this post was submitted on 10 Aug 2024
561 points (98.6% liked)

Privacy

32096 readers
432 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

"Signal is being blocked in Venezuela and Russia. The app is a popular choice for encrypted messaging and people trying to avoid government censorship, and the blocks appear to be part of a crackdown on internal dissent in both countries..."

top 50 comments
sorted by: hot top controversial new old
[–] freedomsailor@programming.dev 186 points 3 months ago* (last edited 3 months ago) (2 children)

It’s like a medal of honor for a privacy preserving app πŸ˜„

[–] reallyzen@lemmy.ml 38 points 3 months ago (3 children)

Indeed. If whatsapp isn't on the list, then I have all the confirmation I need.

[–] ivn@jlai.lu 21 points 3 months ago (2 children)

The Russian government has also allegedly begun preparations to block the WhatsApp messaging app.

https://kyivindependent.com/messenger-signal-blocked-in-russia-media-says/

[–] whydudothatdrcrane@lemmy.ml 7 points 3 months ago (2 children)

Some US bank got in trouble for using it internally.

load more comments (2 replies)
load more comments (1 replies)
[–] aaaaace@lemmy.blahaj.zone 6 points 3 months ago

Zucks check didn't clear yet.

"Banned in 15 dicatorships!"

[–] whyNotSquirrel@sh.itjust.works 50 points 3 months ago (7 children)

could matrix.org be as easily blocked, since it's decentralized I'm wondering?

At least it means that Signal is working as intended if they are blocking it, I guess that they don't have back doors.

[–] ivn@jlai.lu 40 points 3 months ago (1 children)

Being decentralized prevents DNS or IP blocks but not blocks through DPI.

Signal has an option to masquerade it's traffic as regular HTTPS, I don't know if Matrix can do such a thing.

https://x.com/signalapp/status/1821979304626155930

[–] TarantulaFudge@startrek.website 27 points 3 months ago (1 children)

I can answer this! All matrix calls are over https APIs. Ports and addresses are stored in a text file on the base domain or in DNS txt entry.

[–] ivn@jlai.lu 5 points 3 months ago (5 children)

Thanks, nice to have someone knowledgeable.

Would you say matrix is censorship resistant? I've very limited knowledge of it but given what you said I imagine that if I was trying to block matrix I would just need to query the url of the text file and check the DNS text entry, if either exist just add the domain to the blocklist.

load more comments (5 replies)
[–] foremanguy92_@lemmy.ml 16 points 3 months ago (2 children)

Matrix is in fact decentralized but in reality it is not so much, I don't know the number exactly but the majority of users use the matrix.org server

[–] steersman2484@sh.itjust.works 10 points 3 months ago (8 children)

Those numbers only include instances that have telemetry enabled

load more comments (8 replies)
[–] wurstgulasch3000@lemmy.world 5 points 3 months ago

People who live in countries where DNS and IP blocks are common probably use a different server. I've been running my own for over a year and it works like a dream

[–] gytrash@feddit.uk 12 points 3 months ago (1 children)

could matrix.org be as easily blocked, since it’s decentralized I’m wondering?>

Or SimpleX?

It cannot be easily blocked especially if you use your own homeserver every homeserver replicates the channel and it can operate without the original server! That's why signal and telegram are inherently flawed.

load more comments (4 replies)
[–] Jocker@sh.itjust.works 27 points 3 months ago

Signal honored!

[–] Churbleyimyam@lemm.ee 26 points 3 months ago (2 children)

Would peer to peer apps be resistant to this sort of thing?

[–] MigratingtoLemmy@lemmy.world 23 points 3 months ago (1 children)

Yes, but you'll have to install them from sources other than what governments deem official. Like F-droid.

Now, if they block p2p traffic that's a different story

[–] Churbleyimyam@lemm.ee 8 points 3 months ago

I am totally cool with F-droid.

[–] ReversalHatchery@beehaw.org 10 points 3 months ago (1 children)

It depends. Somehow it has to discover the peers. Other than that, they could block traffic between residential IP addresses and there goes large part of the P2P network

[–] todd_bonzalez@lemm.ee 10 points 3 months ago

Russia and Venezuela are huge hotbeds of piracy from populations without access or capital to access most forms of entertainment.

Breaking P2P in this manner would basically be getting rid of the circus part of bread and circuses. Not a good move for an authoritarian.

[–] dm9pZCAq@lemmy.ml 22 points 3 months ago (5 children)

why telegram is not blocked? makes you think...

[–] CaptainSpaceman@lemmy.world 20 points 3 months ago (2 children)

WhatsApp supposedly uses Signal protocol.

Why is THAT not blocked? Certainly they wouldnt roll their own encryption and bypass Signal security protocols after having Moxie come in, right? Right????

[–] Rose@lemmy.world 8 points 3 months ago

Russia is reportedly planning to block WhatsApp as well.

[–] possiblylinux127@lemmy.zip 7 points 3 months ago

It is owned by Meta and is proprietary

[–] ivn@jlai.lu 15 points 3 months ago

Telegram is not secure, I guess if you can listen to it better not block it.

[–] Dark_Arc@social.packetloss.gg 9 points 3 months ago* (last edited 3 months ago) (2 children)

I mean it was blocked before Signal was blocked. Russia somewhat famously badly broke their Internet trying to shutdown telegram... and eventually gave up.

I'm guessing Signal finally has enough market share to get the Russian government's attention but not enough market share that they think the web of proxies that kept Telegram online will keep Signal online.

load more comments (2 replies)
load more comments (2 replies)
[–] possiblylinux127@lemmy.zip 15 points 3 months ago* (last edited 3 months ago) (3 children)

Honestly I would've expected it to be blocked much earlier

load more comments (3 replies)
[–] Catsrules@lemmy.ml 11 points 3 months ago (1 children)
load more comments (1 replies)
[–] Railcar8095@lemm.ee 11 points 3 months ago* (last edited 3 months ago)

Why countries that do not prosecute political dissent bock apps used by political dissenters? /s

[–] marcie@lemmy.ml 8 points 3 months ago (3 children)
[–] possiblylinux127@lemmy.zip 15 points 3 months ago (9 children)

Matrix isn't secure depending on how you use it. It also doesn't protect individual identities terribly well.

Simplex Chat would be the better option however the main Simplex Chat server and matrix server could end up blocked as well.

[–] dessalines@lemmy.ml 22 points 3 months ago* (last edited 3 months ago) (3 children)

Matrix is entirely self-hostable, and you can turn off both federation, and the requirements for any linkable identifiers.

Signal by contrast requires your phone number, isn't self-hostable, and is based in a five-eyes country.

[–] Lemongrab@lemmy.one 10 points 3 months ago (2 children)

Matrix doesn't protect metadata, which is arguably just as (if not more) important than message data. Signal by contrast does protect metadata and proper implements Perfect Forward Secrecy for all chats. I do think Signal's centralized design and phone number requirements problematic, but Signal still has many merits. Such as its massive user base for a AGPL-only project.

[–] ReversalHatchery@beehaw.org 7 points 3 months ago (5 children)

Matrix also implements Perfect Forward Secrecy, and that's been the case for a very long time: https://security.stackexchange.com/questions/162773/are-matrix-messages-encrypted-using-perfect-forward-secrecy

What do you mean by AGPL-only? Synapse is also AGPL. And you can only guarantee that there won't be projects with other licenses if you prevent them from existing.. which is not something to be desired

load more comments (5 replies)
load more comments (1 replies)
load more comments (2 replies)
load more comments (8 replies)
[–] vga@sopuli.xyz 11 points 3 months ago (2 children)

Probably mostly because almost nobody uses it.

load more comments (2 replies)
load more comments (1 replies)
load more comments
view more: next β€Ί