> It's just a demo instance, but, these front ends are barely revealed to the public
This genuinely doesn't look any different from the control panels of commercial infostealers and RATs sold on Russian hacking forums. Those usually sell for between $200 and $20,000 depending on features and pricing model (one-time vs. ongoing subscription).
These spyware companies hype themselves up, but they're really not any different from Ivan's RAT-as-a-Service, besides having extra exploits to burn and wealthier customers.
Same applies to other industries too btw, in drones world, so many companies that you see their names with multi billions contracts, but if you open the hood and see their hardware/software, it’s built on top of everyday open source tools duct taped together with some UI, and sales selling it as the next big (insert buzzword here) thing ever!
It's too bad that "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized" has become "we can download a full copy of all of your files at any time, or continually, if we feel like it, even if we don't suspect you of a crime".
You must be new. The Constitution is an irrelevant piece of toilet paper now.
The first amendment only protects you unless the people in power say it doesn't. The government will pressure private companies to censor you. This was provably demonstrated under the Biden administration.
The second amendment is useless. One third to half of the country doesn't recognize the right to keep the majority of the useful arms that exist, nor the right to bear them in any meaningful way. The (Republican-leaning) Supreme Court has decided that states requiring permission slips to exercise a right is a totally valid precedent. The Republican district attorney for D.C. proudly states that having a gun there for any reason is an immediate offense. Donald Trump has been recorded suggesting to take guns from people before due process. And that's ignoring the Democrat's unfathomably large track record against this amendment. I just wanted to include the fact that neither side actually supports this amendment, as much as people like to believe.
Third amendment is pretty obscure in our era. So far, at least. But you could make the roundabout argument that the Biden admin preventing landlords from evicting their unpaying tenants, particularly if those tenants were currently or previously employed by the military, would violate this amendment.
Fourth amendment doesn't matter anymore. We have entire government agencies whose primary purpose is to ignore this amendment. It's not even a conspiracy, nor a conspiracy theory. They do it in plain sight, and everyone knows, but apparently nobody cares (in which case why does the amendment even matter). Also, as long as the government gets the data from private companies (even if by force), that apparently doesn't constitute a fourth amendment violation these days.
Fifth amendment: civil asset forfeiture is disgustingly rampant all across the country. Not enough people know about it or care.
Sixth amendment: the term "speedy" regarding trials is an extremely loose one, especially now. Especially considering the government is apparently allowed to hold you indefinitely without an actual trial, without facing any repercussions.
Eighth amendment: judges impart excess fines quite often. See the Alex Jones case.
Ninth amendment: completely irrelevant now. If the government believes they have the right, though not explicitly enumerated, then they have the right.
Third Amendment issues come up every now and then. For example, legislators have tried to force airlines to provide special services for U.S. military at their own expense:
I'm not saying these men and women aren't deserving, but the taxpayers should foot the bill. A private property owner shouldn't be forced to. Fortunaely, these bills never get far.
Can somebody please explain to an idiot (me) how is this possible for this to keep going? I thought that the world has decided that spyware is illegal and can't be produced. Is this company related to israeli government? If not, why is it allowed to function?
What is allowed to companies is not allowed to private citizens. If you want to systematically break copyright laws or steal data from people, do it as Joe's LLC. Joe would go to prison for copyright infringement or hacking other people, Joe's LLC can do as it please.
The message can't be intercepted in transit, since we are talking about spyware, I assume they get it from the device, hard to defend against that if they have access to your process' memory space.
Even if you had to input your private key every time you wanted to read or send a message, having malware in your phone voids practically any form of encryption, because it has to be decrypted eventually to be used.
not at all. there is no encryption that can save you when one of the legitimate participants is somehow compromised. doesn't even need to be a sophisticated device compromise, literal shoulder surfing does that too.
You're correct in the literal sense that they did say those words, but the entire comment clearly demonstrated a lack of surprise that reveals the opening words to be intended ironically.
This entire thread should be annihilated, but since you mentioned being pedantic...
You're correct that a pure encryption algorithm doesn't use hashing. But real-world encryption systems will include an HMAC to detect whether messages were altered in transit. HMACs do use hash functions.
Thank you for that link. Your original comment implied that Signal's threat model should have included an attacker-controlled end. The only way to do that is to make decryption impossible by anyone, including the intended recipient. A labyrinthine way to do that would be to substitute the symmetric-encryption algorithm with a hash algorithm, which of course destroys the plaintext, but does accomplish the goal of obfuscating it in transit, at rest, and forever.
It’s performative security, when an app still requires a phone number, can’t have your own server, and all these audits are meaningless as you might have memory injected spyware later, it is NOT secure, never was.
I guess they've seen a Signal icon in the photo. Of course the interception is done locally on the phone (so it's basically "man-in-the-client" rather than a "man-in-the-middle"), therefore the Signal protocol is not really worth being mentioned as it has nothing to do with local interception.
> It's just a demo instance, but, these front ends are barely revealed to the public
This genuinely doesn't look any different from the control panels of commercial infostealers and RATs sold on Russian hacking forums. Those usually sell for between $200 and $20,000 depending on features and pricing model (one-time vs. ongoing subscription).
These spyware companies hype themselves up, but they're really not any different from Ivan's RAT-as-a-Service, besides having extra exploits to burn and wealthier customers.
Same applies to other industries too btw, in drones world, so many companies that you see their names with multi billions contracts, but if you open the hood and see their hardware/software, it’s built on top of everyday open source tools duct taped together with some UI, and sales selling it as the next big (insert buzzword here) thing ever!
The first amendment only protects you unless the people in power say it doesn't. The government will pressure private companies to censor you. This was provably demonstrated under the Biden administration.
The second amendment is useless. One third to half of the country doesn't recognize the right to keep the majority of the useful arms that exist, nor the right to bear them in any meaningful way. The (Republican-leaning) Supreme Court has decided that states requiring permission slips to exercise a right is a totally valid precedent. The Republican district attorney for D.C. proudly states that having a gun there for any reason is an immediate offense. Donald Trump has been recorded suggesting to take guns from people before due process. And that's ignoring the Democrat's unfathomably large track record against this amendment. I just wanted to include the fact that neither side actually supports this amendment, as much as people like to believe.
Third amendment is pretty obscure in our era. So far, at least. But you could make the roundabout argument that the Biden admin preventing landlords from evicting their unpaying tenants, particularly if those tenants were currently or previously employed by the military, would violate this amendment.
Fourth amendment doesn't matter anymore. We have entire government agencies whose primary purpose is to ignore this amendment. It's not even a conspiracy, nor a conspiracy theory. They do it in plain sight, and everyone knows, but apparently nobody cares (in which case why does the amendment even matter). Also, as long as the government gets the data from private companies (even if by force), that apparently doesn't constitute a fourth amendment violation these days.
Fifth amendment: civil asset forfeiture is disgustingly rampant all across the country. Not enough people know about it or care.
Sixth amendment: the term "speedy" regarding trials is an extremely loose one, especially now. Especially considering the government is apparently allowed to hold you indefinitely without an actual trial, without facing any repercussions.
Eighth amendment: judges impart excess fines quite often. See the Alex Jones case.
Ninth amendment: completely irrelevant now. If the government believes they have the right, though not explicitly enumerated, then they have the right.
https://www.foxnews.com/politics/lawmaker-wants-to-waive-all...
I'm not saying these men and women aren't deserving, but the taxpayers should foot the bill. A private property owner shouldn't be forced to. Fortunaely, these bills never get far.
That is, companies can make and sell it as long as they only sell it to governments and only the ones that we like.
Moxie's "unbreakable" end-to-end communication protocol.
Lol, so like ... all encryption schemes since the 70s?
Hashing is not encrypting.
You can learn more about the topic here, https://www.okta.com/identity-101/hashing-vs-encryption/
Load this page, https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Ctrl-F "hash". No mention of it.
Before being pedantic at least check out the url in that comment to get the basics going.
You're correct that a pure encryption algorithm doesn't use hashing. But real-world encryption systems will include an HMAC to detect whether messages were altered in transit. HMACs do use hash functions.
> Hashing is not encrypting.
> You can learn more about the topic here, https://www.okta.com/identity-101/hashing-vs-encryption/
Thank you for that link. Your original comment implied that Signal's threat model should have included an attacker-controlled end. The only way to do that is to make decryption impossible by anyone, including the intended recipient. A labyrinthine way to do that would be to substitute the symmetric-encryption algorithm with a hash algorithm, which of course destroys the plaintext, but does accomplish the goal of obfuscating it in transit, at rest, and forever.
See, https://en.wikipedia.org/wiki/Moxie_Marlinspike