social.wildeboer.net is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon instance for people with Wildeboer as their last name

Server stats:

2
active users

. When you register as new user, Signal asks you to provide "a" phone number where it can send a confirmation code to finalise the setup.

Know that it asks for "a" phone number that can receive messages. It doesn't have to be YOUR phone number. This is not a new feature, it has always been like that. I registered my Signal account using the phone number of a prepaid SIM in a cheap burner phone. I have never used that number since.

Jan Wildeboer 😷:krulorange:

The only thing Signal stores about you is

- When did you register your account (UNIX timestamp)
- When was the last time your account contacted a Signal server (UNIX Timestamp)

That's it. That's all Signal can produce about you when they are forced to by authorities. There is no history, no call log, no data beyond that.

Here you can see a subpoena asking for detailed information and the reply that Signal sent back: signal.org/bigbrother/cd-calif

Signal MessengerGrand jury subpoena for Signal user data, Central District of California (again!)Signal still knows nothing about you, but inexplicably the government continues to ask.

@jwildeboer : unfortunately, most people believe that they have nothing to hide.

@ErikvanStraten And that is perfectly fine with me, as long as they use Signal for sharing what they don't think they need to hide ;)

@jwildeboer @ErikvanStraten Arguing that you don't care about the right to privacy because you have nothing to hide is like saying you don't care about free speech because you have nothing to say.

@ptesarik : thank you, but Jan and I are definitely aware of that!

We'd wish that the majority of people using the internet would understand that privacy is about risks. I don't know about Jan, but often I feel like I'm talking to walls.

In fact, the problem is *that* big, that some people stop listening if they hear the word "privacy". It's for child abusers and other criminals, those using TOR and VPN's.

@jwildeboer

@ErikvanStraten IMHO: The mission we developers have is to create solutions that allow people that don't care nor understand the implications of technology to still be safe by default. When we developers expose our users to risks they simply are not aware of, that's on us. We must do better. @ptesarik

@jwildeboer @ErikvanStraten @ptesarik For example, my company used 10% of their dev time on security and privacy issues and my competitor used it to add live mustaches to video, and all my users flocked to my competitor because they have nothing to hide but they sure love a pair of live mustaches without the headache of grooming real ones. We still devote that 10%, unfortunately it is 10% of 0. (fictional example) Totally on us.

@ErikvanStraten @ptesarik @jwildeboer If you need a special thing, two things become more likely and one thing is still true.

Any law enforcement will take your use of the special thing as a confession and proceed on that basis, no matter how normalized such use becomes.

The entire weight of state-level intelligence aparats will be bent on compromising the special thing. They will inevitably succeed.

"Trusting trust" is still true; you do not have the resources to trust a computer.

@ErikvanStraten @ptesarik @jwildeboer I came up with a couple of questions for those people: what newspaper do you read, do you listen to or watch foreign media, are you a member of a union, which religious denomination are you part of, are you using birth control currently. Maybe that will get them thinking

@johan : all those things *should* not matter.

Here's another one: even if you mostly get spam and the rest of the emails you exchange are not confidential at all, you still need a strong password for your email account. That's for at least two reasons:

• If an adversary obtains access to your email account, they will likely be able to password-reset most of your other online accounts and gain access to them;

• An adversary who obtains access to your email account may impersonate you and tell your friends and family that you urgently need money (and, btw, that you have a new bank account number). Or they'll send them malware stating that it is a nice game that you enjoy very much.

@ptesarik @jwildeboer

@ErikvanStraten @ptesarik @jwildeboer I know it should not matter. Nothing should matter unless your actions are hurting other people (i.e. doing crime). But those kind of questions hopefully make I-have-nothing-to-hide people see that they do have something to hide.

Getting a notebook and writing everything down with comments like 'interesting' and 'I will pass that on', might help get the point across even better.

@ErikvanStraten @jwildeboer My standard reply to them is 'so why do you have frosted glass in your bathroom window'?

@RosePuckey : they may answer "that's because other people insist I have that. I have nothing to hide, I go to sauna every week"

Edited to add: It's not my intention to upset you. It's just incredibly difficult to convince people that less privacy means more risks for them.

@jwildeboer

@ErikvanStraten @jwildeboer It would take more than that to upset me. The sad truth is that the vast majority won't listen until something happens to them directly.

@RosePuckey @ErikvanStraten @jwildeboer
And then they are super surprised and in shock that it's happening to them.

@ElpasYou_2 @ErikvanStraten @jwildeboer Oh for sure. I find it fun, if you know their mail address, to run a quick db query and tell them how often they've used the same mail\password combination and on which sites. Unfortunately surprise very quickly turns to anger and they still don't change the passwords.

@RosePuckey @ErikvanStraten @jwildeboer Fun fact: There's a hotel in Dornbirn, Austria that doesn't. Yes, I can provide picture proof on request. No, I won't be staying there ever again.

@RosePuckey @ErikvanStraten @jwildeboer The thing is, the bathroom "window" there is a full-height glass wall between bathroom and bedroom. On the other side of the bedroom is the actual window to the outside. But, it doesn't have normal curtains, only blackout curtains.
So to use the bathroom or toilet, you had to turn on the light in the bedroom, and close the blackout curtains, before being able to use the bathroom/toilet.

For two-person rooms, they did have frosted glass, but not for single rooms.

@farbenstau @ErikvanStraten @jwildeboer wow, that's kind of short sighted of them although somewhat amusing all the same. Sorry.

@RosePuckey @ErikvanStraten @jwildeboer (I don't want to derail your thread, but if you're curious, I can elaborate further …)

@farbenstau @ErikvanStraten @jwildeboer lol, I have a good imagination, think I'll leave it there

@farbenstau : the last time (5 years ago or so) I was in a hotel in Austria, my girlfriend and I came to realize how good it is that smoking is forbidden in Dutch hotels.

Our bedroom was right above the bar. People below did not make a lot of noise late at night, but their cigarette smoke penetrated through the wooden floor of our bedroom. To make things worse for a beautiful environment (near the Nockalmstraße), it kept raining all the time. But that was after we had sunny weather in Vienna, so no hard feelings!

@RosePuckey @jwildeboer

@ErikvanStraten @RosePuckey @jwildeboer I don't remember if this hotel allowed smoking in any of their rooms. Mine were non-smoking ones. The last Austrian hotel I was in had an ash-tray on a small balcony belonging to the room, but wouldn't allow smoking inside either (thank $DEITY).

@RosePuckey and @farbenstau : as a security guy I was taught (it's one approach) to ask "what is the risk" (and for whom).

An example: most people do not understand why using WhatsApp poses a risk - not just to themselves.

Messages are E2EE (End to End Encrypted), right?

Yes and no. It's not E2EE because the actual "end" is the person writing or reading a message. Most people are very bad at encrypting and decrypting bunches of bytes (in particular when asymmetric cryptography is involved).

Malware made by governments (ChatControl) or spyware makers may have access. Messages may be backed up to "the cloud" without encryption. The current or the next update of the WhatsApp app ir the OS on your phone (or *one* of the phones used) may trigger on specific keywords and send copies of messages to the NSA. People may forward your messages you don't like.

Apart from that, WhatsApp copies all of your contacts and sends them to Meta. Knowing who knows who is extremely valuable information. I don't use WhatsApp myself, but Meta does not care. Quite likely I'm in the address book of at least one person who uses WhatsApp.

It could be devastating for some people if such information falls into the wrong hands. In particular if you live in some third world country without basic human rights (such as the USA).

OTOH I don't believe it to be a big risk for me if anyone sees me naked (it IS for them though 😂).

Seriously, I believe that we (all people) have become way too prudish. Everybody has a body.

Young girls, but boys too, are lured into making nude pics (or worse) of themselves by "a friend" and subsequently extorted. The damage could be less if we were not so ashamed of out bodies. Everyone has genitals and desires, it is not a big deal - it's something that we artificially created.

@jwildeboer

@ErikvanStraten @RosePuckey @jwildeboer If this is your prelude to tooting unsolicited nudes, be warned that I will block and report you. 🤪

@ErikvanStraten @farbenstau @jwildeboer E2EE is something that makes people glaze over time and time again. Well written reply, thank you. And yes, people are overly prudish but that is from the viewpoint of a naturist talking about most other folk. And no, no one gets photos so don't think about asking.

@RosePuckey : don't worry, I definitely have been young, but that's a long time ago!

What worries me is that politicians believe that we can combat child abuse by enforcing ChatControl. OTOH child abuse *is* a big problem - unfortunately without easy solutions.

@farbenstau @jwildeboer

@ErikvanStraten @farbenstau @jwildeboer

As a child abuse victim, I would say that it's a huge problem. There needs to be an openness to talk about these things though and that, as far as I can see, is the way ahead. If parents could have those all important conversations with their children and explain to them in a way that they will understand, it would go a long way to start addressing the problems. Equally, there should be a safe route for people of all ages to talk about their abuse, the family is not always an option.

@RosePuckey @ErikvanStraten @jwildeboer Because in the bathroom I am doing something I don't want people to see. But in the kitchen, I don't have frosted glass because I don't have anything to hide. You are saying people should use frosted glass everywhere because some people somewhere are doing private things in other rooms or you may one day. It is a much tougher argument. Or am I missing your point?

@piccolbo @ErikvanStraten @jwildeboer

Yes, you're missing the point.

Some people claim that they have nothing to hide.

The same people have frosted glass in their bathrooms proving that they do have something to hide, and rightly so.

Why would you hide behind frosted glass but not protect your financial details, logon and passwords to all the accounts you use when on your phone or computer because you falsely think that there is nothing to hide?

There is more to hide online than there is in a bathroom surely.

@RosePuckey @ErikvanStraten @jwildeboer
I do protect those things. Why would I protect banter with my beer buddies on whats app? Why would I want cryptography as the default? (by the way, I use signal, 2FA etc, so you are not trying to convince me, you are helping me craft a better argument)

@piccolbo wrote: "Why would I want cryptography as the default?"

Cryptography is just one of multiple ways to achieve an objective.

Worse, people treat it like it's magic, and don't understand the risks. For example, people like Bob typically ask Alice to send them their PGP/GnuPG public key via (insecure) email. After all, that key is "public". What could possibly go wrong? (Ask Mallory).

What people should want to know w.r.t. communication (remote in particular) is:

1) *Who* they are communicating with and how certain that is (you never get 100%);

2) What the chances are that the exchanged information falls into the wrong hands and/or is unexpectedly stored somewhere;

3) What the chances are that the exchanged information was changed during transit.

In short, the authenticity and confidentiality of information.

In the past I've argued a lot with people who claimed that http was fine until you had to enter your creditcard number (at which point https was required). Most people still argue that https is only about a secure connection (it is not; see points 1 through 3 above).

Note: information that seems totally irrelevant today may become relevant in the future.

Fact: information in people's brains fades and/or changes. Digitized information usually does not deteriorate and may unexpectedly be stored by others for a long time. Digital storage has become extremely cheap.

Because idiots like Trump, Musk and their helpers may obtain access to information about you that seemed banter at the time, its always best to reduce your risks as much as possible.

People are very bad at evaluating threats and risks (who would want to do something in your disadvantage and why). It's safest to assume that there are a lot of adversaries out there who are smarter than you. They'll think of something.

@RosePuckey @jwildeboer

@ErikvanStraten @jwildeboer I always tell people that they might have nothing to hide now. But what if tomorrow an authoritarian government decides that some aspect of you or your life is illegal and could get you imprisoned (sexuality, political affiliations, race, origin...). You won't be able to hide anything by that time.

Doesn't mean you shouldn't share anything online. But having some control over your data is a good thing.

@NadCee : that may convince *some* people to change their behavior/behaviour.

However, for most Joe/Jill Average's, the risk that a possibly authoritarian government will harm them personally, is actually quite low.

I'm a lot more worried (for them) about the risk of "meeting" criminals.

For example, most people use weak passwords, or reuse one single password, or both - including for their email account - because they believe that they have nothing to hide. Some are now using an Authenticator app because they were made to believe it'll save their a** (see infosec.exchange/@ErikvanStrat). Why would *anyone* be interested in their "how're you" emails with pictures of their cat?

Here's what happens: after criminals obtain access to their email account (and/or social media), those criminals start posing as them.

The criminals will get to learn the tone the naive people (aka idiots) use to communicate with their friends and family, and may ask them (friends and family) to send money (btw they just changed banks) or install malware. The criminals often will be able take over all of the other online accounts of the naives. They may use such accounts (or create new ones in your name) to exchange illegal stuff, including child pornography.

It's called impersonation aka identity theft.

Every peace of information about you may be valuable to a criminal. Knowing your email address, they'll send you phishing mails. They may plant a photo of your head on pornography and extort you. They may clone your voice to impersonate you, using that to obtain access to vulnerable people you know - such as your parents or kids.

If they know that you are (or one of your contacts is) old and/or vulnerable (like Alzheimers), and find out your/their contact details, they may phone claiming they're an employee from the bank. They'll say that the bank just noticed that criminals obtained access to your bank account, and that you must act *now* to prevent losing all of your savings. They'll offer help. Like installing "security software" (typically AnyDesk) to prevent further damage, or guide you through moving your savings to a "vault" account. And/or they'll tell you that they're sending a courier to pick up your bank cards (and PIN's).

Drag queens and other "non-standard" people, like pro-climate, anti-genocide (often called pro-Palestinian) protestors, typically *know* that they're at risk - from authorities.

I'm more worried about naive people who lack any security awareness and typically have nothing to fear from even the most authoritarian governments. They'll install *any* app (like #DeepSeek) because it's a lot of phun, thereby sharing details like their location and/or the address books on their phone. They'll make their home "smart" by automating it with hackable electronics. They'll pay for "cheap" things from dropshipping or plain fake websites.

Awareness includes knowing things like this: bleepingcomputer.com/news/secu. From bleepingcomputer.com/news/secu (condensed):
"the sensitive data stolen from Change Healthcare contains a wide range of information on millions of people, including their: medical records, insurance records, dental records, payments information, claims information, patients' PII data (i.e., phone numbers, addresses, SSNs/SOCIAL SECURITY NUMBERS, email addresses, and more), and active U.S. military/navy personnel PII data".

It's a long list. Protect your identity, assume breach!

@jwildeboer

Infosec ExchangeErik van Straten (@ErikvanStraten@infosec.exchange)Attached: 1 image @_r_netsec : Alex Weinert (Identity Security VP at Microsoft) already knew about this in 2019. His recommendation: just keep using Microsoft Authenticator... #MicrosoftAuthenticator #WeakMFA #AitM #Evilginx2 #Weak2FA #NumberMatching #TOTP #AuthenticatorApps #MissingDomainNameCheck #WeakAuthentication #Authentication #Impersonation

@ErikvanStraten I hear it all the time, and I think they don't really mean it but it lets them not think about all the information collected about them.

Norwegian state media has done some good here showing exactly how much data can be in what is claimed to be anonymised data sets that you can buy from data brokers. This information is easy to access for scammers too. You don't have to be important to be interesting to scammers.

@jwildeboer

@jwildeboer

That is, excluding whatever Google and Amazon, which they use for processing meta-data, collect and aggregate about you.

@nik Which would be what? The only thing they could track is that data is coming from your IP address to a Signal server running in AWS. They cannot see where your Signal traffic is sent to after that. And your next message could go to a completely different Signal server. So yes, theoretically they could collect and correlate patterns, but that would be quite expensive and of limited use. Signal isn't perfect, but it is IMHO really good compared to other solutions.

@jwildeboer @nik To be fair, I believe the Tor network has been successfully attacked using similar pattern analysis by three letter agencies, so it's probably feasible to do the same for Signal. And given the tendencies to collect everything and analyze or filter later...

@jwildeboer @nik no, that kind of traffic correlation wouldn't be very hard since signal doesn't protect against it at all. This is how the whatsapp attack worked and it would work against signal too, especially for someone who can subpoena the company

@matthias_kraus @jwildeboer

I haven't verified the attack, but the claim that he's 15 years old seems to be fake, ruining his credibility.

(The Hackerone profile linked from his GitHub account lists bugs reported by him and fixed 8 years ago.)

@jwildeboer how then is it possible Signal can message me one of my contacts has a Signal account now? I don't assume every new account is broadcast all over the world so every phone can check their contact list?

@haayman When you register with Signal, you can allow it to have access to your contacts. It will then create hashes of your contacts based on their phone number. These hashes do not allow to trace back said phone number. Now if one of your contacts registers with signal, his phone number will be hashed again and a match will occur. Thus Signal can now tell you that one of your contacts is also using Signal. For full technical details: signal.org/blog/private-contac

Signal MessengerTechnology preview: Private contact discovery for SignalAt Signal, we’ve been thinking about the difficulty of private contact discovery for a long time. We’ve been working on strategies to improve our current design, and today we’ve published a new private contact discovery service. Using this service, Signal clients will be able to efficiently and s...

@jwildeboer so it does store more than was mentioned before. I'm not saying that it's not safe, but it's the second time this week that i saw mentioned how little Signal stores, which is simply not true

@haayman @jwildeboer They don’t store data about YOU. You can find an explanation how they match phone numbers without storing the actual numbers on their website.

@moehrenfeld I get how it works. My point is, there are more data stored then implied. I don't mind, but "no data beyond that" is not true. And I know some people didn't really like it that their contact lists were sent to Signal, although I understand from @jwildeboer that this is optional now.
Anyways, we're good

@haayman Thing with Signal is: you do not HAVE to share your contact with the App. And when you do, you can be assured (as long as you trust Signal to have implemented what they have described) that no real phone numbers from your contacts are stored anywhere in their systems.

I decided from the start to NOT share my contacts with Signal and only connect with people I know. A little bit paranoid, I admit, but works GoodEnough for me and my risk calculation. @moehrenfeld

@jwildeboer @haayman @moehrenfeld a bit late to the party here but I wanted to add that you don’t even have to take their word for it about the implementation. All client apps are open source, so you can simply inspect the code or check out an audit done by an expert.

@haayman @jwildeboer hello! Signal does not actually store this data on the server side, which is the relevant context for responding to subpoenas. instead your client checks if any new contacts have joined by polling.

the mechanism by which the server does not have access to the hashed contacts even while executing seems very clever - it’s beyond me to summarize better than the linked page does, except to describe it as a type of homomorphic encryption

@haayman

@jwildeboer I guess you can choose in the (e.g.) Android configuration for the app whether or not to allow it access to your contacts. (And I suspect the default in recent Android versions is that it's not allowed access.)

@jwildeboer

I didn't trust Signal because I dislike that it's centralized instead of federated. But the founder's explanation here explains why it's not federated signal.org/blog/the-ecosystem- (for anyone that doesn't feel like reading - once you're federated, it's dramatically harder to evolve the protocol)

I still don't love that AWS and by extension the US government can track every time I connect to Signal, even if they don't know who I communicate with.

But I haven't seen anyone I trust offer a more secure alternative.

Signal MessengerReflections: The ecosystem is movingAt Open Whisper Systems, we’ve been developing open source “consumer-facing” software for the past four years. We want to share some of the things we’ve learned while doing it. As a software developer, I envy writers, musicians, and filmmakers. Unlike software, when they create something, it is...

@jwildeboer I disagree with the assertion that Signal only stores this minimal information. While the platform may not retain message logs, it still associates accounts with phone numbers, which inherently ties users to their broader network connections. Even if Signal itself doesn’t store these associations, the phone number link can’t be dismissed as irrelevant.

Does Signal pay you to try to share this misinformation? Or the NSA?