[ryanlol]

It also recommends running an antivirus on desktop, using a VPN, using tor browser, pidgin and goes as far as discussing android as a viable option.

The “lock up your SIM” part is simply ridiculous too, this has never ever stopped anyone.

This article is terrible because it has clearly been written by non-experts who should not be writing any security guides.

[jlgaddis]

Your comments (this one, and others downthread) get downvoted to hell yet tptacek's comment [0] -- which says basically the same thing -- is at the top. WTF?

[0]: https://news.ycombinator.com/item?id=15735789

[drdaeman]

Interesting. I'm not an security expert, but believe locking SIM card with a PIN code is a reasonably good idea to ensure in case of a stolen smartphone (non-targeted) it would be more likely thrown out as useless rather than used for any nefarious purposes.

Or I'm wrong?

[ryanlol]

SIM card PINs are not discussed in the article. Instead they recommend asking your telcos support rep to attach a note to your account to prevent sim swapping, which doesn't work.

[Redoubts]

I’m out of the loop, what’s wrong with pidgin?

[ryanlol]

libpurple suffers from very poor code quality, leading to tons of exploitable vulnerabilities. Just as you would expect when writing C parsers for lots of complicated protocols.

[the_common_man]

> libpurple suffers from very poor code quality, leading to tons of exploitable vulnerabilities. Just as you would expect when writing C parsers for lots of complicated protocols.

Is this your personal feeling or do you have something to back this up? A quick look at the source code suggests it's basically like any other glib based program.

[daxorid]

These are just public ones:

https://www.cvedetails.com/vulnerability-list/vendor_id-6938...

Filter by CVSS > 6, note the number of execs. Enjoy.

[ryanlol]

This is a commonly known fact, not just my personal feeling.