Recent searches

No recent searches

Search options

Not available on musician.social.
musician.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon site for Musicians and people into Music

Administered by:

Server stats:

141
active users

musician.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.5

#SingleProvider

1 post1 participant0 posts today
*
Kevin Karhan :verified:

@mechanix @delta @randy_ @gaufff precisely!

Personally, I feel confirmed to not use #Centralized & #proprietary #SingleVendor & #SingleProvider options like @signalapp / #Signal which by virtue of collecting #PII in the form of #PhoneNumbers are at best #UsefulIdiots if nit a blatant #HoneyPot...

Anything else doesn't work!

  • The only way you can guarantee your #HumanRights is by actively enforcing and using them in the most aggressibe way possible that doesn't infringe upon others' rights...
#humanrights
Replied in thread
Kevin Karhan :verified:

@MurrayWindripper @micahflee except #Signal being a #Centralized, #SingleVendor & #SingleProvider solution that (illegally!) demands and collects #PII (#PhoneNumber) for no legitimate reason makes them inherently bad.

I went into lenghts and have linked details re: @signalapp here:
infosec.space/@kkarhan/1148625

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)One thing that really pisses me off personally is the #regression in terms of #Messenger #Apps. My personal distaste and dislike for #proprietary, #SingleVendor & #SingleProvider #services like #Signal [¹](https://infosec.space/@kkarhan/114234551915193036) [²](https://infosec.space/@kkarhan/114935952643402592), #Telegram, #Discord [³](https://infosec.space/@kkarhan/114865723904157014) [⁴](https://social.treehouse.systems/@krutonium/115157611977216372), #WhatsApp [5](https://infosec.space/@kkarhan/114873895410403238), #Slack, #MicrosoftTeams, etc. aside: - *WHY* is there no #CrossProvider #Messenger to handle that shite? - *WHY* does everyone of these shitty providers think people want to download their #bloated #WebApp that takes up triple digit Megabytes if not entire Gigabytes and will gobble up all the #RAM and #CPU each of them can?? This problem ain't new and *already got [solved for corporate social media](https://infosec.space/@kkarhan/114862619013462466) ages ago!* (Not to mention actually good messengers!) - And no, [bridges](https://toots.ch/@dalai/114862754556459439) *[don't](https://swecyb.com/@troed/114862774972645542) count*! - I mean `API 0` - [style](https://digipres.club/@foone/112685423773959519) access because obviously [none of the platforms](https://digipres.club/@foone/112685414638522984) will *allow, endorse or support such an endeavour* and [*actively fight the developers and users*](https://digipres.club/@foone/112685441496803574) ! So yeah, consider this a call for a @gajim@fosstodon.org / #Gajim or @pidgin@fosstodon.org / #Pidgin *for garbage platforms!* - Cuz back in the day we had *way worse messengers* yet people actually made #AIM, #ICQ, #MSN, #QQ, #IRC & #XMPP work just fine from one single *"phat" client*! - Can we please get that back? Cuz #WastefulComputing pisses me off! #api0 #Enshittification
Replied in thread
Kevin Karhan :verified:

@ustralien @bjoern Unabhängig davon ist die globale Verfügbarkeit essentiell.

  • Wenn internationale Händler und Plattformen (auch außerhalb der #EU) es nicht unterstützen ist es im 21. Jahrhundert relativ wertlos.

Nennt sich #Nerzwerkeffekt und da es ein #zentralisiertes, #SingleVendor & #SingleProvider - System ist hat es nunmal entsprechende *Kritik zu fixen!

#selfhosting#wero#zahlungsdienstleister
Replied in thread
*
Kevin Karhan :verified:

@soatok IMHO all #centralized, #SingleVendor & #SingleProvider solutions are bad - including #Signal!

infosec.space/@kkarhan/1149359

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)My [reservations](https://infosec.space/@kkarhan/114234551915193036) and [criticism](https://infosec.space/@kkarhan/114862595629371002) re: #Signal are not just valid, but the reality is *even worse than I thought*: - The fact that @signalapp@mastodon.world requires not only their shitty #Android #App, and a #PhoneNumber but literally won't allow people to use their shitty #Desktop-App unless they have an Android device with a camera pointed at it makes it utterly unuseable for certain users *who don't have a fucking #camera in their Android*… Seriously, do they expect folks to deal with that shit? - It's already worse in terms of #UX than #telegram and #discord and that too makes #XMPP+#OMEMO clients like @monocles@monocles.social / #monoclesChat & @gajim@fosstodon.org / #gajim easier and faster to onboard #TechIlliterates onto. - Whichever asshole decided that a *replacement for #SMS* should mandate #PII like a #PhoneNumber & not be natively cross-platform should be banned from doing any #tech in their life. Trying to circumvent this shit and helping folks with it makes me so fucking angry that I'm now explicitly refusing to support it! FIX THAT SHIT, @Mer__edith@mastodon.world, and if it means you need to kick some devs in their crouch then consider this a necessary *"investment"*… #sarcasm #TechSupport #TapesFromTechSupport #Enshittifucation #SignalSucks #TelegramSucks #Messengers
#InconvenientTruth
Replied in thread
*
Kevin Karhan :verified:

@adisonverlice ALL #SingleVendor, #SingleProvider #Messengers that are #proprietary by virtue of not having everything #FLOSS'd are inherently bad.

If that shit was actually secure, it would've been abused so hard that she'd be in jail for refusing to comply with #CloudAct and duely issued warrants as well as being complicit in the "abuse" of said platform.

Twitterthaddeus e. grugq on Twitter“I’m gonna tell you a secret about “logless VPNs” — they don’t exist. Noone is going to risk jail for your $5/mo https://t.co/Q2aOQJkG4g”
*
Kevin Karhan :verified:

@glitzersachen @Yuki relative...

I think that @cperciva et. al. made a good product & service with #Tarsnap and their #SelfCustody-based #encryption is solid.

  • It's just that it is still a #SingleVendor / #SingleProvider solution and that #BDSG & #GDPR say "No!" when it comes to handing over data to 3rd parties outside the #EU that are subject to #CloudAct, regardless if it's considered 'unfeasible if not impossible' that they could ever decrypt it.

tarsnap.com

tarsnap.comTarsnap - Online backups for the truly paranoidTarsnap is a secure online backup system for UNIX
Replied to FandaSin
*
Kevin Karhan :verified:

@FandaSin Obviously that is kinda expected.

I don't expect a single developer with no money and time to maintain this, but at least see some professional option for that.

infosec.space/@kkarhan/1148626

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)And it's not like people and espechally businesses are unwilling to pay for good tools, cuz not only is HootSuite still around, but @tapbots@tapbots.social, who made the excellent [TweetBot](https://tapbots.com/tweetbot/) nowadays make @ivory@tapbots.social, an excellent #ActivityPub client with focus on #Mastodon that people are willing to pay a #subscription for! - And from what I could see from users who pay for it, they are not just happy, but it also looks and feels better than #TweetDeck in it's golden days... https://tapbots.com/ivory/
*
Kevin Karhan :verified:

One thing that really pisses me off personally is the #regression in terms of #Messenger #Apps.

My personal distaste and dislike for #proprietary, #SingleVendor & #SingleProvider #services like #Signal ¹ ², #Telegram, #Discord ³ , #WhatsApp 5, #Slack, #MicrosoftTeams, etc. aside:

  • WHY is there no #CrossProvider #Messenger to handle that shite?

  • WHY does everyone of these shitty providers think people want to download their #bloated #WebApp that takes up triple digit Megabytes if not entire Gigabytes and will gobble up all the #RAM and #CPU each of them can??

This problem ain't new and already got solved for corporate social media ages ago! (Not to mention actually good messengers!)

So yeah, consider this a call for a @gajim / #Gajim or @pidgin / #Pidgin for garbage platforms!

  • Cuz back in the day we had way worse messengers yet people actually made #AIM, #ICQ, #MSN, #QQ, #IRC & #XMPP work just fine from one single "phat" client!

  • Can we please get that back? Cuz #WastefulComputing pisses me off!

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)Content warning: Rant re: Signal Shills being dangerous Tech Illiterates
#api0#Enshittification
Replied in thread
Kevin Karhan :verified:

@artfulmodder last time I checked @signalapp still demanded #PII in.the form of a #PhoneNumber, still peddled the #MobileCoin #Shitcoin #Scam and didn't move out of the #Cyberfacist #USA despite #CloudAct being nothing new!

  • Not to mention #Signal is both able and willing to discriminate against users based off said PII. Just because they do it for "#Sanctions #Compliance" diesn't mean they ain't gonna change that nor that @Mer__edith (or anyone else at Signal) could be bribed or threatened to do so.

They are #centralized #SingleVendor & #SingleProvider and are thus a #SinglePointOfFailure per design!

IMHO "memory tagging" is the least of Signal's problems. To me they stench "#ControlledOpposition" just as hard as #ANØM and incompetence as hard as #EncroChat!

#controlledopposition
Replied in thread
Kevin Karhan :verified:

@mit_scharf the problem with "threat scenarios" is that they tend to change quickly, non-consensual and without warning.

  • Demanding any #PII [even by virtue of being correlateable through circumstances] to be able to use a service is inherently bad, espechally since there is no "legitimate interest" for that.

"#KYC" is the illicit activity! and #Signal acts as a controlled opposition by virtue of being a #proprietary, #centralized, #SingleVendor & #SingleProvider "solution" that subjects itself to a juristiction that has 0 #privacy laws and only #cyberfacism (see #CloudAct ) to boot...

  • I find it more fatiguing and also expensive to try to workaround shite than to migrate folks to secure standards because that's a one-time investment that I'm willing to take vs. having to jump through hoops and paywalls to acquire a working #SIM (or #eSIM) anonymously and maintaining it.

It's just not in the cards TBH!

en.wikipedia.orgOpposition (politics) - Wikipedia
Kevin Karhan :verified:

@martinsteiger Welche?

Weil ich sehe nur #PGP & #OMEMO in Benutzung...

Aber vielleicht sind jene Personen naiv genug #proprietär|en #SingleVendor & #SingleProvider - Lösungen auf den Leim zu gehen?

infosec.space/@kkarhan/1147013
infosec.space/@kkarhan/114697690127511140

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@Cappyjax@mastodon.social IDGAF about *"passion"*. [All I care about is the security of users!](https://infosec.space/@kkarhan/114697690127511140 ) Requiring *any* #PII like a #PhoneNumber is inacceptable when it comes to #ComSec, #InfoSec & #OpSec, espechally given @signalapp@mastodon.world is not only able but entirely willing to restrict service based off said numbers, making their "solution" insecure by design. - There's a reason why #XMPP+#OMEMO and #PGP/MIME [both each over @torproject@mastodon.social / #Tor] is the *evidently superior and more secure approach*, as being unable to *"#KYC"* a user is a matter of security... Espechally since obtaining a phone number anonymously is oftentimes illegal (i.e. #Germany made it illegal starting 07/2017, so using any service that demands a phone numner is out of question) - And even *if* one can get an anonymous #SIM (with a phone number) or god forbid #eSIM, (which is at best pseudonymous as tracking down users by virtue of matching ICCID, IMEI & IMSI to location and time) the chances are high that one ends up with recycled phone numbers that have already been used. Obviously the devs of #Signal and @Mer__edith@mastodon.world are well aware of this critical flaw, which is why I consider them to act as [*"useful idiots"*](https://en.wikipedia.org/wiki/Useful_idiot) or rather [*"controlled opposition"*](https://en.wikipedia.org/wiki/Opposition_(politics)#Controlled_opposition) as #Signal could've been shutdown trivially by the #US Government or forced into banning users based off their #PhoneNumbers (they may call this *"#sanctions #compliance"* given they added a #Shitcoin - Wallet into Signal!)... - All the *"but #Metadata"* #FUD turns into #MarketingLies once put under the looking glass and examined against the risk of state-sponsored / -endordsed / -supported attackers. Whereas with @monocles@monocles.social / #monoclesChat, @gajim@fosstodon.org / #gajim and @delta@chaos.social / #deltaChat and @thunderbird@mastodon.online / #Thunderbird respectably I can not only use Tor, but do #SelfHosting for the entire #communications infrastructure (i.e. using an #OnionService = only reachable via Tor) and get the advantages of a self-routing, self-authenticating & battle-hardened against censorship proxy network that can't be shutdown! - And if you think this is too tinfoilhatted, then consider yourself privilegued enough of having your mere existance not being [criminalized by the government under threat of public execution!]( https://ilga.org/news/state-sponsored-homophobia-december-2019-decade-update/) https://ilga.org/wp-content/uploads/2024/02/ILGA_World_map_sexual_orientation_laws_December2019.pdf https://infosec.space/@kkarhan/114697690127511140
Replied in thread
*
Kevin Karhan :verified:

@derekmorr

Let it go, already. No one uses MobileCoin. You can’t even find an exchange to buy it.

Then why does @signalapp still have that shit in it? @Mer__edith could've pulled that #Shitcoin yet refuses to do do!

The Cloud Act is a non-issue. Signal doesn’t have data on users, so they can’t be forced to disclose it.

That's literally wrong!

  • #Signal not only collects #PII in the form of a #PhoneNumher but explicitly is able and willing to use that to dsicriminate against users and restrict app functionality based off their presumed juristiction. There is no "legitimate interest" for.doing so nor any legal mandate to do so (unless we excuse the ehole #MobileCoin-#Scam!)

It’s been 30 years, and no one uses xmpp. Let it go.

Wrong again. Otherwise there wouldn't be thriving ecosystems and Apps to this day. It's just that corporate shills refuse to acknowledge that Signal - like all centralized, proprietary, #SingleVendor and/or #SingleProvider kessengers before and after - will inevitably die as their business model is not sustainable. Sake with #ICQ really. The only exceptions are those that abolish #privacy for #profit, integrate actually working payments or sellout to a #cyberfacist #government (all those apply to #WeChat!)

It’s shocking that people who claim to care about security and privacy push niche apps with terrible UX and no PFS like Delta or XMPP instead of the only private messenger with any real market share, Signal.

You know what's shocking to me: People who are unable or rather unwilling.to acknowledge that Signal is garbage and it's requirement for a #PhoneNumber kills any #privacy benefits it may have on paper by virtue of being at best pseudonymous (assuming the userd don't live in a juristiction that demands "#KYC" for even prepaid #SIM cards (ime. #Germany) or god forbid even #IMEI|s (i.e. #Turkey has a literal allowlist that'll kick any device off it's MNOs after 90 days within 365 days.

  • The #UScentric approach to #privacy and #threats makes Signal absolutely useless in many cases, and I do speak here from experience.

I'd rather help people onboard #XMPP+#OMEMO like @monocles and/or @gajim or #PGP/MIME like @delta & @thunderbird (incl. setting them up with #Orbot / #TorBrowserBundle / @tails_live so their traffic gets through @torproject and doesn't provide any useable IP addresses.

  • I've literally been there and done that!

As for #Sustainability, providers like monocles.eu finance themselves by subscriptions (starting at €2 p.m.) which people can pay fully anonymous using #CashByMail and #Monero on top of common payment methods (i.e. SEPA wire transfer)...

  • So even if you think "#monocles is a #honeypot" that is mitigateable ciz unlike with Signal you can choose your own client, choose a different provider & exervise self-custody of all tue keys!
monocles.eumonocles searchmonocles search, powered by searx
#monocles#honeypot
TrendingLive feeds
About