@reverseics Just do it like #Google #ProjectZero and tell them straight up in their face:

https://www.youtube.com/watch?v=F_XCDu6GQt4

I was nice once, now I won't! IDGAF what you need to do to fix it. Details will be public in 90 days. Go fuck yourselves!

And basically prepare everything to be ready in precisely to the second 90 days from the moment mail was sent to them.

• Cuz only with #consequences will we get #accountability!

In jedem Falle sollte mensch niemals und unter keinen Umständen irgendwem seine [echten] Personalien Mitteilen oder gar nen Perso-Foto bzw. Selfie schicken!

• Es gibt sehr, sehr wenige die wirklich sowas verlangen dürfen [bspw. #Autovermietung] oder gar müssen [siehe #Banken] aber die werden i.d.R. einen persönlich hereinbestellen [bspw.: Autovermietung machts bei Schlüsselübergabe] oder seriöse Lösungen [bspw.: #POSTIDENT] nutzen. Auf jeden Fall wird kein Händler³ im Internet sowas verlangen!

Alles andere führt nur zu #Identitätsdiebstahl und #Identitätsmissbrauch wo entsprechende Opfer dann z.T. als Beschuldigte*r in tausenden Fällen dann gearscht ist...

• Also schützt euch und andere vor #Doxxing und #SelfDoxxing!

³[Selbst nicht beim legalen Waffenkauf! Da wird stattdessen ne Kopie der WBK samt Nummer verlangt weil der Kauf wird quasi in Echtzeit gemeldet und ohne passenden Voreintrag im System ist auch kein Erwerb möglich!...]

@simsus * DUN DUN DUUUN!*

Wofür wurde nochmal #TETRA eingeführt?

Wenn Leute #InfoSec, #OpSec & #ITsec vergeigen ist #ComSec für'n Arsch!

@cryptadamist @panigrc @finalstaticfox @dansup

Obviously that's another evidence of why #KYC IS THE ILLICIT ACTIVITY!...

• That problem doesn't exist with #Monero as one cannot determine #transactions, #balances or link wallets by observing the #blockchain. Unlike with all those Shitcoins like #Bitcoin or #Ethereum!

• So even if I had a Monero Wallet and even if you knew the wallet address, you cannot see what's on it or what transactions go in and out.

• It's even more secure than #SEPA because thanks to #SWIFT & #FATCA the #IRS and #TreasuryDept. have bulk access to these systems and can basically see account balances in real time (when it comes to #US citizens! The rest they can approximate with bulk access to payment providers and intelligence).

So yeah, blame lack of #privacy, #secrecy, and #custody as well as #doxxing in the form of KYC under the false pretense of #AML for the rampant rise of #kidnappings and armed robberies of #shitcoin HODL'ers.

• Obviously I do condemn such acts of violence as a matter of principle.

The fact that there are automated, idiot-proof tools like #chainalysis that enable statistical tracking and linking of transactions for everything except Monero is the problem.

• Don't believe that such "AML compliance" tools are unique to the clients of said providers, because it's just connecting dots from public records. No warrant nor insiders nor MLAT needed.

IOW: OFC I'd have to expect getting robbed by organized crime if I were to post evidence of me sleeping on genuine gold bars.

• That's what [bank] vaults are for!
• Sadly shitcoin-fans seem to disregard basic #OpSec, #InfoSec, #ComSec & #ITsec that even #TradFinance do execute.

@Belledonne_Communications obviously I'm interested in the on-premise self-hosting option...

• No offense, but #ComSec is critical!

@mrmasterkeyboard I hope this is a #shitpost, not a real setup, because #RedStarOS is literally the #GovwareOS:

https://www.youtube.com/watch?v=8LGDM9exlZw

@BrodieOnLinux @torproject @guardianproject

At this point I'd like to ask when @EUCommission and other #regulators start #banning #StasiBook and other #GAFAM|s for their blatant actions as #OrganizedCrime to violate #privacy standards in the #EU and elsewhere?

https://infosec.space/@kkarhan/114733606176520273

Cuz at this point the €32B fines at maximum are a joke.

• I think that people espechally in Germany who may be affected [I'm not!] consider seeking legal advice and potentially file charges for said digital espionage and computer sabotage against #NSAbook!

Simply because this isn't a mere violation of #GDPR, #BDSG and other standards, but literal #malware that has been deployed against users in the wild...

• Anything but actual prison sentences & arrest warrants against the persons responsible would be undue leniency.

@BrodieOnLinux I am pretty shure @torproject / #TorBrowser and any #App that does #Proxy through @guardianproject / #Orbot for #Tor access is not affected but I do encourage both #Tor and Orbot devs to test against #LocalhostTracking!

@delta also #deltaChat natively supports #Proxies, #VPN|s and @torproject / #Tor so not only can people use it that way but also use any other bypass method.

• Obviously, the classic #Sneakernet with people doing uucp with foreign mobile networks near borders works just as well...

I'd not be surprised if delta Chat is also used by #RimjinGang* and #38North** for a "contactless sneakernet" tho I am convinced they won't confirm or deny that for #OpSec, #InfoSec & #ComSec reasons alone...

• I mean, both #Iran and #NorthKorea ain't #Iraq and #Syria where one could just take a phat satellite dish, strap an LTE stick or even external antennas on and just point it at turkish or lebanese radio towers near the border, as owning any satellite equipment in these places is a guarantee to get publicly executed for "espionage"...

@afreytes +9001%

• It's impossible to get #GDPR compliance with #GAFAMs' products!

• It's impossible to get #ITsec, #InfoSec, #OpSec & #ComSec on a compliant level when a literal #Govware (#Windows) is being used.

• I cannot work as #Linux Sysadmin unter WinShit just like a cardiologist can't perform a heart transplant just cutlery from a prison mess hall and NSAIDs and just like a nurse can't CPR a toddler with a pneumatic jackhammer!

@Cappyjax IDGAF about "passion". All I care about is the security of users!

Requiring any #PII like a #PhoneNumber is inacceptable when it comes to #ComSec, #InfoSec & #OpSec, espechally given @signalapp is not only able but entirely willing to restrict service based off said numbers, making their "solution" insecure by design.

• There's a reason why #XMPP+#OMEMO and #PGP/MIME [both each over @torproject / #Tor] is the evidently superior and more secure approach, as being unable to "#KYC" a user is a matter of security...

Espechally since obtaining a phone number anonymously is oftentimes illegal (i.e. #Germany made it illegal starting 07/2017, so using any service that demands a phone numner is out of question)

• And even if one can get an anonymous #SIM (with a phone number) or god forbid #eSIM, (which is at best pseudonymous as tracking down users by virtue of matching ICCID, IMEI & IMSI to location and time) the chances are high that one ends up with recycled phone numbers that have already been used.

Obviously the devs of #Signal and @Mer__edith are well aware of this critical flaw, which is why I consider them to act as "useful idiots" or rather "controlled opposition" as #Signal could've been shutdown trivially by the #US Government or forced into banning users based off their #PhoneNumbers (they may call this "#sanctions #compliance" given they added a #Shitcoin - Wallet into Signal!)...

• All the "but #Metadata" #FUD turns into #MarketingLies once put under the looking glass and examined against the risk of state-sponsored / -endordsed / -supported attackers.

Whereas with @monocles / #monoclesChat, @gajim / #gajim and @delta / #deltaChat and @thunderbird / #Thunderbird respectably I can not only use Tor, but do #SelfHosting for the entire #communications infrastructure (i.e. using an #OnionService = only reachable via Tor) and get the advantages of a self-routing, self-authenticating & battle-hardened against censorship proxy network that can't be shutdown!

• And if you think this is too tinfoilhatted, then consider yourself privilegued enough of having your mere existance not being criminalized by the government under threat of public execution!

https://ilga.org/wp-content/uploads/2024/02/ILGA_World_map_sexual_orientation_laws_December2019.pdf
https://infosec.space/@kkarhan/114697690127511140

@renardboy same goes for #InfoSec, #OpSe, #ComSec & #ITsec:

NEVER EVER use a service that demands "#KYC" no matter the "legitimate interest" they claim.

Because any information that can be weaponized against a user will be!

https://infosec.space/@kkarhan/114695158410619458

@Em0nM4stodon except #Protin got caught snitching!

• Consider @monocles / #monoclesMail with @thunderbird on @tails_live @tails / #Tails over @torproject / #Tor and do #PGP/MIME for maximum #ComSec!

@mshelton @freedomofpress @eff I did prepare peoples' devices for that in the past.

My suggestions:

0. Never assume you'll have any #HumanRights or #CivilRights. Always assume #TSA staff is looking for a reason to jail, deport, deny entry or shoot one on the spot.

1. Do not have data on them! #CPB will seize any storage media under threat of lethal violence! Use a #ThinClient-like device without any persistent storage. Keep anything important in your head or don't keep it at all.

2. Have someone to setup a #RemoteDesktop for you post-entry and enshure you've got a #SafeWord to indicate you're acting under duress, so they can redirect stuff to a inconspicuous system.

3. Have a #decoy system ready. CPB have full, unrestricted bulk access to all data from companies that are located, do business in or have an office within the #USA as per #CloudAct. So much so that they consider it "suspicious" if one doesn't have an #NSABook account.

4. Make shure all your devices are #clean. Get yourself new throwaway devices and don't trust them if you ever let them out of sight for a second!

5. Test your setup before you travel to the #US on a different system.

6. This applies to every single device from #SimCard to #Laptop. Assume that if authorities plug anything in them, they are irredeemably compromised!

7. Practise proper #ITsec, #InfoSec, #OpSec & #ComSec. Have proper contingencies and emergency contacts in place.