Celebrate pissed somebody off.
Say what you will about signal but Moxie knows how to make a drop.
I like the video clip about half way down.
I am adding a toot here to agree with some other takes regarding this. It is very irresponsible of signal to use their user base to do this.
Although, I’m not sure how else they would have accomplished exposing CB’s vulns without benefitting CB. It doesn’t justify the decision.
@thegibson I shall do so. I need to ask him when the next time he's doing a New York Skate through downtown SF will be.
@thegibson "By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me."
@thegibson you mean a post.
@Meandres I mean a god damned toot!
@thegibson I mean, the general idea of using their technical knowledge to shine transparency on the integrity problems of surveillance devices like Cellebrite is great. It's just the last step goes a step too far into creating harm instead of preventing it.
If it was just a joke, it really sends the wrong message.
If it is for real, it raises a lot of questions about their judgement and stewardship of a project that has the potential to both reduce harms and be used for harm.
@vortex_egg agreed. No arguments.
Unless it is just an idle threat. They could claim that they are deploying it on random installs of signal; and celibrite then needs to somehow prove, for EVERY instance their tools are used in a criminal case, that there was never any tampering of reports.
Effectively, the threat itself could be a viable attack against celibrite
@rgegriff @thegibson My biggest gripe with this: What I installed on my phone was billed as a secure messenger, not an exploit payload distribution tool that might randomly recruite my phone to crack other devices. Who knows what situation I will be in when it triggers?
Highly unrealistic hypothetical example: "So... you are traveling to a computer conference and your phone we just randomly 'checked' froze our spying device? You are not boarding that flight, mister."
@TheGibson it can be argued that signal is protecting their userbase by adding a file that deletes the signal database from the cellebrite extracted files using random vulnerabilities in cellebrite software.
I have no idea about the legality of this tbh.
@qwazix this fully resides in the grey zone.
@TheGibson idk, I don’t personally see an issue with distributing innocuous files that just mess with snooping. Maybe an opt out, but tbh I *want* them to put whatever that is on my device, and I don’t even regularly use signal
@TheGibson I have my complaints about Signal, but damn this is some great stuff haha Props where it's due
@thegibson "Fell from a truck" this is the sassiest post I've ever read. 😂
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.