[arminiusreturns]

I use signal because it's "good enough" and has a lower barrier to entry for less technical people, but having reviewed MM's stance on many issues, I honestly wouldn't be surprised to find out he or his company are a sort of Adrian Lamo 2.0 (obviously a bad comparison but I think you get my meaning). The bottom line is that if you are trying avoid nation states... and this is going to go against almost everything you have been taught and heard... you should probably be rolling your own crypto. It might be more doable than you think, but once again you run into the problem of how do you get others to adopt? I first heard this stance from former NSA technical director William Binney, and balked at first, but after ruminating on it for some time I think he has a point. Especially when so many of these crypto compromises happen because there is a central org thats easy to focus target (the main weakness in MM's position), vs having no central org or even being on any radar other than NSA data hoovers. Autoanalysis of comp'd communication systems wouldn't work if they don't have your crypto-comms in the list, but the thing to be aware of there is the ability for them to "walk the cat back" on comms if they do break it later.

Don't forget also that these organizations heavily participate in forum ops to sway opinion on these topics [1] so operating by consensus can be very dangerous imho. I remember one particular example being the allegations about the FBI paying contractors on ipsec to backdoor it [2]. Which was then met with all kinds of "analysis" about how it wasn't true, and that sort of became the consensus response for a while after, except a year or so later I found a post by one of the devs explaing further detail and it became obvious to me that ipsec had been backdoored and they had just engaged in "consensus cracking". Of course only a few years later Snowden leaks confirmed that ipsec was weak by design and had been being intercepted for quite some time. Also worth noting that while Snowdens doc were released in 2013, the actual docs were mostly from ~2007 era. Think about how much tech has changed since then, and then imagine just how much more powerful the systems are today. Not just the technical systems, but the organizational structures designed to prevent any kind of truly secure crypto from emerging.

1. https://archive.is/JlBgE

2. https://bsd.slashdot.org/story/10/12/15/004235/FBI-Alleged-T...

PS. Also worth noting that Eben Moglen talked about how after the gov lost the crypto wars, he heard a chilling comment about how basically they wanted to do away with anonymity also. I think it's worth noting that anonymity and crypto are hand in hand tech, and if you comp one pivoting into the other is much easier. The gov has worked on comping both quite extensively.