[gjsman-1000]

Only if you say so.

There is a degree of rational fear, rational expectation of being tracked. Your degree of fear though is irrational unless you are, in fact, a journalist in an authoritarian state.

You are saying that you are so paranoid, you don't trust iMessage to be End-to-End Encrypted because it has zero-click exploits developed as part of a cyberweapon that is explicitly targeted against high-profile journalists. You then think using Signal or something is more secure, even though if this was pulled off in iMessage (more sandboxed than any other messenger security-wise), your other messengers probably are also flawed and you shouldn't use any of them.

In fact, you shouldn't use a mobile device. And maybe for your situation, that is right and rational. But for most people, it's not.

[Dah00n]

No, he is right that you are using bad words because you disagree. I wouldn't have added this but the thread just keeps going.

Just because someone want to be as secure as possible while using their electronic devices and you think they are being extreme doesn't mean that they are being paranoid. It has nothing to do with being paranoid. It could simply be because it is fun to try and secure your devices or to gather knowledge on how to do so in case you need to apply the skill-set at work or a thousand other reasons.

>you don't trust iMessage to be End-to-End Encrypted

I don't secure my devices as GP does but I also do not trust for a second that iMessage is securely E2EE. It is not something you hear rarely if talking about the topic, in fact it is very common argument on HN that iMessage messages are saved unencrypted to iCloud.

>this was pulled off in iMessage (more sandboxed than any other messenger security-wise)

That is almost the opposite opinion of iMessage than what was posted by researchers yesterday on HN (well, Twitter originally). In fact they stated:

>"BlastDoor is a great step, to be sure, but it's pretty lame to just slap sandboxing on iMessage and hope for the best. How about: "don't automatically run extremely complex and buggy parsing on data that strangers push to your phone?!"

In short, Paranoid is misused a lot like this. Just like Schizophrenia (it is often used about having multiple personalities or many opinions that clashes, but neither is correct usage).

[gjsman-1000]

> It could simply be because it is fun to try and secure your devices or to gather knowledge on how to do so

It could be the case, absolutely. But the OP doesn't sound like their having fun, they are in earnest.

> do not trust for a second that iMessage is securely E2EE

Ask a security expert, and they will tell you it has been verified by just about everyone who has inspected it that this is, in fact, the case, including the EFF. But it is proprietary code, not open, which is a downfall.

> are saved unencrypted to iCloud

And can be turned off with the flip of a switch in Settings if that's something you are worried about. For most people who aren't OP-sec (like my Grandma), having all of her messages deleted because someone stole her phone isn't worth it.

> "buggy parsing on data that strangers push to your phone?!"

Yes... Except that every other secure messenger also does the exact same thing. And they don't have BlastDoor sandboxing like iMessage does. Yes, BlastDoor has flaws, but at least it's there unlike other messengers which don't sandbox.

[smoldesu]

That's absolutely not paranoia, so I'd suggest you leave GP alone instead of burning karma and making yourself look like a fool.

[gjsman-1000]

Name-calling and blind assertions ("it's not because it's not!") is not a good-faith response.

[Closi]

> Your degree of fear though is irrational unless you are, in fact, a journalist in an authoritarian state.

You are putting words in OP's mouth. OP never said he was fearful, only that he didn't want to be tracked.

Someone friendly could follow me around in real life and watch what I'm doing - and keep suggesting products to me based on getting to know me. I'm not going to be afraid but I am going to be freaking annoyed, and feel like my privacy is violated when he says he isn't going away.

[gjsman-1000]

Not wanting to be tracked is fine.

I'm trying to say his game-plan for not being tracked is immensely flawed. He thinks a nation-state weapon could be used against him, so switch to a third-party messenger which doesn't do the same degree of sandboxing for security. What could go wrong?

If you are worried about a threat that is that niche, and will almost certainly be patched soon, you shouldn't be using any messenger, logically speaking.

[Closi]

IMO you are putting words in their mouth and misrepresenting what OP was saying.

OP wasn't talking just about the pegasus attack, they were talking about the key escrow not being held under end to end encryption on iCloud. That's not going to be patched any time soon, and there are other messengers which don't do this.