The one I’m thinking of specifically recently is the revelation by Indian subcontractors that META was lying about their Rayban smart glasses having private mode that would not recording in private areas you set like bathroom, shower, in bed etc… And in fact it had sent tens of thousands of videos of people nude or fucking to the Indian subcontractors.

METAs response? Fire them, admit nothing. Lol. That’s some grossss shit that even normies want nothing to do with.

Agree. One thing that I’ve noticed is that if it’s about social media I say I “had to delete it for mental health, that shit is so bad for you”, and generally get a much more receptive response than when I explain it’s primarily for privacy and that I don’t trust them with my data.

Though Zuck and others are making it way easier to point out how creepy their platforms are, so that becomes a good entrypoint re: privacy also.

You claimed a payment system would solve spam. I explained why that gets right back to the privacy problem.

This has left you deeply confused, apparently. Bye.

Yep. So… You sign up with a username, no phone number… Then you use a payment provider to pay for that account… And… Your payment info is therefore linked to that account at creation time.

Potential remedy could be using Bitcoin or something as an option, but then… 99% of people dont have or use crypto, and would just use the default CC/paypal. Same issue.

Then you have the same privacy problem but with payment provider…

This is real false dilemma that people often raise. There’s so many tools that Signal can use to stop spam. Do you get spam email? Almost never - even on E2E email, because reputation blacklisting solved it. Signal already only lets accounts message other users in their local contacts list or added by username.

Examples off the top of my head: If a new account is registered it can have a ‘gradual release of abilities’ whereby it can only send 3 messages first day, 10 first week, etc. Same for adding users by username. Signal already has spam-account reporting capabilities that block accounts after too many reports. Simple. Solved. And the payoff is that everyone gets complete privacy of who they are during signup.

BTW I already get spam on Signal. Here’s the latest from just 2 days ago, know nobody by this name and don’t recognize her, standard pretty god-botherer bait profile, user photo looks like AI (light reflection left eye very different to right eye):

My thinking also. Corps/gov can also link identity to emails of course, but it’s much harder due to email aliasing and the ease of new account creation.

Mobile phone numbers are far more personal - people generally only have one or two max and generally keep them for very long periods.

If its the true reason, it would make Signal not much better than Meta’s WhatsApp, which gleans value from its users by noting metadata tying users to one-another by who they contact, when, and how often to extrapolate social circles and relationships. But Meta goes further in I think also tracking location, etc, and obviously has much more personal data in the linked phone numbers of many FB/Insta accounts… Signal could potentially be doing some of that to a degree with IP geolocation… Not great.

TLDR: its the one thing stopping me from trusting Signal entirely as a benevolent actor - they want and ‘need’ your personal phone number. I use it still, as its the best available mainstream option, but I mention this concern when recommending it to those seeking privacy.

Oh cool, I’ll give this a try, I see it’s on IOS also. Cheers

Thanks for those pointers. I like the idea of an official CLI for instance to perform automatic regular encrypted backups, or the possibility of interfacing messages to other systems. But I presume they’d have to be careful to avoid opening the door to automated messaging spam bots.

“To register on Signal Desktop, a phone number will still be required.”

Then this is just a whole lot of not much.

Users have been asking Signal to allow accounts to be created without a phone number ever since it was released. I just want to use Signal with my kids who don’t have phone numbers, dude. Signal already have usernames and encrypted client-side contacts… What’s the holdup? Why insist a phone number is still required?

I use very popular router by Gl.Inet called Flint 2 (GL-MT6000). Goes on special for about $125 USD. Great specs, solid device.

Fully supported by OpenWRT, and I recommend flashing to that so that you have completely FOSS software with no possibly hijinks from the manufacturer’s OEM OS.

You’ll need to read some guides or watch some vids to get you set up on OpenWRT, bit of a learning curve, but it has everything you could possibly need. Check it out.

Anonymous works fine 99% of the time if you only install occasional apps from Google. It works by grabbing a random Google account from a large pool of Google accounts that Aurora (or someone) runs, and accesses the store for searches and downloads after logging you in. You’re logged out after a set period (several hours iirc) and then grab a new ‘anon’ account from the pool next time you do updates or search for an app.

The only issue you may face occasionally is if the app you want is geofenced to your area, and the ‘anon’ account was made in a different geographical location - in which case you won’t be able to find the app in the store to install (or update) it. I usually just log off and on a couple of times and this resolves. It’s a minor irritation.

Many create their own throwaway Google account on a different device (not linked to them in any way), but I haven’t bothered… Might be worth it if you install a lot of apps from Google store and want minimal issues though.

I think that would undo a lot of the attempted anonymity though, even if it’s just for app istalls/updates. I’ve used Aurora for… 4… 5?.. years as my only means of apps from the Google app store, only using anon accounts and only having occasional hiccups where updates don’t kick off automatically or geofenced apps can’t be located. I only use maybe a dozen apps from the store though, all the rest are F-Droid/etc.

So many good answers already taken.

I’m eating all the nuclear launch codes.

I think I’ll just keep using tailscale until they start enshittifying, and then set up a Headscale instance on a VPS - no need to take this step ahead of time, right?

I mean, all the people saying they can avoid any issues by doing the above - what’s to stop Tailscale dropping support for Headscale in future if they’re serious about enshitification? Their Linux & Android clients are open source, but not IOS or Windows so they could easily block access for them.

My point being - I’ll worry when there is something substantial to worry about, til then they can know I’m using like 3 devices and a github account to authenticate. MagicDNS and the reliability of the clients is just too good for me to switch over mild funding concerns.