| ▲ | causalscience 12 hours ago |
| I have no idea if that was true 20 years ago, but it's not true now. XMPP doesn't have this problem; your host instance knows your IP but you can connect via Tor. |
|
| ▲ | OhMeadhbh an hour ago | parent | next [-] |
| Tor has the problem that you frequently don't know who's running all the nodes in the network. For a while the FBI was running Tor exit nodes in an attempt to see who messages were being sent to. maybe they still are. |
|
| ▲ | ddtaylor 11 hours ago | parent | prev | next [-] |
| OTR has been on XMPP for so long now |
| |
| ▲ | causalscience 11 hours ago | parent [-] | | Is that good? According to the wikipedia page it seems last stable release was 9 years ago. Is anyone using that? Last time I had a look at XMPP everybody was using OMEMO. | | |
| ▲ | blurb4969 10 hours ago | parent [-] | | OMEMO has its own flaws too https://soatok.blog/2024/08/04/against-xmppomemo/ | | |
| ▲ | causalscience 9 hours ago | parent [-] | | Sorry, I don't pay attention to anyone who disses PGP. I don't care if it's easy to misuse. I focus on using it well instead of bitching about misusing it. If there's one thing we learned from Snowden is that the NSA can't break PGP, so these people who live in the world of theory have no credibility with me. | | |
| ▲ | OhMeadhbh 44 minutes ago | parent | next [-] | | wow. that's a phenomenally bad policy. There are many legit critiques which can be leveled at PGP, depending on your use case. [Open]PGP is not a silver bullet. You have to use it correctly. | |
| ▲ | ddtaylor 8 hours ago | parent | prev [-] | | Before my arrest (CFAA) I operated on Tor and PGP for years. I had property seized and I had a long look at my discovery material, as I was curious which elements they had obtained. I never saw a single speck of anything I ever sent to anyone via PGP in there. They had access to my SIGAINT e-mail and my BitMessage unlocked, but I used PGP for everything on top of that. Stay safe! | | |
| ▲ | OhMeadhbh 41 minutes ago | parent | next [-] | | if you sign PGP messages with a key you associated with your identity, the have high confidence you sent emails signed with that key. i.e. - PGP does not offer group deniable signatures as a default option. | |
| ▲ | michaelmcdonald 6 hours ago | parent | prev [-] | | Would be curious to know (if you're willing to share) how you were found if you were working to obscure / encrypt your communications. What _was_ it that ultimately gave you away or allowed them to ID you? |
|
|
|
|
|
|
| ▲ | zxcvasd 11 hours ago | parent | prev [-] |
| [dead] |
