> > Also, we're using plain text here because this is a public >> >> > forum. >> >> >> >> that's not how I feel, the comparison seems like gossiping instead of >> >> sending a letter to a mailing list. in signal, messages are signed by >> >> the sender and misbehavior of the isp and server are defended against >> >> a little more. >> > >> > well yeah. And yet, misbehavior of isps or list server is not a >> > problem >> > here. You keep talking about it, but there isn't evidence of any >> > tampering. >> > I'm not saying it can't happen, just that it isn't happening here as far >> > as >> > I can tell. >> >> to speak that language where you pretend everyone has the same >> experiences, "bullshit"! the list admin posted about messages >> bouncing due to misbehaving network infrastructure just recently. >> https://lists.cpunks.org/pipermail/cypherpunks/2020-December/085620.html >> many other issues have been posted, many with cryptographic signatures on >> them. > > > There have been a few 'technical' problems which are the typical > computer > problems when something is 'misconfigured'. You said "misbehavior of the isp > and server are defended against". "Defense against misbehviour" seems to > imply malicious intent, not just some random mistake. > > So again, I don't see much need for better authentication. And better > authentication has drawbacks. Namely, your signed messages may be used > against you, your signing key may be stolen, etc. > > >> >> >> it's notable that speaking in a forum transparent to those who dislike >> >> the topic gets you hurt. anarchists everywhere learn to organise in >> >> small private groups. >> > >> > Yes, I'm certainly not against that tactic, but now we're on the >> > public >> > arpanet, which is a very big public forum, not a 'small private group'. >> >> i'm talking about the relevance of technologies supporting safe >> communication, not whether we happen to be using them now. people on >> this list have gotten repeatedly targeted, and it's been repeatedly >> discussed on this very list. > > > ok. So use better encryption if you think you need it. Or don't use > retarphones and other computers at all. > > >> >> >> pgp is broken by factorization. teleportation would not be an >> >> efficient way to research this. >> >> >> >> not sure if https://primecoin.io/ is that relevant but we can make an >> >> economy focused around compromising any cryptographic primitive, now. >> > >> > heh >> >> ;p >> >> i got this smiley from somebody from another country from mine. it >> means a silly half-smile. > > > I always saw that emoticon as a mix of smile and a tongue sticking out. > > >> >> anyway, cryptographers support researching compromising their stuff. >> it helps people understand what is going on better. i don't know if >> people understand the dangers of pressuring that this be done >> _privately_, i haven't been keeping up on the talk. >> >> >> > at least decentralization doesn't allow the NSA to get all the >> >> > data >> >> > at >> >> > once, directly from morlonpoke. >> >> >> >> where are you from? it's so funny to see the 'z'. it's the united >> >> states spelling. >> > >> > i'm not a native speaker of english. My english is mostly US-influenced >> > I'd >> > guess, but you shouldn't expect any consistent spelling from me =) >> >> don't usually see non-native speakers taught the united states >> spellings; usually british. > > > actually many people, if not the vast majority, study 'US' english. > Plus, > if you read US stuff you pick up the US spellings. Also, I told you where I > am from, but you forgot it. > > Anyway, you wouldn't think you're doing some kind of 'detective work' to > 'unmask' me as some kind of 'agent'? =) > > > >> >> >> i guess we'd better find this mr morlonpoke and defend them =/ dunno >> >> how to do that. we can call it freeing them from the shackles of >> >> technology and forcing them to work on what actually makes sense to >> >> work on. >> >> >> >> the nsa already has agreements with isps, whereas a >> >> morlonpoke-agreement would be a new negotiation. >> > >> > >> > like I said signal.org website is 'hosted' by amazon-NSA. That's >> > trivial to >> > check. And a quick search seems to suggest that the servers for signal >> > the >> > 'app' are also amazon-NSA >> >> yeah i summarise all that stuff as kinda 'signal sold out to >> mainstream so that they could have users' > > > I'm not sure why they need to sell out to get users? I mean, they offer > a > 'free' service so they are pretty likely to get users. They wouldn't get a 3 > millions 'grant' from the pentagon if they didn't sell out, but they would > get users either way if they offered a usable service. > > >> but in reality it probably >> came from academia where there's more trust for business because >> they're financing and hiring from the organisations, so play nicer. > > > hm. Not sure what you mean. I don't think morlonpoke is (too?) > connected to > academia. He plays the part of the (ex)starving anarchist. > > >> >> the nice thing is that because it's open source, everyone is taking >> their work and ripping the govcorp parts out, and reusing it. and >> because they're trusting, they would accept pull requests that resolve >> the things you describe. > > > I don't see how a change in the software would change the > location/provider > of signal's servers. > > Other people can run their own servers, but can't even use the 'signal' > 'trademark' (lawl they US-trademarked yet another common english word...very > anarchistic) > > >> >> here, punk will again ignore these points? saying that because people >> related to signal have unpleasant attributes, we should dislike signal >> itself? > > > What point am I ignoring? My take on signal is that yes, the protocol is > more advanced, but the company is not to be trusted. > > > > >> >> >> we could invest time and energy in making a contribution to signal to >> >> make it decentralised. this is phyiscally possible. >> > >> > >> > doesn't look like something they are interested in. >> >> they're interested; they're just brainwashed by usa culture, so they >> prioritise other concerns first. meet those concerns and they'll love >> an improvement. > > > which concerns are they prioritizing? > > > > >> > the claim that money is a fake thing is pretty bold. And I still don't >> > see >> >> well, there'd be less money in general if people weren't _using_ it >> that way, with government-managed banking, and political marketing >> campaigns, and such. > > > ah if you mean that government money is fake then yes I agree. Sadly we > are > still forced to use govt-counterfeited money. > >> >> if you have $10 and somebody has $1 trillion, and you use money as >> your only way to survive, you are that person's effective slave. > > > Probably, yes. But the problem isn't money itself, but distribution of > property. The guy who has $1 trillion must have stolen 99.9999% of it. > > If you're using the word money to refer to the abuses of the current > system > then yes money sucks. But in economic terms money is something else. > > > >> >> > what a 'blockchain' bassed messenger would look like. You seem to >> > believe >> > that 'blockchains' can solve many problems? They rather look like nasty >> > surveillance tools to me, except if carefully used. >> >> a blockchain basically pretends that it is paying people to spend >> incredible degrees of electricity to make certain that messages called >> "transactions" are spread to everybody on the network with precision, >> accuracy, and certainty. it pays the people making sure of this in >> these messages, so it is pretty easy for it to do. > > yeah you can think of bitcoin as a messaging system, but bitcoin > messages > are a particular kind of message. If bitcoin wasn't an accounting system > then miners wouldn't get paid. Or conversely if you wanted something like > bitcoin to send 'ordinary' messages you'd have to pay a ton of money. Also, > posting private messages on a public blockchain looks like a bad idea. So > you need an encrypted blockchain, which is even more expensive. > > on the other hand, if you want uncensorable distributed storage there is > this : > > https://freenetproject.org/ > > (which has been around for a long time) > > >> >> you could cast it claiming other good or bad things, too, systems have >> many properties, not just one. surveillance is not easy on a >> blockchain, it is just possible. when you say blockchains are about >> surveillance you sound really weird, and people wonder how you got the >> idea, and why you are so passionate about it. > > > there are only 3 or 4 blockchains that are NOT a surveillance tool. All > the > rest of 'blockchains' including the biggest of them all are horrible, > privacy-wise. > > If anything here is weird, is the fact that you seem unware of the > privacy > problems that things like bitcoin or so called 'bitcoin sv' have. You've > been using bsv that's doubly or triply weird. I mean, you know that criminal > wright no? > > > "you sound really weird, and people wonder" - when you say 'people' you > mean only you, I take it. > > > "why you are so passionate about it." - well this is the cpunks list so > I'd > assume privacy is important? So why would it be strange that I'm > 'passionate' about blockchains being bad, privacy-wise? > > You seem to be constantly 'hinting' that my negative* comments are an > attempt at 'disrupting' the 'heroic work' of 'some people', and constantly > 'hinting' that *I* must have some 'hidden agenda'. And that's doubly funny > since you don't say the same thing about clear govt agents like 'professor > rat'. > > > *course, my 'negative' comments are just realistic comments, but people > prefer to cover their ears and post technofascist spam. > > > >> >> >> I didn't like how the people running it engaged in a chest-beating >> >> competition with another cryptographic organisation, but they were >> >> probably doing the best they could, just like you are. I also don't >> >> like that they have a centralised server, require a phone number to >> >> register, and mostly support web-enabled technologies run by >> >> corporations that have huge opportunity to put backdoors in. But it's >> >> pretty clear they gave a _lot_ of avenues for people to help address >> >> those situations. >> > >> > I'm not sure how people who are not part of the company can fix those >> > problems? Apart from using the software to run a different service I >> > guess. >> >> Signal isn't run by a company, but rather a nonprofit. > > > Signal IS a company. It says so right here https://signal.org > > >> It's an open >> source project where a huge portion of the development effort is from >> community work. > > > That's "signal the software". "Signal the company" is a different thing. > > >> 2,149 accepted changes from random online >> contributers: >> https://github.com/signalapp/Signal-Android/pulls?q=is%3Apr+is%3Aclosed >> (that number may be a little high because unaccepted contributions >> are included in that page too, but i keep clicking different pages and >> i only see acceptance (PR merging) of every suggested change, over and >> over again.) > > >> Uhh ... I'm now seeing a lot of pull requests that are not marked as >> accepted and merged, but have comments indicating they were, like >> https://github.com/signalapp/Signal-Android/pull/9090 which says >> "thanks for merging" but github does not report it as merged. > > > well, I don't think any project would merge every single pr. But anyway > what % of pull requests they merge only tells you part of the story. >
