bantering with punk was Re: What advantage does Signal protocol have over basic public key encryption?

Sun Jan 31 15:09:42 PST 2021

On Sat, 30 Jan 2021 06:26:21 -0500
Karl <gmkarl at gmail.com> wrote:


> 
> 
> >         Maybe you can run your own signal server - how many people do that though?
> 
> The signal ratchet protocol is used in a wide variety of spin-off
> applications, both community and corporate:
> https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm#Applications


	yeah well. I'm talking about morlonpoke's signal being a system that depends on a single server on the amazon-NSA datacenter and you keep talking about...something else. 

	the question was - how many people run their own 'signal' servers. And how does that work anyway. You can only communicate with people who are registered on your server? 


> 
> Here is some information on running your own server, with a link to a
> fork of signal that connects independently run servers:
> https://www.reddit.com/r/signal/comments/7poh3f/is_it_possible_to_create_a_private_signal_server/


	ok, that sounds more promising, too bad one can't read reddit-NSA (read reddit ha ha) unless one enables the execution of javashit malware. 

> 
> It's really a lot of work to look up information to back up every
> single point I make.  

	.... A lot of work? Finding one reddit link? 


	https://metager.org/meta/meta.ger3?eingabe=federated+signal+servers&submit-query=&focus=web

	Ok so that search only comes up with your reddit link. My first conclusion is that there aren't many 'federated signal servers' out there. Oh here's another tidbit 


	https://community.signalusers.org/t/server-systems-minimum-requirement/1064

	"May 31, 2017, 
	Hi, to run Signal server you need to create accounts at Twilio, AWS S3, Google Developer and Apple Developer. 

	Twilio - for sms broadcasting
	AWS - for documents
	Google developer - for GCM push notifications.
	Apple Developer - for APN push notifications" 

		
> Can we just assume that if something is clearly
> not hard to do, that many people have done it, in general?


	I would never make such assumption. It's a perfect example of a 'non sequitur'. It doesn't follow that X being easy means X is being done. 


> 
> >         On the other hand you cannot use the 'signal service' at signal.org without registering. As a side note of sorts :  "Signal is a registered trademark in the United States and other countries.". Plus :
> >
> >         "You agree to use our Services only for legal, authorized, and acceptable purposes. "
> >         ('acceptable'? 'authorized'? 'legal'? LMAO)
> >
> >         "Signal’s Rights. We own all copyrights, trademarks, domains, logos, trade dress, trade secrets, patents, and other intellectual property rights associated with our Services."
> 
> Trademark law doesn't seem to be a good point against anything here,
> to me.  It is normal in the USA to register trademarks for words.

	
	Yes, 'normal' means it follows 'norms' or 'laws'. Following insane US laws is 'normal' only in that circular sense. Apart from that, it is insane. 
	

> This makes it harder for other people to co-opt them and pretend to be
> you.  They are only legally protecting their name and logo.
> 
> Yes, their mainstream client centralises registration, probably for
> reliable identity management, a choice that has been discussed
> extensively.


	.... has been discussed by whom? 

	
	So anyway, my conclusion again : the signal PROTOCOL is more robust under CERTAIN attacks. The SIGNAL COMPANY is an untrustworthy organization that was 'founded' with 3 millions from the pentagon and 50 millions from some silicon valley oligarch and WHATSAP asshole.