Jason2357

Phone number and trust-on-first-use for most people, with out-of-band fingerprint verification for the paranoid. It really depends on the threat model and the security practices/awareness of your colleagues, but a link shared on some social media or lower-security chat network is more vulnerable to a man-in-the-middle attack than a phone number for your average Joe. There are a lot of ways a person could get a manipulated invite link.

Either he was arrested with no record of the arrest (i.e "disappeared") which is a new line for the administration to cross, or he disappeared for another reason (by himself, or with help or coercion by a foreign entity like the CCP), and the FBI is investigating.

I hope journalists keep on this because the first option would be a huge problem that everyone needs to know about, but without more information, the second is also a possibility. The CCP is known to have agents in western countries that manipulate and pressure ex-pats to return to China. Keeping an open mind now will also strengthen the argument if evidence for the former comes to light.

Might be easiest to just drill out the mic and camera, and use a usb headset for calls. I also suggest specific threat modelling and learning about opsec as that may help you feel more in control. After that, please look after your mental well-being. We all should.

This is signal detection theory combined with an arms race that keeps the problem hard. You cannot block scrapers without blocking people, and you cannot inconvenience bots without also inconveniencing readers. You might figure something clever out temporarily, but eventually this truism will resurface. Excuse me while I solve a few more captchas.

I'm not sure you are vehemently agreeing with me, or somehow arguing the semantics that "even worse" and "much worse" mean something substantially different.

Indeed, see the context - I'm referring to the fact that Firefox is nearly 100% funded by advertisers, but separated by an arms-reach organization. Chrome is precisely 100% funded by advertisers, and under the complete control of an advertising company. Chrome is clearly worse, but Firefox is long-term problematic because that advertising money is going to whittle away at that separation eventually.

Oh wow, I almost bought into proton with hard-earned dollars just a few days ago. Glad that was on the backburner until now! holy smokes! Task cancelled! Thank you.

They made a shitty change to their TOS regarding sharing user data with advertisers, then backtracked (appropriately, imho). It's the same issue as always - Firefox costs Mozilla millions of dollars to develop and maintain, and it's entirely funded by advertising companies. I personally think Mozilla does a pretty good job of balancing interests, but that is a long term problematic relationship for privacy respecting software. I don't think any of the forks solve that problem, as they are still dependent on all of Mozilla's development money to keep going, and Chrome based browsers are even worse. Modern browsers are just too damned expensive! Anyway, the drama: https://techcrunch.com/2025/03/03/mozilla-rewrites-firefoxs-terms-of-use-after-user-backlash/?guccounter=1

Exactly, never assume silence is because they have changed their minds. They only just discovered it doesn't play well in polling and are avoiding the topic. Unless they actively say they have changed their mind, they haven't (and even then be skeptical). Ontario learned this the hard way several times in a row.

Out of band key exchange is great -as long as people can physically meet and exchange QR codes. In reality, they are often sent via less secure means. As always, the humans are the weakest security link.

It does, I tried it. Though, that may have been an addition since the attacks started.

Though, in that specific case - Russian agents conducting espionage via targeted individuals - it's very likely they surveil their targets long enough to catch their device PIN before they nab the phone and return it. In the end, there is very little recourse to defend against this type of Evil Maid attack. Signal is really better at protecting against mass surveillance, but for individuals directly targeted by state espionage? You would need serious opsec, using air-gapped computers kept in safes or guarded by humans 24x7 and other crazy stuff. They have rules about what can be physically done with devices containing top secret information for a good reason.

The exact reason why it's bad for top secret communications is why individuals should use it or something like it. That is government auditability.

Reagan's success was convincing the Democrats to under-correct and fully buy-into trickle-down neoliberalism for decades. That way, when people get fed up with it, a Republican gets to claim to be a third option against all those mainstream globalists who's going to bring jobs back to America. The marks don't recognize it was the Republican's who started it in the first place.