Incoming links: End-to-end encryption
Being Brazilian, Ciro Santilli is particularly curious about the existence of a Brazilian-focused website one mentioned in the article, as well as in other democracies.
WTF the CIA was doing in Brazil in the early 2010s! Wasn't helping to install the Military dictatorship in Brazil enough!
Here are the democracies found so far, defining a democracy as a country with score 7.0 or more in the Democracy index 2010. In native language:In English, so more deniable:"Almost democracies":Ciro couldn't help but feel as if looking through the Eyes of Sauron himself!
- Germany(2: dedrickonline.com, neighbour-news.com)
- France (4: guide-daventure.com, lesummumdelafinance.com, football-de-luxe.com, suparakuvi.com)
- Italy (2: attivitaestremi.com, podisticamondiale.com)
- Spain (2: armashoy.com, montanismoaventura.com)
- Brazil (1: noticiasmusica.net)
- South Korea (1: economicnewsbuzz.com)
- Poland (1: boxingstop.net)
- Japan (1: snapnewsfront.net)
- Canada (2: kanata-news.com, mynewscheck.com)
- Philippines (1: half-court.net)
- India (1: amishkanews.com)
- Croatia (1: stara-turistick.com)
- Thailand (1: thefairwaysaregreen.com)
- Peru (1: todosperuahora.com)
It is worth noting that democracies represent just a small minority of the websites found. The Middle East, and Spanish language sites (presumably for Venezuela + war on drugs countries?) where the huge majority. But Americans have to understand that democracies have to work together and build mutual trust, and not spy on one another. Even some of the enlightened people from Hacker News seem to not grasp this point. The USA cannot single handedly maintain world order as it once could. Collaboration based on trust is the only way.
Snowden's 2013 revelations particularly shocked USA allies with the fact that they were being spied upon, and as of the 2020's, everybody knows this and has "stopped caring", and or moved to end-to-end encryption by default. This is beautifully illustrated in the Snowden when Snowden talks about his time in Japan working for Dell as an undercover NSA operative:
NSA wanted to impress the Japanese. Show them our reach. They loved the live video from drones. This is Pakistan right now [video shows CIA agents demonstrating drone footage to Japanese officials]. They were not as excited about that we wanted their help to spy on the Japanese population. They said it was against their laws.We bugged the country anyway, of course.And we did not stop there. Once we had their communications we continued with the physical infrastructure. We sneaked into small programs in their power grids, dams, hospitals. The idea was that if Japan one day was not our allies we could turn off the lights.
Another noteworthy scene from that movie is Video "Aptitude test scene from the Snowden 2016 film", where a bunch of new CIA recruits are told that:
Each of you is going to build a covert communications network in your home city [i.e. their fictitious foreign target location written on each person's desk, not necessarily where they were actually born], you're going to deploy it, backup your site, destroy it, and restore it again.
Ciro Santilli is very happy to meet people with related interests, he really loves his like-minded online friends. Even if you don't have something a specific goal in mind for the contact, please just say hi.
To contact Ciro publicly about any general subject that is not covered in a more specific GitHub repository, including saying hi or suggestions about his website either:
- create a GitHub issue at: github.com/cirosantilli/cirosantilli.github.io/issues/new or Giscus thread
- at mention Ciro's main Twitter account
For comments about China, first read:
and then create a GitHub issue at: github.com/cirosantilli/china-dictatorship/issues/new
Publicly viewable contact is preferred if possible to more effectively share Ciro's wisdom with the world.
But if you feel more comfortable with private contact, no problem, either:
- email:
cirosantilliwith provider ProtonMail which has domain nameproton.me. All lowercase and removing the placeholder characters<and>. Note that Ciro also controls the Gmail address with that same username, and keep in mind that dots are ignored in Gmail addresses. But ProtonMail preferred because why should we give our private minds to the CIA by default? Push notifications disabled. - Signal: username
cirosantilli.89signal.me/#eu/BuJjV0enXYTOnFFc1FZV5LFcWodL1a2Oy9VZ5uyQU7xrYxqw+npIcaHBqghWudrI. 89 is a reference to Ciro Santilli's birth year 1989. Push notifications enabled, but treat like email unless we are actively chatting back and forth.
For other less good methods that will also work, use direct messages of the following profiles from under Section "Accounts controlled by Ciro Santilli":
- LinkedIn: www.linkedin.com/in/cirosantilli
- Reddit: www.reddit.com/user/cirosantilli
- Facebook: www.facebook.com/cirosantilli
- Telegram: telegram.me/cirosantilli. Note that end-to-end encryption is present on secret chats only, which don't have device sync. Ridiculous.
If you are a privacy freak or are going to tell Ciro state secrets Ciro has this GNU Privacy Guard public key: pubkey.gpg.
Disqus comments were removed from his website in 2019-05-04, a manual dump is available here, removal rationale at: why Ciro Santilli removed Disqus comments from his website in 2019-05-04.
- kimchi
- reverse debugging
- E Ink
- web archiving
- Buildroot
- integrated development environments
- degreaser
- UML: while it might seem like a over-thought thing and likely is, the basic idea that understanding "one to one vs one to many vs many to many" relationships between objects and which object can see which object, is a fantastic approach towards understanding complex object oriented code
- open source software, including open source scientific computing consultancies
- computer
- FOSDEM. Ciro Santilli attended in 2016, and felt extremely good together with all those amazingly smart open source hackers: www.quora.com/What-are-the-best-open-source-conferences/answer/Ciro-Santilli
- Sass
- vimium
- bisection
- vector graphics, notably scalable Vector Graphics
- ASCII art
- OAuth
- command-line interface
- virtualization
- Anusol
- autodidacticism and self-directed learning
- end-to-end encryption
- The Criterion Collection
- version control
- SQLite
- Guerrilla Mail
- POSIX
- static website
- Freeman Dyson
- open access academic publishers
- unconditional basic income
- transhumanism
- 2FA, and notably 2FA apps
- human-readable formats
- wealth tax
- Reproducible builds
- F-Droid
- Can't get you out of my head by Adam Curtis (2021)
- drug liberalization
- Wiki-binge
- molecular Sciences Course of the University of São Paulo
- meal deal
- clade, as opposed to taxonomic ranks
- lingua franca, see also: having more than one natural language is bad for the world
- rsync
- zip hoodies
Governments should provide basic Internet infrastructure Updated 2024-12-15 +Created 1970-01-01
Companies are getting too much power to distort regulations and destroy privacy.
Taxes pay for the physical car roads, so why shouldn't they also pay for the "online roads" of today?
The following services are obvious picks because they are so simple:
Other less simple ones that might also be feasible:
- geographic information system. Notable anti-example: United Kingdom's Ordnance Survey's apparently non-free-data
- App stores
All of them should have strong privacy enabled by default: end-to-end encryption, logless, etc. Governments are not going to like this part.
And then if you ever forget a password or lose a multi-factor authentication token, you can just go to an ID center with your ID to recover it.
No chat only? .... community.jitsi.org/t/chat-function-only/79067
As of 2020: end-to-end encryption optional and turned off as default, and marked as experimental...
Appears to be based on XMPP: community.jitsi.org/t/jitsi-users-is-jitsi-a-regular-xmpp-server/13211
Basic must haves:
Other cool stuff:
- sealed sender: signal.org/blog/sealed-sender/ Nice!
Missing:
- Tor routing by default:
- option to enable disappearing messages by default:
- community.signalusers.org/t/ability-to-set-your-own-default-timer-for-disappearing-messages-on-all-new-conversations/5144 "Ability to set your own default timer for disappearing messages on all new conversations"
- www.reddit.com/r/signal/comments/jhknuz/default_disappearing_messages_timeout_for_new/
- messages are not encrypted on desktop via the password manager!?!?
- github.com/signalapp/Signal-Desktop/issues/549
- github.com/signalapp/Signal-Desktop/issues/1318
- www.reddit.com/r/privacy/comments/fwux29/signal_desktop_stores_the_encryption_key_in_a/
- whispersystems.discoursehosting.net/t/improve-security-of-desktop-apps-encryption-of-data-at-rest/26494
- community.signalusers.org/t/why-cant-we-lock-the-desktop-app-with-a-password/1383
- web client:
- secure anti-forensic data erasure to attain plausible deniability of disappearing messages:
Previously missing:
- remove the need to share your phone number with contacts: messaging software that force you to share your mobile phone with contacts. This is a deal breaker for online acquaintances:Beta February 2024: signal.org/blog/phone-number-privacy-usernames/
- security.stackexchange.com/questions/231637/signal-contact-people-or-have-people-contact-me-without-revealing-phone-numbe/245665#245665
- community.signalusers.org/t/have-option-to-set-up-username/8723
- www.reddit.com/r/signal/comments/8kybil/is_signal_ever_going_to_include_usernames/
- community.signalusers.org/t/usernames-lets-throw-phone-numbers-in-the-dustbin-of-history/7282
- remove need for phone completely:
- community.signalusers.org/t/a-proposal-for-alternative-primary-identifiers/3023
- community.signalusers.org/t/remove-the-need-for-a-mobile-phone/1543
- community.signalusers.org/t/registering-with-an-email-address/919
- community.signalusers.org/t/username-id-registration-without-phone-number/9800
- community.signalusers.org/t/more-reasons-why-signal-should-ditch-phone-numbers-the-guardian-confirmed-the-identity-of-those-in-the-chat-by-cross-checking-phone-numbers-attached-to-the-signal-accounts/7311
- community.signalusers.org/t/why-is-phone-and-phone-number-required/1425 community.signalusers.org/t/what-is-the-technical-reason-that-i-cannot-use-signal-without-a-phone-number-and-that-i-cannot-use-signal-desktop-without-signal-on-my-phone/11400
TODO what's the fucking official discussion/feature request forum?
- community.signalusers.org appears to be the de-facto non-official one.
- github.com/signalapp/Signal-Android/issues/5372
- whispersystems.discoursehosting.net
- github.com/signalapp/Signal-Desktop/issues/1318 closes and points to discoursehosting
- github.com/signalapp/Signal-Desktop/issues/549
- www.reddit.com/r/signal/comments/lipo6z/community_signal_forum_vs_reddit/ gives some good history, says they pay for community.signalusers.org/ and have admin powers there.
Haven't found the one yet:
- open source software, doh
- end-to-end encryption...
- has browser frontend and Android app
- public URL without sharing your mobile phone: messaging software that force you to have a mobile phone
- self-destroying messages (turned on by default please)
- user base large enough to give some confidence that it was reviewed for security issues
- easy/built-in setup over Tor
Optional but really ideal:
- can delete messages from the device of the person you sent it to, no matter how old
- decentralized, your username is a public key
The state of messaging is ridiculous as of 2020.
Obviously with the single intention of killing a competitor.
It is impossible to make money off WhatsApp as it is because of end-to-end encryption.
Facebook just clearly bought it to prevent it from actually growing further and killing facebook.
It is mindblowing that the sale wasn't cancelled due to anti trust.
The outcome of this is that WhatApp will remain with the same feature set forever, while other competitors have been growing, notably Discord and Slack.
It seems that there is a case looming 10 years after the fact: www.cityam.com/facebook-fails-to-block-antitrust-lawsuit-over-whatsapp-and-instagram-ownership/ Wake up???