On 07/03/2019 07:16 AM, Ryan McGinnis via Gnupg-users wrote: > Not sure why the phone number thing bothers people -- having a > phone at all in the first place means you are easily tracked.
Well, that's why I only use phones (and not smartphones) for routine meatspace stuff where I don't care about privacy. If the NSA wants to know about my dental appointments, fine. > What Signal (and any encryption system, really) does is try to > prevent in-transit interception and surveillance of the actual > data content. It can't hide the metadata associated with a layer > well above the application layer. You're missing the point. Signal not only doesn't hide network-level metadata, it embeds it in the content. As the bloody account ID. I mean, I'm sitting here at a computer. It has lots of firmware IDs, a MAC address, and a public ISP-assigned IP address. But none of that stuff, unless I am sadly mistaken, shows up in my online activity. In the headers of this message, for example. Because I use nested VPN chains, plus Tor when I really want some anonymity. So the equivalent here to Signal would be that my email address had to be associated with my ISP-assigned IP address. And for sure, that's how it was 20 years ago, when I used an email address from my ISP. I used PGP for content privacy, but there was zero anonymity. So how is that bullshit acceptable in 2019? > Openwhisper can be picked up at the firewall level, but then so > can Tor and VPN spinups, and all of these things are metadata > that make you score more interesting to the mass-data-scoop > algorithms. If you don't want to be easily geo-locationally > tracked, don't use a device with a cellular modem, full stop. Sure. But I can start with a popular VPN, and maybe 20% of people around me use VPNs for pirating, so that's not too unusual. What's unusual is what I route through that VPN. But even discovering that would take some work, and then they'd just see another VPN. The won't see Tor until they drill down 3-4 VPNs. It's not just cellular modems that enable geolocation. There's GPS. And there are databases with locations of WiFi APs. If it were possible to securely use VPNs and Tor on smartphones, geolocation wouldn't be any more of an issue than it is for me, sitting here at my computer. <SNIP> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users