mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

348K
active users

@smallcircles

Friendly reminder:

People, stop using , , and other Apps that make YOU the product!

There are already so many right-wing governments.

You compromise your current or at least future security (e.g. profiling using LLMs.)

Use or instead.







your Android phone

Data collection comparison of messenger services (found on the web):

@HistoPol @smallcircles You can't use original Signal on the degoogled devices due to the "hardcoded" google-services dependencies in the app code.
Okay, there are some modded Signal versions with google crap removed, but still that's a "third-party" work - you can't be sure of what exactly is in the code inside. There's no warranty that someone doesn't compromised the app code. We have a few good example of troianised apps in the Samsung and Huawei store with over a million counted downloads.

@MartinBe

Thanks for pointing this out.
An alternative app must run on Android and Apple to be acceptable, non-exclusive for the general public.
For me, not fond if the and its data practices and lock-in policies, will not be a solution in its current version, then.

I think I read that doesn't suffer from this issue?

@smallcircles

@HistoPol @MartinBe
Signal do provide an apk directly downloadable in their website. You can get it here. https://signal.org/android/apk/
This version auto updates without depending on Google playstore and look like is the version used by people on degoogled phones.
I have personally not tried it though.
The other option is using the signal fork Molly (https://molly.im). The version named molly-foss is what you will need.
Signal MessengerSignal Android APKAdvanced users with special needs can download the Signal APK directly here.

@gorky @HistoPol 2/2 Luckily there is a workaround. You can use patched signal fork called "Langis" together with the ntfy (alternative notification system/api) and extra "for signal" patched microG version. Such combo will allow you to have and use 100 percent identical in the terms of functionality signal on the degoogled devices and your account won't be banned.

langis.cloudfrancois.fr/

langis.cloudfrancois.frSignal Without GCM/FCMA version of Signal without Google/Firebase Cloud Messaging dependency

@MartinBe @gorky @HistoPol

It doen´t matter which version/fork you use from Signal!

Since Signal's entire traffic runs over the clouds of Amazon, Google, Microsoft & Cloudflare.

All US services can pick up your meta data directly from there, thanks to the CloudACT:

en.wikipedia.org/wiki/CLOUD_Ac

Only Threema does NOT store any metadata nor IP-Adresses.

en.wikipedia.orgCLOUD Act - Wikipedia
@Pabamiti
Just becoz signal is using the cloud infrastructure doesn't mean they expose all the data, since the amount of meta data collected by the service is very minimal.
And when they were asked to provide information by legal authorities, what they have provided is published here.
https://signal.org/bigbrother/ which proves their claim of not collecting any meta data about users (which is verified in their published source code as well.)
The only potential meta data the cloud providers could pick is the IP addresses of connections, but that can be easily circumvented by using a proxy (if anyone is paranoid about it.)


@MartinBe @HistoPol
Signal MessengerGovernment CommunicationWhen legally forced to provide information to government or law enforcement agencies, we'll disclose the transcripts of that communication here.

@gorky @HistoPol @MartinBe

The advertising statements from Signal don't help at all.

85% of the SP run on Google's Android and that sends encrypted data packets to "home" every day. No one knows what's in there, but can assume that Google can assign the IPs to fixed users every day.

If someone sends a signal message Google knows where it comes from and they know to 85% who got it!

All this results in valuable meta data!

Proxies are useless, because they have your proxy IP / VPN IP, ect.

@Pabamiti

The advertising statements from Signal don’t help at all.

What they have published are responses to subpoena from US courts. Don’t believe courts would accept advertisements as response.

85% of the SP run on Google’s Android

So you are suggesting that android is the issue here? In that case it doesn’t matter which IM you are using, becoz as per this, android can send out a bunch of information about anything on your phone to google, in spite of what application you are using.

Android with google services could do this, probably is the reason why some people prefer to use de-googled android (one of the original question here that triggered this convo).

Google can assign the IPs to fixed users every day.

I certainly don’t get this. Google doesn’t assign IP addresses to your device. It’s done by your ISP.

Overall, to me it look like you are suggesting the devices running android itself is the problem. In that case, the only option is to do away with mobile phones, becoz, in spite of what OS you run, your service provider can track your exact physical location anytime, which could be more troubling.

And I get the argument that meta data is what gives you up and that is where an app that collects the least amount of meta data becomes more secure.

@HistoPol @MartinBe

@gorky @HistoPol @MartinBe

It is not Android that is the problem, but Google - the old data octopus - that is behind it everywhere.

And Google sees the user IPs and knows who is behind it. Big Data in the global sense!

But there are enough solutions:

Set up your smartphone with an ungoogled Android. Use secure keyboards (e.g. OpenBoard).

Signal is a data slinger - in the sense of the US intelligence services. But it is not a secure messenger.

HistoPol (#HP) 🏴 🇺🇸 🏴

@Pabamiti

Sounds like good advice.

Secure keyboards ("anti keyboard-logger"?) for smartphones, tablets and laptops? Might be a peripheral device, but not a practical solution.

Fairphone has warranty issues (see thread earlier this week) and DYI is beyond the knowledge of most. (Have an old Samsung, not updateable anymore, would love to have it working again--deGoogled.

@gorky @MartinBe