I saw some threads here about Telegram and piracy stuff being banned. So, as an experimental alternative, I created a public Signal group for piracy.
Maybe it’ll be useful?
Before joining
Signal supports usernames and hiding telephone numbers. Here’s a blog entry on how to do so. You might want to:
- set a username
- change your profile name (these are two separate things!)
- hide your phone number
You might try a Matrix group instead. Doesn’t require a phone number and supports more than 1000 users unlike Signal. Search is bad though unfortunately.
Why not use SimpleX Chat? If you use Matrix for that you will likely get reported and get banned
Go ahead and create the group then make a post. Nobody’s holding you back my friend.
Some suggest matrix, others simplex. Not sure which one would be better honestly
Signal no longer require a phone number.
It still requires a phone number to sign up, but you don’t need to share it to chat with someone
Oh good to know, I was mistaken then…
What is even the point of “piracy groups”? What exactly can you find there that you cannot in other places designed for that, e.g., trackers, usenet, forums…?
I don’t know this group but I am on a telegram group that shares movies produced in my country of origin. It’s quite niche, I never saw any tracker that does the same. I doubt it for usenet but never looked into it. Anyway, my point is that some layman uploaders use whatever is at hand and not necessarily have much preparation or technically involved solutions…
It’s like having a discord ‘server’. Nothing gets actually talked about, noteworthy stuffs are hidden beyond layers of clunky mobile UI and everyone’s phone numbers are leaked in the process.
Good idea overall, unfortunately they still have your IP and phone number which means Europeans are still implicated
Signal doesn’t collect IPs and therefore can’t even hand them out. It’s been requested in 2021. Here’s a list of requests from authorities they were allowed to publish. I’ve looked through 3 of the most recent and nowhere do they reveal IPs.
Sure they don’t log the IPs, but it is technically impossible to not know the IP when you’re running a centralized service.
deleted by creator
I wrote a comment here about why sealed sender does not achieve what it purports to.
I didn’t know that. Thanks
What are the “popular” alternatives? Telegram stores everything, WhatsApp doesn’t allow usernames, Matrix requires IPs too…
deleted by creator
deleted by creator
You are welcome to audit the source code and host the backend yourself.
You understand that, for everyone except for a complete network pro, that is worse for security and privacy, right?
Don’t get me wrong, it’s great that you can.
But the reason piracy websites struggle so much with long term stability isn’t because they’re hosting the wrong software.
deleted by creator
TBH I would just use email over TOR and encrypt communication with PGP. Rotate identities every now and then and you should be fine. Yes it doesn’t have forward secrecy but it removes the effort to find the “right messaging” service and is instead ubiquitous (and you can sign up for anonymous email addresses online too, which makes it even better).
Session?
deleted by creator
The phone number is not connected to the messages. That’s the only thing they have. It is the best app for privacy.
Arguable in it being “the best app for privacy”. Can you link to a source which shows that phone numbers are not linked to accounts? (Why do they need them anyway?)
They have published requests from the law enforcement and their responses to these requests. The only unencrypted data they have is the phone number, a date of sign up and a date of the last login. That is it, everything else is encrypted and they cannot access it whatsoever.
The problem is, if you’re in Europe, your phone number is associated with your identity
No you don’t.
I can go to the corner shop/local garage right now, buy a SIM card for 99p and then buy a top-up voucher in cash to have a completely anonymous phone number.
Albeit is the UK in Europe again? 🙈
edit: where I would be worried if my privacy was on the line is I could also go to the local pawn shop / Cash Converters to ensure that SIM card isn’t associated with an IMEI I’ve previously used and buy in cash a cheapo phone.
Same in a few other European countries. I’m doing it right now with a few SIMs. You can also go on holiday to another country, get a few temporary SIMs there for a few quid and fly back home with the “contraband”. Really not hard.
Aye, I’ve seen this misconception before and suspect it’s specific countries in the European continent where you have to register.
The last time I bought a SIM in the UK I was told specifically I could not buy it with cash.
I don’t know if you’re in the UK right now but I can tell you right now that I can go round the corner and buy a SIM card in cash plus a top-up voucher, from someone like this guy
https://www.coregroup.co.uk/assets/img/cards/independent-retail-sim-distribution.jpg
So what? The law enforcement knows you have an account and knows the sign up date and last login. That doesn’t affect your privacy whatsoever. Besides, Europe isn’t a monolith. You can absolutely buy and use a SIM card without disclosing your name in some countries.
But, again, all they can prove is that you signed up to Signal and when you last signed in.
Exactly. Signal is private, not anonymous
I believe the same is true in the US.
It is not. You do not show any ID to get a phone number
You also don’t need to show any ID for a business to meet “know-your-customer” regulations. Can you get a phone number without revealing your identity?
Sometimes, but that’s it. Authorities and signal itself can only say “this number has account with us since $signupDate and used it last on $usageDate”. Signal can’t say “we know $number is talking to $otherNumber” nor can they say “$number is in $group talking to $users”.
SimpleX all the way
Is there a simplex group we can join?
Right
Will a simplex group better? Nothing identifiable.
Make it and share it. I don’t have simplex.
deleted by creator
Feel free to make a post about it. Very few will see it here otherwise :)
deleted by creator
deleted by creator
Yes, let’s talk piracy behind some stupid walled garden. As if public conversations are not fragmented enough as it is
Signal is a walled garden?
how is it not?
- the worst kind of opensource, where you are not allowed to run the software yourself (or even fork it)
- not indexable
- requires signup with personal informations
- forever tied to a single identity
- not exportable to other services
- no open formats for its storage
it’s a shitty service, by a shitty person. I know Moxie personally, and he is basically Elon Musk if he didn’t make it
Great… Signal is imperfect.
Can you suggest a perfect alternative?
At this point I’m just happy my family have tolerated it to the point we’re not using Facebook Messenger, Google chat (it whatever it’s called this month) and WhatsApp.
The xmpp or whatever other convoluted alternative you’re about to recommend is not something I’m going to get 20 or 30 family and friends to switch to.
Signal is imperfect… But not as bad as many other options.
here we are talking about piracy, especially the topic of discussing piracy. Just use a forum, even something like lemmy. Here you have everything you need, but without contributing to a piece of shit like Moxie nor putting everything behind a walled garden like discord (or any other chat software for this matter)
Tracker Control is blocking me from joining. Weird that Molly (its a hardened signal fork) is showing amazon is being contacted when trying to join the group.
I can unblock it but its weird. I also noticed the other domains its been trying to (unsuccessfully) contact.
Signal uses AWS.
Only for groups? Why thing else has worked fine for the 9months I’ve had signal.
I think signal servers may be using aws hosting.
Signal uses Amazon’s servers, look it up. It’s all encrypted of course.
The problem is Signal supports up to 1000 people group chat, so it’s better to find something different
I can barely handle chat groups with 100 ppl.
Matrix?
How big were the telegram chat rooms? Did they ever get that big? The only chatroom I’ve seen with over 1k people is on matrix and it was relatively quiet. If there’s a 1k limit, probably the admin will have to kick inactive users.
Way bigger. You could have many thousands.
What the fuck? I’ve never seen a chatroom that big. Must be absolute chaos…
Or are those “just” distribution channels aka admin only posts?
Thoose given are distrubution channels, but there are group chats like t.me/durovschat which is 12k members. I forgot the limits which i think is 200k for chatroom and infinite(?) for distrubution channels
Edit: yeah its 200k and infinite in “broadcast groups”
Definitely just “distribution”
Sounds like a place for toots 🤔 Signal supports admin only chat rooms. Maybe they’ll be able to support >1k in the future. Dunno if MLS will be able to do that.
Toots?..
Mastodon i guess.
Thanks for doing this
I thought signing up for Signal required a phone number and phone app – and all phones have IMEI besides many other nightmare anti-features.
For the normies it’s fine but tbh I’m not sure it’s as advertised.
What ever happened to that odd old app called tox?
Honestly I could see a version of DeltaChat + GPG make some gains in popularity but I would argue the email relay servers and spam lists are rigged for max surveillance.
Are we at the point where tech from 20 years ago may be the way lmao.
XMPP, IRC, ICQ /s
Matrix is probably the best bet but some of their apps and clients seem like dogshit. And I am saying that as someone who uses them daily. And the whole “server” thing is a PITA, or it used to be at least.
I guess we’ll just have to use carrier pidgin and cypherto encrypt the cat gifs /s
Carrier Pidgin. Lol. Made me chuckle!
Yeah, for me personally I’m sticking to simplex. I can get an anonymous sim card, but none of the people I’d be talking to would do that. I don’t want this relationship/network map out there at all if I can avoid it.
What makes you think Signal is maintaining relationship maps, and secondly, even if it is, is there any evidence they’re included in LEO subpoenas?
There is no evidence. safety is about staying multiple steps ahead and risk mitigation when possible.
Centralized servers are a single point of failure that could be compromised in the future.
My contact’s devices they use signal on are insecure and could be easily compromised in the future.
SMS/Cell network in general are insecure as hell and I avoid it as much as possible.
Why would I expose all that sensitive data when there’s literally no need to? Simplex works great for me.
Then create a simplex group and invite everybody there.
deleted by creator
They pinky promise they don’t maintain these relationships. Maybe even they really don’t. But they have the ability to, if they were to change their mind, and that’s the problem.
Use secure protocols which don’t give anyone that ability.
Which ones do you suggest?
XMPP. Simplex.
Feel free to create the chat rooms and share them as a post :)
Keybase is better than Signal. You may not like it’s current owners but it still works, still functions, and can be used to chat privately. It’s entirely OSS on the client side; and server-side software isn’t provided; but with an open Client; it’s likely trivial to reverse and re-implement your own. (Keybase itself doesn’t provide their server code; it’s private due to abuse constraints)
Keybase is End to End Encrypted. It may not be as “feature rich” but all features are private.
I’m not sure if it’s indev anymore though; and it does allow you to be as public or as private as you’d like to be about your identity.
Epic