the White House has, for the past decade, provided more than $6 million to the program, which allows the targeting of the records of any calls that use AT&T’s infrastructure

the program takes advantage of numerous “loopholes” in federal privacy law

the DAS program has been used to produce location information on criminal suspects and their known associates, a practice deemed unconstitutional without a warrant

(This website is a bit annoying.)

  • ᗪᗩᗰᑎ@lemmy.ml
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    This is why I push others towards Signal for communication. Only myself and them will have record of what was said and I make them disappear after 4 weeks.

    • xmr_unlimited@monero.town
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Yeah but can you trust the people you talk with not to install shitty stupid apps, or click on stupid links that compromise their device that then lead to accesa to your measages and phone number?

      • Saki@monero.townOPM
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        That’s a great question to ask! The biggest weakness of any “mathematically private” communication channel is not mathematical, but simply humans (users): Alice, Bob, and also the channel itself implemented by a human coder Chris.

        While we don’t need to be paranoid but as a matter of fact, even assuming Alice does everything right, Bob may be sloppy, saving decrypted plain text in a random place (even uploading his own secret key to “cloud” or something, assuming it’s good idea to have a back-up of important files). Also the channel might have a hidden backdoor, perhaps side-channel, unknown to Chris.

        It seems important to be aware of these possible human factors.

        Also there is this big problem of metadata (this AT&T thing seems to be also largely about metadata).

        [Additionally, though less importantly, most cryptography is based on unproven mathematical conjectures, like y=f(x) is easy to compute but it’s hard to get x from y. Which may be relevant when the one-wayness is based on the difficulty of factorization as in RSA.]

      • ᗪᗩᗰᑎ@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Yeah but can you trust the people you talk with not to install shitty stupid apps

        You can’t, but the threat exists regardless of what service you use.

        Regarding my phone number being leaked, I’m okay with that risk. It’s relatively easy to ignore/block unknown contacts and I’m not in any threat should someone discover it. For anyone who absolutely needs anonymity, they may want to wait until user names are rolled out and use another service for now.

          • Saki@monero.townOPM
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            What’s important when you’d like to have absolute privacy or anonymity is, to realize that you can’t. “Use this, and no one can read your message.” is a typical mistake. “This service is world most secure” etc. is just a lie. Anyone who claims that privacy can be simple/easy is either a liar or doesn’t know what they’re talking about.

            A rare example of honest/true statements, on the other hand, can be seen on the Cock.li website: http://rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion/

            How can I trust you?

            You can’t.

            In this specific case about the US, though, what’s most important is obviously to somehow stop this unconstitutional surveillance by the government (only making AT&T happy and rich). Please, don’t waste a lot of money to invade normal people’s privacy when you already have trillions of debts 😢

          • ᗪᗩᗰᑎ@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            While I agree with your statement in general, I think its still early and dangerous to be recommending simplex as a viable alternative. It hasn’t stood the test of time nor been independently audited. I’m keeping my eye on it as it seems like a viable alternative, but I’d hesitate to recommend it to anyone who may be at risk.

            • IP2@monero.town
              link
              fedilink
              English
              arrow-up
              4
              ·
              1 year ago

              Hence the “may already…” depending on use case obviously. You can’t really recommend anything to someone who may be at risk, certainly not Signal. Not that I have anything against Signal (I use it daily and have been for years) but anonymous it isn’t, not in big part of the world anyway.

    • Saki@monero.townOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Just now (~ 1 hr ago), EFF also recommended Signal.

      https://ssd.eff.org/module/how-to-use-signal How to: Use Signal | Surveillance Self-Defense Last Reviewed: October 31, 2023

      Signal is a free and open-source application for Android, iOS, and desktop that employs end-to-end encryption to keep communications safe. Signal has certified to courts that it only maintains two types of user data available to law enforcement: timestamps of when each account was created and the date that each account last connected to the Signal service.

      (I also agree with you about simplex, still too early and iffy.)