If you are an android user you can also switch your keyboard to a more private one, Heliboard (from F-droid) is a private one. Nice video!!! 👍👍👍👍👍👍👍👍👍👍
Really appreciate the comprehensiveness of the information provided; obviously, alot of research. Thank you for such potent and powerful information. We get alot when viewing your videos. Will continue to follow and support you.
I used molly in the past (December) and had an issue where the storage would just keep inflating no matter how many chats I delete. It was to the point where I had 5gb of chats but molly was consuming 30gb+ of storage space.
Link previews are not only a privacy concern, but also a security concern, as you're essentially exposing your Signal app to external code and content, and there is a small chance there could be a 0day in the engine they use that might allow a malicious website to compromise your Signal app or even the whole phone.
Great video, unfortunately the Screen Lock feature on android lacks the INSTANT option. Is there any way you could reach that out to the team for them to implement that. Thanks
What are your thoughts on GrapheneOS? I really was not considering it given the old leadership, but haven't seen anything blatantly worth avoiding recently. Would you recommend?
I guess calyx has more friendly devs, both communities are good. But GrapheneOS is actually more secure and Google Services implementation is better for security. So choice is up to you. if you dont like daniel micay and dont want use grapheneos because of it - its fine. Im using GrapheneOS, because celebrite cant break it, more security features and so on (idk if celebrite can hack calyx) p.s. im not saying that calyxos is not secure. It is secure, but just for me and my threat model it is better. And CalyxOS is a good OS. Also Daniel is no longer lead developer and dont use social media
@@ComeOnnBruhh futo keyboard is incredible. Using it right now. I can't go back to not having the pinned clipboard buttons on my keyboard that it allows you to have.
Signal is so painful. If I restore my phone - lockout. Start all chats again. And no, the restore from another device is so buggy it really does not work. How can they be this many years into delivering a service and still not know how to give people continuation of their messaging. Secuity teams CAN’T use this app.
I have a 6 digit pin. Hiw long would it take somebody with ability to open signal? I have 24hr delete on all conversations so if I was detained or phone was seized I only need it to last 24 hours because nothing private will be left after the 24h auto delete. I have a problem forgetting PIN numbers but ut kinda defeats the whole privacy objective if my weak link is an easy to crack passcode.
china is a good vpn country, its a must-have to be connected to a vpn if u ever visit. Also besides cjina is a very beautiful country with lots of sights to see
I keep getting Chinese crypto finishing scams on signal. Somehow my number got leaked, thought the whole point of having phone number on signal was to avoid that.
@@jordank249 Yeah but if you use the Beta and try to move to the standard release once it catches up, you can't. They basically lock you into testing or you'll lose all of your messages. That happened to me. I'm very upset about it.
@@2rx_bni I disagree that it's being locked into testing, though I don't really value the Desktop much. It's a quirk of how that client is built. The Beta isn't (and shouldn't be) aware of the main client.
This was researched on being included in the video, but Signal actually encrypts things differently from most other apps which nullifies most of this issue :) www.medianama.com/2023/12/223-signal-push-notifications-content-meredith-whittaker/ It was considered for the video though!
@@Foche_T._Schitt Even if they did, why does that matter? It wouldn't even be worth the effort since SIGNIFICANTLY more is attached to that phone number beyond "I use Signal."
@@UNcommonSenseAUS Your alternative? A quality password manager is surely better than many other options. Besides, it is very easy to remediate if you’re that concerned. Just add your own personal salt to any passwords stored in the manager. So if your account or password is compromised, then they only know part of your password. Plus 2FA using an authenticator app or hardware (e.g. Yubikey), should protect your accounts further. In my experience, it is more often phishing or session hijacking that are the predominant route to compromise.
Small correction: it’s called ‘screen security’ on Android 😄(The app switching privacy protection) Privacy > Screen Security (support.signal.org/hc/en-us/articles/360043469312-Screen-Security)
3:26
🎉
Really impressed that the Signal fork Molly was covered a bit. Well done!
If you are an android user you can also switch your keyboard to a more private one, Heliboard (from F-droid) is a private one. Nice video!!! 👍👍👍👍👍👍👍👍👍👍
Have you tried the FUTO kb?
@@drstewartit’s awesome!
@@drstewart Wish they had one handed though :( cause i use a Fold 5
Or disable internet access for whatever keyboard you want to use (gboard for me)
0:20 wow! Session FTW! 🙌🏽
Session is toast. SimpleX FTW!
@@bolle666
Both have terrible names making them impossible to find info with search engines.
@@bolle6663:26 3:26
It's time to release an updated private messenger video including Jami, Threema, Utopia, Aether, Nostr, and Tox.
Thanks for all the work spreading word ! :D
Really appreciate the comprehensiveness of the information provided; obviously, alot of research. Thank you for such potent and powerful information. We get alot when viewing your videos. Will continue to follow and support you.
So glad it was helpful!
I use Molly, With unifiedpush
And encrypt the Database
You here xD!
Fantastic Video, I learned some new things about signal.
Awesome work. Thanks for the guide.
Love your content, do you have recommendations on the most secure financial brokerages?
Nice video, good job.
Signal messenger is the safest
If everyone used Signal only and followed the guide completely, all the governments would be in serious trouble.
I used molly in the past (December) and had an issue where the storage would just keep inflating no matter how many chats I delete. It was to the point where I had 5gb of chats but molly was consuming 30gb+ of storage space.
Thank you!
Link previews are not only a privacy concern, but also a security concern, as you're essentially exposing your Signal app to external code and content, and there is a small chance there could be a 0day in the engine they use that might allow a malicious website to compromise your Signal app or even the whole phone.
Awesome content!
Great video, unfortunately the Screen Lock feature on android lacks the INSTANT option. Is there any way you could reach that out to the team for them to implement that. Thanks
What are your thoughts on GrapheneOS? I really was not considering it given the old leadership, but haven't seen anything blatantly worth avoiding recently. Would you recommend?
calyx better fr
I use Calyx and it's really good unless you're a really high-profile induvidual imo
I guess calyx has more friendly devs, both communities are good. But GrapheneOS is actually more secure and Google Services implementation is better for security. So choice is up to you. if you dont like daniel micay and dont want use grapheneos because of it - its fine.
Im using GrapheneOS, because celebrite cant break it, more security features and so on (idk if celebrite can hack calyx)
p.s. im not saying that calyxos is not secure. It is secure, but just for me and my threat model it is better. And CalyxOS is a good OS. Also Daniel is no longer lead developer and dont use social media
graphene and divest both good, but he doesn't recommend any. Avoid Calyx tho.
@@xade8381 why?
What keyboard app or apps do you use for Android? Currently use Openboard
Use futo keyboard, that is just OG *private*
I'll argue it's better than gboard
aosp
@@ComeOnnBruhh futo keyboard is incredible. Using it right now. I can't go back to not having the pinned clipboard buttons on my keyboard that it allows you to have.
Futo is just the best
16:50 and on the flip side, you have Google/Apple/Samsung ect all scraping your data from your phone so your security point is two sided here.
Signal is so painful. If I restore my phone - lockout. Start all chats again. And no, the restore from another device is so buggy it really does not work. How can they be this many years into delivering a service and still not know how to give people continuation of their messaging. Secuity teams CAN’T use this app.
I have a 6 digit pin. Hiw long would it take somebody with ability to open signal?
I have 24hr delete on all conversations so if I was detained or phone was seized I only need it to last 24 hours because nothing private will be left after the 24h auto delete.
I have a problem forgetting PIN numbers but ut kinda defeats the whole privacy objective if my weak link is an easy to crack passcode.
Whic vpn country’s you recommend?
china is a good vpn country, its a must-have to be connected to a vpn if u ever visit. Also besides cjina is a very beautiful country with lots of sights to see
@@CrisCheese_ least obvious CCP fed
I keep getting Chinese crypto finishing scams on signal. Somehow my number got leaked, thought the whole point of having phone number on signal was to avoid that.
i get contacted by nigerians impersonating korean girls
Turn off discovery by phone number? That’s an option now. (Covered in the video 😀)
Phone numbers are really insecure, I'm not sure why services like Signal and Telegram insist on identifying you by it.
@lussor1 I get Chinese hackers posing as Nigerians posing as Korean girls posing as Chinese hackers!
Never in my life have I gotten a RANDOM message on Signal... You leaked your phone number somewhere sadly!
👍🏻Like #500. Nice work, Henry.
3:26 😢
i find that i already had done all
Use session instead
So have they patched that desktop security flaw yet? I stopped using it due to this.
So far as I know, yes. But even if they didn't, it didn't impact the mobile app at all.
They seem to have fixed it in Signal Desktop's Beta, though.
Same.
@@jordank249 Yeah but if you use the Beta and try to move to the standard release once it catches up, you can't. They basically lock you into testing or you'll lose all of your messages. That happened to me. I'm very upset about it.
@@2rx_bni I disagree that it's being locked into testing, though I don't really value the Desktop much.
It's a quirk of how that client is built. The Beta isn't (and shouldn't be) aware of the main client.
Notification are send to Google or Apples servers. Disabling Name and Message content in notifications you avoid that.
This was researched on being included in the video, but Signal actually encrypts things differently from most other apps which nullifies most of this issue :) www.medianama.com/2023/12/223-signal-push-notifications-content-meredith-whittaker/
It was considered for the video though!
I imagine governments have signal accounts with every phone number in their contacts to see who signs up for signal.
Turn off discovery by phone number...
@@techlore
Is that before or after you sign up? 😒
@@Foche_T._Schitt Even if they did, why does that matter? It wouldn't even be worth the effort since SIGNIFICANTLY more is attached to that phone number beyond "I use Signal."
Peertube>>>TH-cam
There will be no more end to end with ai chips in phones being released.
they blocked it in russia
or juzt uze matrix
First
I'm gonna be so for real, this app is really frustrating to use so I stopped. It shouldn't HAVE to be hardened.
Signal? You're the first person I have ever come across that feels like that
Signal doesn't NEED to be hardened.
Also, in what way is it "frustrating"? Compared to Session etc, it couldn't be easier to use.
Who outside of scammers are using Signal?
*using WhatsApp? *using Telegram?
1:35 password managers are garbage
How so?
@@marcus5551 never put all your eggs in someone else's basket
@@UNcommonSenseAUSyou can self host it yourself or backup the passwords.
@@UNcommonSenseAUS Your alternative? A quality password manager is surely better than many other options. Besides, it is very easy to remediate if you’re that concerned. Just add your own personal salt to any passwords stored in the manager. So if your account or password is compromised, then they only know part of your password. Plus 2FA using an authenticator app or hardware (e.g. Yubikey), should protect your accounts further. In my experience, it is more often phishing or session hijacking that are the predominant route to compromise.
@@UNcommonSenseAUS Fed up of TH-cam deleting my comments! I’ll try again later when I’ve got more patience with this piece of 💩
molly is great
Problemem signal jest to że brał pieniądze od amerykańskiego rządu.
🗒️✍️
Thank you!