Natanael

Wireguard is most reliable in terms of security. For censorship resistance, it’s all about tunneling it in a way that looks indistinguishable from normal traffic

Domain or IP doesn’t make much of a difference. If somebody can block one they can block the other. The trick is not getting flagged. Domain does make it easier to administer though with stuff like dyndns, but then you also need to make sure eSNI is available (especially if it’s on hosting) and that you’re using encrypted DNS lookups

Telegram has been under fire from the start, lol. 'we have math PhDs" 🤷

There’s also a big difference between published specifications and threat models for the encryption which professionals can investigate in the code delivered to users, versus no published security information at all with pure reverse engineering as the only option

Apple at least has public specifications. Experts can dig into it and compare against the specs, which is far easier than digging into that kind of code blindly. The spec describes what it does when and why, so you don’t have to figure that out through reverse engineering, instead you can focus on looking for discrepancies

Proper open source with deterministic builds would be even better, but we aren’t getting that out of Apple. Specs is the next best thing.

BTW, plugging our cryptography community: !crypto@infosec.pub

Looks like the same dev from reddit

https://www.reddit.com/r/crypto/comments/1iumxl3/how_far_can_i_push_closesource_code_towards_being/

I was going to post the whitespace programming language but this wins

Malbolge

Your workaround is precisely why I said “more practical”. Any updates to your tooling might break it because it’s not an expected usecase

You don’t want FIDO2 security tokens for that, use an OpenPGP applet (works with some Yubikeys and with many programmable smartcards). Much more practical for authenticating a server.

BTW we have a lot of cryptography experts in www.reddit.com/r/crypto (yes I know, I’m trying to get the community moved, I’ve been moderating it for a decade and it’s a slow process)

It is encrypted, but the security of the encryption varies between implementations (some have been found to generate keys insecurely or screw up session management, etc). For most modern devices it’s decent, as long as you’re not actively targeted by some kind of intel agency

Having the official app installed can be enough to prevent access for other apps

It would just end up with a series of blog posts (because who’s going to keep writing the same thing over and over) and people being dismissed with a collection of links, which both means the asshat and other bypassing readers won’t read the linked content but everybody still sees the bullshit

As somebody running a cryptography forum elsewhere, if I was forced to accept lies that endanger people I’d rather shut down the forum instead.

I can imagine lots of other moderators in science and medical forums would hold the same opinion.

It might mean the feds help search for him, not guaranteed to mean federal charges

This requires the crime to both be federally prohibited and under federal jurisdiction. Stuff like murder doesn’t typically fall under federal jurisdiction unless borders are crossed or federal property is involved or something like that.

Spamhaus, spamcop

Small animals bounce, medium animals break, big animals splash

(FYI, do not look up examples)

But you can’t detect such things without either server side scanning (kills E2EE dead) or client side scanning (will always be limited in what it can detect, and it’s easy to patch out of clients, AND there’s still the risk of govs maliciously pushing detection of banned media)

Not fully encrypted unless you enable lockdown mode (and losing various features)

The perceptual hash algorithm was broken in hours, then so fully broken that modified images were visually indistinguishable from unmodified images, so you could send people images with hash values that match flagged photos.

Also, then there’s the thing of the risk of various jurisdictions pushing for adding detection of other banned content.

But once a process is running its trivial to get weeks of extremely detailed history and lots of secrets you thought were ephemeral