|
|
|
|
|
|
by Terr_
285 days ago
|
|
|
I'd like to point out that a regime may find it worthwhile to compromise more kinds/sizes of VPNs than we might expect. The evil regime doesn't need to have a popular evil VPN that everybody uses... it may be enough to operate (or hack) a smaller VPN which can unmask enough dissidents that their friend-groups can be found by other means. |
|
|
If I was the US government, I'd push Google Play to offer compromised updates of Signal silently to a few people I was interested in. Even among the highly-technical, who is going to be inspecting binaries installed on a phone regularly?
Does Signal even have reproducible builds? How do I know the code matches the binary?
I'd make my own messenger.... but I don't have the money for that at all.
I wish these risks could be split up and handled separately - Suppose I run a private dark network for me and my friends, and then the GUI for chatting over it runs in a sandbox where it can only message servers that I control, using public/private keys that I control.
Conflating a million lines of Java GUI code with "Noise is a simple and secure protocol" seems like a big attack surface.