[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cypherpunks
Subject:    Re: bantering with punk was Re: What advantage does Signal protocol have over basic public key encry
From:       "Punk-BatSoup-Stasi 2.0" <punks () tfwno ! gf>
Date:       2021-01-31 23:09:42
Message-ID: 20210131230833.51EE511C02FA () pglaf ! org
[Download RAW message or body]

On Sat, 30 Jan 2021 06:26:21 -0500
Karl <gmkarl@gmail.com> wrote:


> 
> 
> > Maybe you can run your own signal server - how many people do that though?
> 
> The signal ratchet protocol is used in a wide variety of spin-off
> applications, both community and corporate:
> https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm#Applications


	yeah well. I'm talking about morlonpoke's signal being a system that depends on a \
single server on the amazon-NSA datacenter and you keep talking about...something \
else. 

	the question was - how many people run their own 'signal' servers. And how does that \
work anyway. You can only communicate with people who are registered on your server? 


> 
> Here is some information on running your own server, with a link to a
> fork of signal that connects independently run servers:
> https://www.reddit.com/r/signal/comments/7poh3f/is_it_possible_to_create_a_private_signal_server/
> 


	ok, that sounds more promising, too bad one can't read reddit-NSA (read reddit ha \
ha) unless one enables the execution of javashit malware. 

> 
> It's really a lot of work to look up information to back up every
> single point I make.  

	.... A lot of work? Finding one reddit link? 


	https://metager.org/meta/meta.ger3?eingabe=federated+signal+servers&submit-query=&focus=web


	Ok so that search only comes up with your reddit link. My first conclusion is that \
there aren't many 'federated signal servers' out there. Oh here's another tidbit 


	https://community.signalusers.org/t/server-systems-minimum-requirement/1064

	"May 31, 2017, 
	Hi, to run Signal server you need to create accounts at Twilio, AWS S3, Google \
Developer and Apple Developer. 

	Twilio - for sms broadcasting
	AWS - for documents
	Google developer - for GCM push notifications.
	Apple Developer - for APN push notifications" 

		

> Can we just assume that if something is clearly
> not hard to do, that many people have done it, in general?


	I would never make such assumption. It's a perfect example of a 'non sequitur'. It \
doesn't follow that X being easy means X is being done. 


> 
> > On the other hand you cannot use the 'signal service' at signal.org without \
> > registering. As a side note of sorts :  "Signal is a registered trademark in the \
> > United States and other countries.". Plus : 
> > "You agree to use our Services only for legal, authorized, and acceptable \
> > purposes. " ('acceptable'? 'authorized'? 'legal'? LMAO)
> > 
> > "Signal's Rights. We own all copyrights, trademarks, domains, logos, trade dress, \
> > trade secrets, patents, and other intellectual property rights associated with \
> > our Services."
> 
> Trademark law doesn't seem to be a good point against anything here,
> to me.  It is normal in the USA to register trademarks for words.

	
	Yes, 'normal' means it follows 'norms' or 'laws'. Following insane US laws is \
'normal' only in that circular sense. Apart from that, it is insane.   

> This makes it harder for other people to co-opt them and pretend to be
> you.  They are only legally protecting their name and logo.
> 
> Yes, their mainstream client centralises registration, probably for
> reliable identity management, a choice that has been discussed
> extensively.


	.... has been discussed by whom? 

	
	So anyway, my conclusion again : the signal PROTOCOL is more robust under CERTAIN \
attacks. The SIGNAL COMPANY is an untrustworthy organization that was 'founded' with \
3 millions from the pentagon and 50 millions from some silicon valley oligarch and \
WHATSAP asshole. 


[prev in list] [next in list] [prev in thread] [next in thread]