https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10565.html
On Fri, Dec 27, 2019 at 4:55 AM Russell Senior <[email protected]> wrote: > Interesting talk by Will Scott at 36c3 a few minutes ago called "What's > left for private messaging?", which talks about a lot of the issues > regarding desired properties in messaging systems. I watched it live, but > it should be available to watch later at some point in the next few days. > He encouraged me to be less judgemental about the broad diversity of > messaging applications. Look for it! > > On Wed, Dec 25, 2019 at 10:47 PM Daniel Johnson <[email protected]> > wrote: > >> My friend who works in tech security industry uses "Wire" to message me. >> >> On Wed, Dec 25, 2019, 10:36 AM Mike C. <[email protected]> wrote: >> >> > On Sat, 16 Nov 2019 13:13, logical american wrote: >> > > I just recently found out that my Signal Messaging Application on my >> > > Apple Iphone has been compromised. >> > >> > >> > > Yikes! Sorry I missed this earlier. This is very concerning. Could >> you >> > > please elaborate? How did you detect this? What happened to the >> other >> > > apps when they were compromised? >> > > >> > >> > The OP was over a month ago now. Not sure how I missed it either as that >> > type of post always gets my attention. >> > >> > I'm also interested in more details. I'm a bit suspect of an actual >> > compromise of the Signal app itself as opposed to the device itself >> being >> > affected by malware. >> > >> > A quick Google search on the topic resulted in one case of a >> > compromised non-official Signal app that was distributed via some Secure >> > Android web site and not via Google Play store. >> > >> > If you are interested in cryptography applications, then it is safe to >> > > assume you know about Bruce Schneier. His Crypto-Gram mail list has >> been >> > > a source of value knowledge about just these types of issues over the >> > past >> > > 15 years. >> > >> > >> > Thank you for this. I just checked it out and he seems to cover the >> gambit. >> > I read a post about NordVPN being breached via leaked encryption keys, >> 20 >> > MONTHS AGO and the >> > company just disclosed this to the public! >> > >> > And you also know that Signal is the standard; I'm not aware of any >> > > alternative product that is as good with the same feature profile. >> > > >> > >> > WhatsApp uses the same protocol as Signal but it's owned by Facebook >> now so >> > who knows what they're doing to it. >> > >> > Telegram has been highly criticized for its security flaws. It doesn't >> do >> > end-to-end encryption by default and it's really developed and marketed >> as >> > a more "secure" collaboration tool like Slack rather than a simple >> secure >> > text app. >> > >> > Threema is a pretty good option. Developed by Swiss company with the >> > benefit of the highly regarded Swiss privacy laws. The code isn't open >> > source but they do publish yearly public transparency reports >> > >> > Surespot is new to me but looks like it might be the best option. It's >> open >> > source and it seems to be a just a lightweight secure text app. >> > https://www.surespot.me/ >> > >> > Happy Holidays! >> > >> > -- Mike >> > >> > >> > >> > >> > >> > > >> > > I noticed a while ago you asked a similar question about secure >> e-mail. >> > > Did you find what you were looking for? >> > > >> > > -- >> > > PRD >> > > >> > _______________________________________________ >> > PLUG mailing list >> > [email protected] >> > http://lists.pdxlinux.org/mailman/listinfo/plug >> > >> _______________________________________________ >> PLUG mailing list >> [email protected] >> http://lists.pdxlinux.org/mailman/listinfo/plug >> > _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
