[ale] Secure Family Comms

Thu Mar 23 12:23:07 EDT 2017

I am staunchly against just giving up entirely "because they've won".  
Someone will always build a better mousetrap, so a better mouse will 
come along, so a better mousetrap will be built ad infinitum.  We 
*deserve* our privacy, even if it is just sharing the super secret 
family apple pie recipe that includes TWO measures of love for that 
extra something.  Sure, Signal is a target.  Sure there are OS level 
exploits.  Sure, SOMETHING is going to leak out at some point.  You're 
not going to have 100% coverage.  But doing at least *some* is better 
than nothing.

This mindset is right there on par with, "I can't understand $TECHNOLOGY 
because I'm just too old," or "This doesn't make sense to me so it's 
dumb."  And that *infuriates* me.  My father is that way.  It irks the 
ever loving hell out of me.  If you *want* to learn and understand, you 
*will* do it.  Take whatever time you need.  But don't just dismiss 
something because it's beyond your immediate comprehension or grasp.  
Don't just dismiss your personal rights because you feel someone has 
won.

Pay attention to what you click on or what you download.  Make a mild 
effort to keep your passwords in a KeePass database.  Do *SOMETHING* 
because you DESERVE that privacy.  I don't care if you/I/anyone has 
anything to hide from anyone or not.  That's not the point.  The point 
is that I damn well deserve to not have every last packet I send across 
a wire scrutinized, lumped into metrics, and have targeted advertising 
blasted at me.  If we were to treat TCP/IP packets like letters - the 
standard they were designed against! - then what ISPs and the government 
are doing would be federal crimes worthy of the death penalty.  People 
would be in uproars!  Why, then, are ISPs allowed to sift through every 
piece of mail we pass through them?

Sorry for the rant.  I don't mean to come across mean or down on anyone 
in particular.  This is just something that I feel strongly about, and I 
needed to get that out. Thank you.

---
Very respectfully,
Kyle Brieden

On 23-03-2017 10:24, Dustin Strickland wrote:
> Signal bring compromised isn't even a question. WL just put out
> documents that show the CIA's capability to foil the encryption on all
> secure messaging services for mobile. They use os-level exploits and
> intercept communications before they're encrypted by the app. I no
> longer go out of my way to protect my privacy because it just doesn't
> help. They've ruined cyber security.
> 
> On Mar 23, 2017 10:00 AM, "DJ-Pfulio" <DJPfulio at jdpfu.com> wrote:
> 
>> Signal is a huge target. I have ZERO doubt that all that traffic is
>> being captured for later decryption. A weakness WILL BE FOUND and
>> exploited, if not in the program, in the OS hosting it.
>> 
>> If you are a dissident group trying to alter a government, might
>> want to
>> keep looking for a less popular solution. Use a little trade-craft
>> in
>> your OpSec.
>> 
>> I believe that a false sense of security is worse than believing
>> everything is non-secure, and acting appropriately.
>> 
>> But if you are sharing secret family recipes, it is probably good
>> enough.  The more traffic on the internet that is encrypted, the
>> better.
>> Easier to hide a raindrop in a rainstorm than hiding a single
>> balloon on
>> a sunny day.
>> 
>> Don't believe all the marketing hype - even the stuff I quoted below
>> about retroshare.  Do some packet sniffing. See what leaks.
>> 
>> For example, how many people are/were using Lastpass? How many
>> leaked
>> credentials got out due to the latest flaw with FF/chrome plugins.
>> An
>> online password manager just seems foolish to me.  I prefer my
>> password
>> manager NOT to having any network code.
>> 
>> On 03/23/2017 09:21 AM, Ted W. wrote:
>>> If all you want is a way to securely communicate with family use
>> Signal.
>>> It's not for email but it makes a great Apple Messages
>> replacement. My
>>> wife and I now use it since I moved off iOS and back to Android.
>> It's
>>> about a simple as it can get for this sort of thing.
>>> 
>>> -Ted
>>> 
>>> On Wed, Mar 22, 2017 at 03:31:34PM -0400, DJ-Pfulio wrote:
>>>> On 03/22/2017 02:00 PM, Alex Carver wrote:
>>>>> I want to see something that is easy for my parents to use.
>>>> 
>>>> Might be worth looking at RestroShare.
>>>> 
>>>> http://retroshare.net/
>>>> "Retroshare creates encrypted connections to your friends. Nobody
>> can
>>>> spy on you. Retroshare is completely decentralized. This means
>> there are
>>>> no central servers. It is entirely Open-Source and free. There
>> are no
>>>> costs, no ads and no Terms of Service."
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale [1]
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo [2]
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale [1]
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo [2]
>> 
>> --
>> Got Linux? Used on smartphones, tablets, desktop computers, media
>> centers, and servers by kids, Moms, Dads, grandparents and IT
>> professionals.
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale [1]
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo [2]
> 
> 
> Links:
> ------
> [1] http://mail.ale.org/mailman/listinfo/ale
> [2] http://mail.ale.org/mailman/listinfo
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x89C9D831.asc
Type: application/pgp-keys
Size: 3071 bytes
Desc: not available
URL: <http://mail.ale.org/pipermail/ale/attachments/20170323/597e0ef9/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.ale.org/pipermail/ale/attachments/20170323/597e0ef9/attachment.sig>