WhatsApp Replacement

Not until all the cryptobros found out they were doing the Stellar Lumens drops and spammed the system with tons of new accounts, thereby spoiling it for those of us who have been quietly using it for years.

Luckily, apps like Signal (for now) are there for people who do give a hoot about it – like journalists and other people who regularly deal with sensitive information and sources governments would love to get their hands on.

However, be wary – the app is only as good as the platform you deploy it on. Secure apps can be undermined by a crappy OS.

I would suggest it is “platform” more the “OS” these days. Especially when you are looking at hardware, networks and end points all controlled by god knows who. The more we start to focus on “how to be secure” the more we begin to see that it is almost impossible.

But it’s not really IT as root cause, it’s politics and business. Secure communications apps - like Whatsapp was and Signal is - have and will continue to be undermined by governments who don’t like citizen privacy and corporations who will protect their profits.

Nothing is hack proof. I once saw a documentary about a group of terrorists that were able to hack into a US military satellite… from a moving train! We even watched them hack into a Navy Seal’s Newton (gaining access both to all his cooking recipes and his folder of “tactics”) using nothing more than a Gigabyte of RAM!

Of course it didn’t ultimately end well for the terrorists, but it was very close and they caused a lot of destruction along the way. I suspect they regret allowing the documentary crew along in the end.

PIGGY!!!

The point I was going at is that today’s systems have so many layers that no APP can ever guarantee security. If I can hack your mobile and install a kernel module that mirrors input and output (that can never really be secure) then all your encryption is useless. This is in the bag of tricks used by the current hot shot bad guys. Oh, and if you have connected to a wifi network that uses transparent proxy (which nearly all of them do) then there is the possibility of using some OSS tools developed for network optimization to transparently read your data stream (applicable to standard SSL/TLS more than things like Signal).

If security is your concern, get off the net and move to undocumented face to face communications. Even then you aren’t really secure. But at least you’ve eliminated folks like me from snooping on you.

;)

How do you access the Lumens and use them or cash them in? I could never figure it out.

I opened a Coinbase account, converted them to USD, and was able to send them to my debit card account – ended up being a fairish chunk of change that let me get some upgrades for my electric guitar gear. I couldn’t get the bank draft functionality to work. Coinbase has some bugs to work out.

Hmm Not sure how to do it, possibly because the message is from Sep 2019. They say they have given me 356 Lumens but where they are stored and how to access them is not obvious. Probably it is now obsolete and I lost the chance.

Nah, I have a friend (the friend who got me on to Keybase) who got them too and still has them. There’s a Wallet section in Keybase that will show you your Lumens. If you need more help, drop me a PM with your email address and we can take this offline; I can walk you through redeeming them if you want. When I cashed them out, it ended up being ~$240 dollars, so it was worth a little bit of effort.

I sent you a PM.

As it turned out only a small fraction of my WhatsApp contacts switched to Signal.

India is coming down hard on WhatsApp.

WhatsApp should withdraw new privacy policy, says MeitY in new notice

Excerpt

“We have a sovereign responsibility to protect the rights and interests of Indian citizens. The government will consider various options available under the law,” a senior IT ministry official said.

The latest communication sent to WhatsApp, the officials said, has reiterated that “the changes to the privacy policy and the manner of introducing these changes including in FAQ (frequently asked questions) undermines the sacrosanct values of informational privacy, data security and user choice for Indian users and harms the rights and interests of Indian citizens”.

continue at https://tinyurl.com/yn575hwz