@dzwiedziu @fj @signalapp not really, as the #Metadata #FUD cited by #Signal is mitigateable with proper measures.

• You can't even run Signal over @torproject and even if that point is moot when you're forced to quasi-#KYC by virtue of a #PhoneNumber aka. #PII they have neither legitimate interest nor technical reason to demand in the first place!

Every claim that things like #ITsec, #InfoSec, #OpSec & #ComSec can be solved with "Just use Signal!" is "#TechPopulism" at best if not being a "#UsefulIdiot"!

• All #centralized, #SingleVendor & #SingleProbider systems are inherently insecure!

@Andromxda @pixelcode How can you claim something you can't evidence?

• Pretty shure if it's not @signalapp themselves, then their centralized architecture and unwillingness to even have an #OnionService on @torproject makes it trivial to pull a #Room641A on them.

It makes you look like one of those folks shilling #VPN|s that ain't logless after all...

• I don't believe in #marketing #lies and #Signal can't (and won't) be able to evidence that they don't log shit.

At least they should be honest about things and not claim bs, cuz demanding a #PhoneNumber is just #KYC with extra steps like demanding any #SSN or other #PII. Makes them look like chinese MMORPGs that demand ID card numbers for account signups, thus #paywalling the ability to use their service anonymously...

@signalapp It's not #disinfo when one points out that you demand #PII aka. #PhoneNumbers from Users and that is literally a architectural vulnerability, alongside your #proprietary & #Centralized #Infrastructure.

• #Signal being a #SingleVendor & #SingleProvider #Solution is literally the reason why I consider it #insecure.

Not to mention the lack of @torproject / #Tor support with an #OnionService or the willingness to fulfill #cyberfacist "Embargoes" or shilling a #Shitcoin #Scam named #MobileCoin!

• #KYC is the illicit activity!!!

And don't get me started on the #cyberfacism that is #CloudAct.

• If you were secure, criminals would've used your platform so hard, it would've been shutdown like #EncroChat and #SkyECC.

I may nit have allvthe.evidence yet, but #Signal stenches like #ANØM: #Honeypot-esque!

@jrredho @walkinglampshade @fj

Don't 'splain me, m8!

Their figleaf exuses are not legitimate and @signalapp's @Mer__edith knows that...

• After all, @monocles doesn't require any #PII at all and they are in fact sustainable as in not requiring #donations, since they are user-financed (subscription)...

Read criticisms before commenting...
https://www.youtube.com/watch?v=tJoO2uWrX1M

• #KYC (of any kind, including #PhoneNumbers) IS THE ILLICIT ACTIVITY!*

@expertenkommision_cyberunfall @dideldum @leachimus @EUCommission @BaFin @ecb

Dass dies technisch möglich ist - inkl. Einhaltung von #Identifikationspflichten (#KYC) und #Geldwäscheprävention (#AML) beweisen Zahlungsdienstleister wie #NowPayments regelmäßig!

• Natürlich sollte hierzu eine öffentliche, kosten- und patentfreie #Europanorm geschaffen werden, welche entsprechende #API|s definiert, inklusiver verpflichtender #Testing-Endpoints.

Und natürlich nicht mit irgendwelchem #Blockchain-Müll, dafür #dezentral, #P2P mit Förderation (vgl. Fediverse)...

• Dazu dezentrale Architektur mit "Web of Trust" um effektiv Missbrauch und Akteure dessen zu bekämpfen.

Die Technologien dazu existieren...

@leachimus #EU-only wäre prinzipiell eine Totgeburt, weil nur globale Verfügbarkeit taugt...

• Deswegen kennt kaum wer hierzulande Mir, UnionPay, JCB oder Discover, aber jeder AMEX, VISA, MasterCard & PayPal!

#Datenschutz ist wegen #KYC & #AML illegal bei #Zahlungsdienstleister|n!

• Deshalb ist #Monero auch der wahre Gewinner...

@kuketzblog das größte Problem si d #Zahlungsdienstleister.

• Wer mit mit "#wero statt #PayPal!" kommt, kauft offensichtlich nirgendwo online ein und außerhalb der #EU ist dies genauso wie #SEPA keine Option, sondern allenfalls lokale Nische alla #AliPay / #WeChatPay und nicht global verfügbar.

Merke: rein regionale oder gar nationale Lösungen sind keine Alternative zum #VISA / #MasterCard / PayPal - #Tripol und sowohl #Stripe als auch #Klarna sind nicht wirklich konkirrenzfähig.

• #WasFehlt ist eine genormte, globale #Payment-#API aber dazu wird es wegen #Gier, #KYC & #AML nie kommen…

Eher werden wir #Monero als #Zahlungsmittel beim Durchbruch in den globalen Mainstream sehen!

@cryptadamist @KimPerales OFC.

• I mean I'm pretty shure that wallet is some "cold wallet" (or "paper wallet") they generated to make it basically impossible to seize.

Obviously the ultimate beneficiaries propably need to figure out a way to do the #ShitcoinLaundering over time or find buyers willing to take #filthy #Bitcoin off their hands that'll instantly get flagged by any #Shitcoin - #AML tool there is...

• I mean, $700M will exceed the liquidity of even the biggest non-#KYC #Exchange site for months if not years to the point that even #NorthKorea would be unable to handle that volume.

Whoever is behind this must have some #Marsallek - Style "Business Network" or is going to spend several years sitting on it and casually siphoning parts for tumbling once it isn't in the immediate focus of #Blockchain #Analytics experts and #LEA|s...

• Obviously even if the person in control is gonna sell off at 2,5% the value that's enough money to basically buy citizenship anywhere and add a lot of plastic surgery on top for good measure... At 5% they'd not even need to ever work if they don't blow it on luxury cars & overpriced real estate...

Chances are pretty high the one in control is chillin' in #Dubai and speaks Russian...

@GossiTheDog the sheer fact that #MSPs & #CSPs can access clients' setups without proper #authorization [including #KYC / #KYB, #AuthCode|s and proper authorization via contract] is already sickening.

• This literally begs to be abused via #SocialEngineering / #SocialHacking of #Microsoft personnel or just blatant "#PrivilegueEscalation" through falsefully claiming to be a #MSP / #CSP contracted by the targeted company.

Such fundamental #ITsec fuckups are reasons alone not to use #Azure or any #Microsoft products & services at all...

• I mean, it doesn't require #Mitnick-level skills to pull this off, since it doesn't necessitate #Lapsus-Style #SIMswap or other means to gain access...

@Avitus @lispi314 @lauren THE REQUIREMENT FOR A #PhoneNumber BY @signalapp IS LITERALLY THE PROBLEM!

• #KYC IS THE ILLICT ACTIVITY!!!

If you gonna say "JuSt GeT aN iMpOrTeD #SIM / #eSIM!" then you obviously expect people to have way more #financial means and #TechLiteracy than is needed to get absolute N0obs setup withb#XMPP+#OMEMO and pay for @monocles / #monoclesChat!

@usaryan1 @jon +9001%

#RIP #FirefoxOS, cuz @mozillaofficial refusing to sell #develooers devices made it a stillborn!

• Seriously, the only Firefox OS phone in the #EU was some spanish #NetLock'd & #SimLock'd device that one could only get by ID'ing in-store in #Spain and go through #KYC #SecurityTheater cuz it was sold only in a #Prepaid bundle!

@tauon

1) #CloudAct is just #CyberFacism, look it up!
https://en.wikipedia.org/wiki/CLOUD_Act

• And with #Trumpism ravaging the #USA must be considered as #hostile as #Russia and the "P.R." #China by anyone who takes #OpSec, #InfoSec & #ComSec seriously!

-

2) @signalapp 's #Server code is proprietary and since it's centralized we can't trust that the code they release is what's running on their backend!

• Plus their #App doesn't allow #ReproducibleBuilds (if Signal was #FLOSS it would be on @fdroidorg / #Fdroid) but alas it isn't!

-

3) #Signal still demands #PhoneNumbers which are #PII either by association (#Number => #ICCID = #SIM = #IMSI => #IMEI => Location Data as I explained beforetwice) or mandatory #KYC / #ID requirements (even on prepaid cards), which an increasing amount of juristictions do...

• They have no "#LegitimateInterest" demanding said #PersonallyIdentifyingInformation to begin with!

-

But don't take my word for it.
https://www.youtube.com/watch?v=tJoO2uWrX1M

• Ask yourself if you'd trust someone peddlibg #Shitcoin #Scams like #MobileCoin with your data!

@dave and most worringly:

"How is any #bank allowed to open up accounts, Issie a #CreditCard and ship it without explicit prior consent of you as the customer who's name it's on?"

• I mean, I know the #USA is pressing other Juristictions into #KYC & #AML whilst #CashApp & #Venmo are illegal in the #EU for lack of KYC & AML compliance alone...

Like ain't they afraid someone may steal it and swipe a shitload of stuff with it?

@not2b @dangillmor I mean, she's just a #cyberfacist like #Zensursula, and the only correct way to deal with these #facists is to "#EncryptHarder!" (with #XMPP+#OMEMO & #PGP/MIME) and tunnel everything through @torproject / #Tor and setup #OnionServices for everything!

• Remember: #KYC IS THE #IllicitActivity and this goes espechally for requring #PII like #PhoneNumbers, @signalapp / #Signal!