Micah Lee 🔑 is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Micah Lee 🔑 @micahflee

Amazon threatens to suspend Signal's AWS account over censorship circumvention signal.org/blog/looking-back-o

Amazon and Google are both coming out opposed to people using their services for domain fronting, to circumvent censorship.

Note that Signal is actively blocked in Egypt, Oman, UAE, and Iran. So, that sucks.

· Web · 117 · 50

@micahflee

NOTE THAT signal is actively compromised by CIA. NSA, via Skype Microsloth integration. So youre also a fed spook. Lol. #signal

@Tlacaelel no it isn't. Your argument doesn't make any sense either.

Microsoft integrated the HTTPS protocol into Skype, too. Does this mean that CIA and NSA have backdoored Mastodon, since it also uses HTTPS?

@micahflee

Hey micah. Ive muted you. Good luck with that Tor Signal feature Creep bloatware. Not sure why you strange people decided to reinvent Riseup.net. But i whole hearted ly think you are enabling Deep State agendas and agencies. Good luck with that. Lol :acab: :blackcat:

Mastodon isn't here for the deep state or its Obama era apologists. Buh bye

@Tlacaelel @micahflee
Wow, where does that conclusion come from?!?!?
Microsoft, Whatsapp, (think) Facebook Messanger, and some google service, integrated the encription protocol created by openwhispers.(which is used by signal).

As did the xmpp world with it's version of it (OMEMO) and the Matrix world (olm)

It's an ecryption protocol, it can be adopted by different groups.

@Tlacaelel @micahflee

I have no ideia how they (the corporations) tweaked it or not, but in no way is the signal app, and it's development linked to them.

But as far as i am aware they dont contribute with code to signal.

And their networks are not federated with signal. Signal does not federate, it's one of the topics of this conversation

To say signal has a backdoor because it's encription protocol is also used by the company's mentioned above is absurd.

@Tlacaelel @micahflee
The protocol is open source can be reviewed.

My problem with signal it's not it's encription protocol. It's signal implementation, the option of a non federated system, and the tradeoffs in the name of convineance

@maryjane

@micahflee

Ive been following the folks behind Signal for a long time now... and it goes deeper to the foundation of the EFF. Org and systemic problems with software and Venture Capitalism FirstLookmedia, TheIntercept,

Facebook Google Palantir etc use, especially against #palestine #bds solidarity movements #signalIsAFarce and

@maryjane @micahflee

its dangerous for folks doing real life risky activism to think that they are protected by FbiCia Facebook Whatsapp Signal encryption. #arabSpringCia #psyops #sorrynotsorry

Every thing RMS (#stallmanwasright), said came true #facialdatabaseForSpooks

@maryjane

@micahflee

#cointelpro #fbi #cia attempts to provide " valid source code" is just another way to say "youre safe from big brother"... WHO FUNDS THE CREATION OF TOR? signal app is a dream come true for surveillance agencies. They fear any peace movement "going dark". Look at history of us Vietnam war resistance...

Same situation #awol #desertions #palantir #snowdenISANazi

@marsxyz I don't see how a federated Signal would have changed this situation at all. They'd just block the whole network, and Signal would still need censorship circumvention.

The fact that much of the web is centralized under cloud services like AWS and Google sucks, but at least it makes domain fronting possible -- assuming the companies are ok with it, which apparently they're not.

@micahflee @marsxyz you think that if signal had a working model similar to matrix, it would be just as easy to block it?

With federated servers, register in diferent servers, diferent domains, copies of the messages and room in every server that has a user participating in it (with the possibility of e2e).

There are many ways to do federation, and sure probabely the matrix model wouldn't server signal.

@maryjane @micahflee @marsxyz this makes me wonder if there is a way to make a social network or messenger based on the principles of a torrent network. Something like bitmessage maybe 🤔

@maryjane @micahflee @marsxyz What about the Tor network? Can that be completely blocked in those countries, even with all the methods they have to prevent that? If not that might be a last resort..

@lx @maryjane @marsxyz China and Iran have had some success blocking Tor. Users still can circumvent it with bridges, but it's an arms race and nothing as usable as Signal's domain fronting was.

Android users can probably use Signal over Tor without much trouble, but Tor doesn't have the best iOS support yet (for iOS API reasons), but they're working on that.

@lx @maryjane @marsxyz Another important consideration with Signal and federation is usability.

Their usability story is: 1) install the app, 2) send encrypted messages to any Signal users in your phone.

With federation that story would change to: 1) install the app, 2) choose a server, 3) create an account/manage creds, 4) ask for your contacts' usernames out-of-band to add them, 5) send messages to people on your contact list.

How would you add federation without sacrificing usability?

@micahflee @lx @maryjane @marsxyz Why wouldn't #4 be handled by the server? Since Signal ties things to phone numbers it seems like there should be a way to do it.

Outside of #4 it's not much different than the usability concerns of any other federated protocol.

@paladin1 @lx @maryjane @marsxyz

I don't think federated Signal could just use phone numbers as identifiers anymore (which would be nice, though maybe less usable). They need to include the server as well.

Like, if your phone number is +12223334444, how does my client know which server to send a message to? Your id would have to be +12223334444@node1.org or whatever instead.

Unless you have a "trusted" dispatcher server, but then it could do MITM attacks by redirecting to the wrong server

@micahflee @lx @maryjane @marsxyz I suppose that makes sense. I just had the thought that we might finagle some combination between DNS and P2P-type communication.

Like if you knew your friend's phone number and had a few servers to talk to you could query to see where they are. But that would be subject to MITM, as you said.

federation stuff Show more

@Nixfreak @lx @maryjane @marsxyz OnionBrowser is great, but there isn't a way to have a system Tor in the background like Orbot, or even a Tor client library you can link into your app. If you want Tor in an app, you need to bundle a copy of the full Tor server/client with your app, and do some hacky stuff to run it as a separate thread, because each app only gets one process. So Tor disconnects when you switch apps. They're working on improving this

@Beurt @maryjane @micahflee @marsxyz I heard of that too but I didn't get a chance to try it out with people yet 🤔

@micahflee @marsxyz

But the federate or not Signal, inspite of being important and one of the things that makes not liking it so much, is not the main point here form me.

The point for me is they are being screwed by AWS and google.

@micahflee @marsxyz Right. Centralization was actually a feature here―to block signal meant blocking Google and Amazon―behemoths of capitalism. It's a big deal that they're preventing this use of their system (especially by Signal) because it creates and directly causes undeniable ill in the world. Also, Moxie has some clear thoughts (can't find now) about the downsides of decentralization. He's not wrong about them. Most things are tradeoffs.

@K_REY_C It wouldn't be that bad if the protocols are designed properly. Mastodon for example is wasting so much bandwidth by sending the author's bio with every toot.

@marsxyz
@micahflee

> The idea behind domain fronting was that to block a single site, you’d have to block the rest of the internet as well. In the end, the rest of the internet didn’t like that plan.

The "rest of the internet" being Google and Amazon. Interesting turn of phrase.

@marsxyz @micahflee
The matrix model would have the authorities playing whack a mole with thousands of homeservers, which would be on the whole futile. But users would also end up having to change homeservers pretty often, which would suck for usability, and many people would drop it.

@gcupc @marsxyz @micahflee the problem is less the number of servers, rather than the number of viable routes to the server(s). It’s trivial to block « thousands » of domains and ips (see recent efforts by Russia wrt telegram, although failing), much more than it is to deploy one (though could be streamlined) and garner a user base. My guess is that impacted users will have to find a workaround themselves for a while like the telegram users.

@gcupc @marsxyz @micahflee they just forgot cloudflare and akamai, so they’re pretty much there

privacy, techpol Show more

privacy, techpol Show more

@micahflee this is why having Signal be centralized was a mistake.

@micahflee it's funny that using services like or CDNs like can now blow up in your face. it is a good thing in the end because people will host the stuff themselves again.

@steckerhalter @micahflee

That's not the point.

What signal did was Domain fronting to hide the domain name they use in the TLS handshake. That has nothing to do with using the CDN itself in first place, it's just a smart/nice move to work around censorship based on SNI names.

Self-hosting is not an option here as they'll just block the services IPs/domains.