Amazon threatens to suspend Signal's AWS account over censorship circumvention https://signal.org/blog/looking-back-on-the-front/
Amazon and Google are both coming out opposed to people using their services for domain fronting, to circumvent censorship.
Note that Signal is actively blocked in Egypt, Oman, UAE, and Iran. So, that sucks.
Hey micah. Ive muted you. Good luck with that Tor Signal feature Creep bloatware. Not sure why you strange people decided to reinvent Riseup.net. But i whole hearted ly think you are enabling Deep State agendas and agencies. Good luck with that. Lol
Mastodon isn't here for the deep state or its Obama era apologists. Buh bye
Wow, where does that conclusion come from?!?!?
Microsoft, Whatsapp, (think) Facebook Messanger, and some google service, integrated the encription protocol created by openwhispers.(which is used by signal).
As did the xmpp world with it's version of it (OMEMO) and the Matrix world (olm)
It's an ecryption protocol, it can be adopted by different groups.
I have no ideia how they (the corporations) tweaked it or not, but in no way is the signal app, and it's development linked to them.
But as far as i am aware they dont contribute with code to signal.
And their networks are not federated with signal. Signal does not federate, it's one of the topics of this conversation
To say signal has a backdoor because it's encription protocol is also used by the company's mentioned above is absurd.
Ive been following the folks behind Signal for a long time now... and it goes deeper to the foundation of the EFF. Org and systemic problems with software and Venture Capitalism FirstLookmedia, TheIntercept,
#cointelpro #fbi #cia attempts to provide " valid source code" is just another way to say "youre safe from big brother"... WHO FUNDS THE CREATION OF TOR? signal app is a dream come true for surveillance agencies. They fear any peace movement "going dark". Look at history of us Vietnam war resistance...
@marsxyz I don't see how a federated Signal would have changed this situation at all. They'd just block the whole network, and Signal would still need censorship circumvention.
The fact that much of the web is centralized under cloud services like AWS and Google sucks, but at least it makes domain fronting possible -- assuming the companies are ok with it, which apparently they're not.
With federated servers, register in diferent servers, diferent domains, copies of the messages and room in every server that has a user participating in it (with the possibility of e2e).
There are many ways to do federation, and sure probabely the matrix model wouldn't server signal.
Android users can probably use Signal over Tor without much trouble, but Tor doesn't have the best iOS support yet (for iOS API reasons), but they're working on that.
Their usability story is: 1) install the app, 2) send encrypted messages to any Signal users in your phone.
With federation that story would change to: 1) install the app, 2) choose a server, 3) create an account/manage creds, 4) ask for your contacts' usernames out-of-band to add them, 5) send messages to people on your contact list.
How would you add federation without sacrificing usability?
I don't think federated Signal could just use phone numbers as identifiers anymore (which would be nice, though maybe less usable). They need to include the server as well.
Like, if your phone number is +12223334444, how does my client know which server to send a message to? Your id would have to be +email@example.com or whatever instead.
Unless you have a "trusted" dispatcher server, but then it could do MITM attacks by redirecting to the wrong server
Like if you knew your friend's phone number and had a few servers to talk to you could query to see where they are. But that would be subject to MITM, as you said.
federation stuff Show more
@lx @maryjane @marsxyz
Use the identity servers like they are supposed to be used. Put a phone number or email in there and discovery will work similarly. I don't know I'd that feature is in place or just planned right now.
Choosing an instance is kind of an inherent part of federation unless you want to start having software pick default instances for people.
@Nixfreak @lx @maryjane @marsxyz OnionBrowser is great, but there isn't a way to have a system Tor in the background like Orbot, or even a Tor client library you can link into your app. If you want Tor in an app, you need to bundle a copy of the full Tor server/client with your app, and do some hacky stuff to run it as a separate thread, because each app only gets one process. So Tor disconnects when you switch apps. They're working on improving this
@micahflee @marsxyz Right. Centralization was actually a feature here―to block signal meant blocking Google and Amazon―behemoths of capitalism. It's a big deal that they're preventing this use of their system (especially by Signal) because it creates and directly causes undeniable ill in the world. Also, Moxie has some clear thoughts (can't find now) about the downsides of decentralization. He's not wrong about them. Most things are tradeoffs.
@gcupc @marsxyz @micahflee the problem is less the number of servers, rather than the number of viable routes to the server(s). It’s trivial to block « thousands » of domains and ips (see recent efforts by Russia wrt telegram, although failing), much more than it is to deploy one (though could be streamlined) and garner a user base. My guess is that impacted users will have to find a workaround themselves for a while like the telegram users.
That's not the point.
What signal did was Domain fronting to hide the domain name they use in the TLS handshake. That has nothing to do with using the CDN itself in first place, it's just a smart/nice move to work around censorship based on SNI names.
Self-hosting is not an option here as they'll just block the services IPs/domains.