Serious Discussion Switzerland is considering amending its surveillance law

[nurmagoz]

Switzerland did have terrorist attacks, but there's definitely something else behind this, and it's not terrorism. More likely piracy. Switzerland is a literal piracy-heaven and that bothers some companies.

Proton had a fair share of controversies before. This is just one of them. Not to mention their free products are literal bait.

That really depends which country we're talking about. Companies in the US and Europe will sometimes fight for their customers, but in authoritarian regimes and dictatorships this simply isn't possible as they could easily end up in huge trouble.

Should we really be betting our privacy on how these companies handle government pressure? Even in democratic countries it’s ultimately a business decision for them. For those with strict privacy needs, it might be worth considering apps that don’t collect any data, like decentralized options (SimpleX, Wiremin). Unlike Signal they even avoid requiring phone numbers. If they don’t collect any data in the first place, there’s nothing for them to provide to the government right?
But I must admit that I try out different private messengers because it’s my little hobby. While messengers like wiremin offer smooth messaging and calls, it’s hard to convince my friends and family to switch, as it’s just too private for the average user.

 

[nurmagoz]

You would have to be very high value target for someone to use a RCE exploit or exploit chain on Signal or What's App. Once it's deployed someone will notice and the exploit will get burnt. More likely is physical compromise traveling through a another country or at work/home, physical compromise has been an issue for 25 years, do you remember the EvilMaid attacks?

And If you ever have a run in or get arrested your phone will be confiscated and kept in a dark room for ever, once this happens your in trouble. They can and will at anytime in the future try and compromise your phone with new vulnerabilities that are discovered or if the company is targeted by LEA. Remember Phantom Secure PGP secure phones back in the day? They arrested the CEO and shut down the company, they got the private keys and can now probably unlock those crime phones and read the PGP messages.

So set your Signal PIN and registration lock, it's the best you can do and enable remote wipe and hope you can wipe in time.

Agreed. The level of privacy tools we use is an important issue. For the average person, I'd say Signal provides sufficient security to protect you from data selling and surveillance of your chats with friends. But if, I mean if, one day we find ourselves participating in a protest, or for those activists and whistleblowers, especially in the face of government pressure (like what’s happening in Switzerland right now), I don’t think apps like Signal would be secure enough or necessarily willing to fight for their users.