@@ChichaGad I dislike telegram, because it isn't, by default, End-to-end encrypted, and E2E encryption only works on "smart"phones. I don't own a smartphone, I couldn't even use telegram with E2E, if I wanted.
@@ChichaGad what if the russophobia is a hat trick to bring down all the dissidents between us when they start collaborating 🤔 I've had to question my own geopolitical sensibilities on this note because as much as I love RT America, it doesn't make sense that it's tolerated, and I've always been suspicious of Snowden because we didn't make a russophobic fuss over him and because he didn't tell us anything a hundred ignored whistleblowers told us before
idk about other countries but over here in the uk you can literally go to the store, pick up a sim card with some minutes and data already on it, pay with cash, go home, put it in a phone, recieve that one text you need from telegram or whatever and then just throw the sim in a drawer in case you need it later. this is what i did to make a twitter account after i got phone number banned, works like a charm
Also in Brazil, but they require you to register an I.D number before first use. But you can generate a fake one or search for one online. After not paying for a few months the number gets revoked and later someone else can end up using that number as well.
I can’t tell if the deep fake thing was a joke or not and now I’m questioning my entire perception of what I thought you looked like. And now everything looks like a deep fake
As someone who uses credit instead of monthly plan i use 10$ for 6months just because every 6 months i have to charge credit to keep the sim card active xD
I live in France, my previous phone plan had unlimited calls and sms, and I paid 7€ per month. I now pay 10€ with the added benefit of being 5G compatible, and having 50GB more, totalling to 80GB.
For those who don't know, session is a private messaging app that uses signal protocol on a decentralized network without requiring a phone number to register
@@GeorgeWashingtonLaserMusket Signal requires a registered phone number to send messages. It's a messaging app. Requiring a phone number to function is the same as requiring a phone number. Stop lying by technicalities.
While I had used Linux before, your videos are what got me into actually using it as a daily driver, instead of just a fun experience, or creating extremely custom distros for, hold your breath, *minecraft*, however, because of you, I now daily drive a arch linux i3 distro, with nothing but some shortcuts. Thank you!
@@hardyzme I program, I run a startup, and I play Minecraft
3 роки тому+57
Fun fact: if you back your chats up to icloud or google drive, your messages are stored in decrypted format. (Maybe the filesystem of iCloud or google drive is encrypted, but the messages stored are not) Another fun fact: Homeless people are not per definition unemployed people.
if youre outside of the anglosphere and you use telegram, youre a furry, criminal or really edgy kid. in other countries like some places in europe telegram is more common
@severidad hard agree, I abandoned it when my friends didn't join but when I came back to it this month, I saw the rooms infested with foul bots and no activity - esp on the signal room. This will not take off for a while if this is the case.
You actually think this is a joke? ... No. First off, there's no joke that mental outlaw steals ideas from Luke Smith. Period. That's not even an accusation. We have independently _CONFIRMED_ that this IS Luke's backup channel deepfake.
If you will use your phone #2 several times, especially near phone #1, then: it will be possible to link all your activity from all accounts, which use the same phone number; it will be possible to link your two phone numbers with each other (because of the same geographical coordinates).
Yea I was told that apparently that's a big thing on telegram, which makes me question why don't those people use something more secure. Also wonder how many of those are honeypots or something
You're definitely not how I expected you to look. You're smart and you could probably pull too yeshhhhh I need to step my game up!!!! Love the channel bro
The problem with Signals encryption is still that its protocol relies on server trust. The papers of the signal protocol are even mentioning that. So in the end I wouldn't heavily trust this protocol and applications which use it just because it's a wide used standard. I mean the most reason to use the Signal protocol is forward secrecy technically. However the end-to-end-encryption doesn't help you if you encrypt your messages with the key of an attacker... and the Signal server is a potential attacker in that case. Also even if the server would not be able to impersonate anyone, it could still drop messages and create a social diagram about you, your contacts and the amount of data you exchange. Metadata is pretty valuable on its own.
This is the real reason why i don't use signal cause all hackers have to do is attack server side instead of client side. there is no decentralization at all.
This is the most ignorant take I've ever seen written about the Signal protocol. Literally EVERYTHING you've said here is 100% factually incorrect. EVERYTHING. Signal's protocol doesn't "rely on server trust". THAT'S THE WHOLE POINT OF E2EE! You don't trust the server which is why the entire transaction is PRE-ENCRYPTED by the Sender on the CLIENT-SIDE, using the Receiver's PUBLIC KEY, before passing THRU the untrusted server where it's then decrypted CLIENT-SIDE, by the Receiver using their own PRIVATE KEY. For this chain of trust to occur, Signal utilizes the Diffie-Hellman key exchange protocol which has been thoroughly vetting by scores of math nerds, crypto professionals, & Alphabet agencies and found bulletproof, NOT requiring trust of any middleware servers! On top of this, they actually "ratchet" the encryption key for every single message going forwards. They use an ever changing ephemeral key for each sent message so breaking 1 key means only breaking 1 sent msg, not the entire conversation & no previous conversations. And you claim about Signal's servers acting as a MiTM is idiotic b/c the entire protocol & key exchange is designed to be completely SECURE WHILE THE ENTIRE KEY EXCHANGE IS BEING VIEWED IN PUBLIC by a malicious bad actor, or a malicious server. Also, to absolutely insure you're exchanging keys with the actual individual YOU THINK you are communicating with, Signal explicitly encourages you to perform the identity verification process OUT OF BANDS!!! - like IRL/face-to-face/or over a separate comm's channel where you can physically see each other & verify their identity during the key exchange. This ensures u aren't being catfished by some 57yo, white nationalist, pervert from Tennessee instead of your 17 yo high school bf/gf. In summary, your "claims" about Signal's servers acting as a MiTM and requiring trust by users is beyond stupid! As for metadata, of all the secure messaging apps, Signal probably keeps the least... and they're actively working on keeping less. Right now they don't know anything about you besides a random phone #, date & time of account creation, and perhaps the IP at time of account creation. They don't know your name, contacts (u CAN provide this for contacts discovery but it's HASHED!), address, email, social graph, picture, or anything else. Yes Signals knows the destination of the messages being send, but duh! It's like a physical letter... you need to write the destination address on the envelope in order for the Post Office to deliver it to the correct house/Signal acct. But Signal actually has written a white paper outlining how they are working to mitigate EVEN THIS. If you want the details, go look it up on Google if you're curious. And lastly, Signal is working to switch from a phone number based account registration to a User Name registration system for even more privacy. Yeah I know they've been working on this years, but they are steadfast in stating implementation IS GOING TO HAPPEN. It's not just talk. It's an active project that's happening. They're just trying to workout a feasible account recovery method that won't alienate 99% of Signal users who are Normies and have zero clue about offline backups, or writing down recovery codes, or even how to use a PW manager.
@Eric S. Yeah I don't know jack shit and even I know it's encrypted on each device lol I have to enter a pin everh so often to keep using the app. Not sure what happens if I don't enter it though.
@@tedkaczynskiamericanhero3916 In the end the encryption by itself does not matter if the protocol got weaknesses. For example Signal addresses missed messages by allowing your second devices or your contacts devices to retrieve messages after they have been sent already. For that matter you need to repackage them using their own encryption key. That means you will resend a previously end-to-end encrypted message again using a different key, potentially specified by an attacker if they are able to impersonate as a secondary device of your own or your contact. So how would they do that? Thing is that the device which actually authenticates your devices as belonging to your contact is the Signal server. Because your contact might not be in reach. So you ask the Signal server what your contacts devices are and which keys they use. The Signal server responds with something hopefully being the truth but you can only verify by comparing devices and keys with your contact via a third connection or physically. Good luck with that being a standard... This weakness is actually addressed in the white paper of the Signal protocol indicating that the protocol still relies on server trust. That is correct since end-to-end encryption does not prevent your device from encrypting the private information for the wrong person. Key exchange is the most important aspect in that matter and physical exchange is an afterthought at best by Signal. You can theoretically verify keys in Signal with your contacts. But most people won't do that. Also because Signal focuses on forward secrecy as much, keys change after each message ideally. If your have multiple devices, this scales horribly to verify everything properly. That is why I think neither Signal or the protocol should be thought of as the solution to privacy. It has issues. Physical key exchange should have priority in a messenger which aims for proper end-to-end encryption. Still the only popular messenger which visually indicates key verification without going to hidden menus is Threema. But even that won't help with metadata being an issue which should be addressed as I mentioned originally. I have read their white papers for that matter. I am working on developing an open-source messenger which does not require any personal information and which focuses on physical key exchange, having security in mind as minimum and building convenience on top - not the other way around. That is why I don't answer to an ignorant comment from Eric here. Just look up the GNUnet Messenger. It's fully decentralized. There's no requirement of personal information and no requirement of an internet connection either. If I'm wrong by requesting this as bare minimum for privacy, please tell me why I'm wrong. If the code I've written so far is broken, I'm open for corrections and fixes.
That's scary. Especially since most services these days require a phone number. I tried to get an anonymous email address recently and was surprised to see that I basically couldn't get one without giving them my phone number. We're so incredibly close to losing all privacy...
Gonna have to disagree with you on the bandanna advice. Best opsec is to be as unassuming as possible, so get a cheap medical face mask and only wear sunglasses near the middle of a sunny day while visiting stores that have large windows to the outside so you can plausibly say that the light bothers you. And for the love of god don't try to act clandestine about it. You're trying to look like an average shopper; not a leet hacker. Engage in relatable smalltalk so that if you're paranoid about the security cameras that if any security guard watches they'll only see a relaxed and smiling store employee and will subsequently treat you as a non-threat and ignore you. The more you look like the masses, the more you'll be able to fly under the radar.
So you do all that work to buy a cell phone anonymously, then the second you turn it on it's going to ping the cell towers and tell them "this IP is located at X longitude, Y latitude" which happens to be your house.
In my country "Pay as you go" is the same as the regular mobile subscription, both ways you need to provide id number equivalent of Social Security Number in US.
Guess which country is freer? By the way, sopa-de-macaco? Back in the day we didn’t have to have ID with pre-paid phones. Just buy a SIM for 15 bananas on the newsstand and use it.
I have Signal but like none of my friends and family want to go there except a few. They are like "you care too much about privacy" DUDE IT'S NOT THAT HARD TO JUST USE SIGNAL SO WHY DO YOU NEED WHATSAPP SO MUCH
@@Cookiekeks a lot private compared to whatsapp and telegram. There are some more secure messaging services out but most of the normies never heard of them. You can't use a messaging app just yourself. You need some people to text.
Great video! I have a request. Could you please do a video on buying/selling crypto while avoiding KYC sites? I think a few people might be interested in that.
I'm not largely into crypto but I don't think there's such a thing as a non-KYC online exchange simply due to the nature of how you're buying it- since you're using your bank or some other payment processor linked to your bank account, the exchange will always keep tabs on who is buying what. AFAIK the only ways to semi-anonymously buy crypto is either through some of the specialized ATMs or through ads on sites like localmonero where you buy them directly from another person, where they will totally 100% send you the crypto after you transfer them fiat and never scam you ever
@@jacobhinchliffe6659 I don't know what mm is but funnily enough today I learned that there is a P2P exchange called bisq which allows to trade crypto between individuals. The system is lacking real fluidity from what I've seen, but they do provide an escrow so that it's harder for either of the two parties to pull a scam, so OP might be interested in this one. I don't vouch for it though
wait, phone numebrs in usa aren't by law linked to you passport data? truly, the land of the free upd: this was a very cool and interesting video about american life. thanks, luke- i mean thanks, kenny!
2:34 you might not want to use them with a phone where you had a normal sim card, i heard that (at least in russia) they can track you even with a new anonymous sim since they have your phone identifier connected to your identity.
@@MentalOutlaw upto what point can the IMEI be read? Could they read the IMEI from packets exiting TOR and connect it to a phone connecting to a cell tower? I'm sorry if this is a really stupid question. I'm just now getting in to this
The only issue with this is IMEI and MAC addresses. Probably best to buy a dumb phone with your SIM, and don't even bother topping it up - you only need to receive confirmation texts. Once you begin using your "anonymous" phone number for calls and unencrypted texts/net, its not really anonymous anymore.
4:58 Thought you actually knew what I was thinking but I was just thinking I can't be bothered to go to the mall every month. Also I live in sweden and I don't think we can do that here.
Sorry to hear that, would it be possible for a German to travel to some other country in the EU which doesn't have this requirement, purchase a sim and phone with cash there, and return to Germany to use it?
@@MentalOutlaw I think that would be possible, but not necessary, there are people selling activated german sim cards from the time before ID was required. I also saw people selling UK sim cards on ebay I guess thats also an option
The only thing I noticed about him that irked me was that he does not 'believe' in coronavirus when it has, and is killing tons (literal physical measurement) of people. Also that he says his old laptops are more than enough, which is just flat out untrue when exactly when he is saying that, his chat is complaining about extreme lag and pixelating. That being said, he defiantly has some great thoughts for software and life.
I would actually recommend going to Walmart or some store like that, and buying the cell phone with the phone plan card there. It's what I used to do when I was a teenager
One potential problem with an "anonymous" phone like this is ultrasonic and infrared signaling. If you've got an anonymous phone and a non-anonymous phone and they're turned on while sitting next to each other, they can exchange low-bandwidth data using ultrasound. Similarly, if their IR sensors and cameras can see each other, they can pass data that way. If your anon phone spends all its time within ultrasound range of your non-anon phone, it will be pretty easy for any apps with microphone and speaker access to infer that they're owned by the same person. Smart TVs already use this technology, so it's pretty safe to assume everyone else does it.
yea but pay attention to the fact that on signal your phone number is public to everyone, on telegram instead is private and only used to create the account
I heard that Signal was working at nicknames, but really idc about signal, telegram, because session don't require number phone. And even if they would get rid of number phones, I still would be very, very skeptical and suspicious anyway. If someone didn't start with full privacy, then I assume they work for governments etc. Especially that I heard that USA/NSA was donating money to signal.
Well, at least you told people the truth and provided concise information. Still don't recommend anything other then signal though. (for mainstream users)
We make so many problems for application and software developers, claiming to have open-source codes for full transparency but still we don't care about our overpaid politicians and corruption when they should run their duty openly and transparently and maybe return to the society after 8-10 years of their public duty... There you go I gave you another topic to talk about.
In Mexico now theres a law that requieres an ID to buy a sim card or continue using your service, kinda shitty that isn't the first time the gov here do that :c
I dont know where we would be without cyber security drake helping us
torontos finest
@@asthmanaut3430 *massivetwoshits' finest fake humanperson (totally not a FED)
Who is drake ? Is it that music MentalOutlaw in Canada ?
WTF is drake?
@@pr0digy76 Nice one
Wow. This is some advanced deepfaking! He put on a bandana and a pair of glasses without noticable visual glitches! I'm impressed.
LOL come on, if this was Luke he wouldn't even TOUCH a mask/bandana. The aviators check out though
Yeah, tech in 2021 are amazing
He just pretended to put them on and added the 3d models later
Holy shit I've watched like 5 videos and I haven't noticed at all
@@OfficialpKIndustries look at his hands
Luke: "Don't use telegram!"
Outlaw: "How to use telegram"
controlled opposition confirmed
thank you @Xi, very cool
@@ChichaGad I dislike telegram, because it isn't, by default, End-to-end encrypted, and E2E encryption only works on "smart"phones. I don't own a smartphone, I couldn't even use telegram with E2E, if I wanted.
The great schism
@@LaZZeYT im in the same boat, all this anti compatibility bull crap is dumb and wouldn't be a thing if everything was open srouce
@@ChichaGad what if the russophobia is a hat trick to bring down all the dissidents between us when they start collaborating 🤔
I've had to question my own geopolitical sensibilities on this note because as much as I love RT America, it doesn't make sense that it's tolerated, and I've always been suspicious of Snowden because we didn't make a russophobic fuss over him and because he didn't tell us anything a hundred ignored whistleblowers told us before
man i found your channel like 1 weeks ago and you have already become my favorite youtuber
Wow, thanks!
I third this
I fourth this, you’re definitely a gem on youtube
Yup
Very true
Jesus, That's a nice minimalist gaming set up. Not even a monitor. I'm impressed.
blank walls and folding chair setup
idk about other countries but over here in the uk you can literally go to the store, pick up a sim card with some minutes and data already on it, pay with cash, go home, put it in a phone, recieve that one text you need from telegram or whatever and then just throw the sim in a drawer in case you need it later. this is what i did to make a twitter account after i got phone number banned, works like a charm
Here in the us it's the same
Also in Brazil, but they require you to register an I.D number before first use. But you can generate a fake one or search for one online. After not paying for a few months the number gets revoked and later someone else can end up using that number as well.
in Poland you have to provide an ID to write down the numbers to register any phone number
Just keep in mind the phone company may recycle your phone number if your account closes.
Don't even need a loicence or nothing
I can’t tell if the deep fake thing was a joke or not and now I’m questioning my entire perception of what I thought you looked like. And now everything looks like a deep fake
meds
@@AnonymousGentooman or... is it?
@@AnonymousGentooman For a tech genius like him, its PrObAbLe
it's a 4chan meme
wait so why was there one video where the background wobbled
When is the “mental outlaw walks about the woods” series coming?
Updoot this
@@sobot_ updooted
Doot!
up
Guess what??? IT HAPPENED!
7:15 When he said "60$ a month" my jaw dropped, and then I remembered that in the US phone plans are insanity.
60$ a month yeah thats way to much mint mobiles unlimited plan is just 30$
As someone who uses credit instead of monthly plan i use 10$ for 6months just because every 6 months i have to charge credit to keep the sim card active xD
@@Vitis-n2v Prepaid plan! One cent sim cards at the supermarket.
I live in France, my previous phone plan had unlimited calls and sms, and I paid 7€ per month. I now pay 10€ with the added benefit of being 5G compatible, and having 50GB more, totalling to 80GB.
@@ShiroIsMyName I live in Brazil and pay R$ 100(€ 16/month) for unlimited internet and unlimited voice for 1 month.
For those who don't know, session is a private messaging app that uses signal protocol on a decentralized network without requiring a phone number to register
Signal doesn't require a phone number to register either.
@@GeorgeWashingtonLaserMusket Signal requires a registered phone number to send messages. It's a messaging app. Requiring a phone number to function is the same as requiring a phone number. Stop lying by technicalities.
@@GeorgeWashingtonLaserMusketit does I think there changing it though
@@GeorgeWashingtonLaserMusket Oh? How about you point us all to the link that shows how to register on Signal without a phone number.
Yes, Session is the way to go.
While I had used Linux before, your videos are what got me into actually using it as a daily driver, instead of just a fun experience, or creating extremely custom distros for, hold your breath, *minecraft*, however, because of you, I now daily drive a arch linux i3 distro, with nothing but some shortcuts. Thank you!
what is gnu and what is distro
What do you use it for?
@@hardyzme I program, I run a startup, and I play Minecraft
Fun fact: if you back your chats up to icloud or google drive, your messages are stored in decrypted format. (Maybe the filesystem of iCloud or google drive is encrypted, but the messages stored are not)
Another fun fact: Homeless people are not per definition unemployed people.
Man phone Bills in the US are expensive, 60$ WTF
Yea, its crazy, in my country I pay 7 dollars a month for the same service
Depends on what you’re getting. Unlimited data?
@@FuckTheState unlimited calls, texts and data cost 20$ where I live
and you can cancel whenever you want
@@quisqueyanguy120 what country
@BIGFOOOOOT you mean you sign the contract and you get the phone for like 60 a month?
You’re just a gentleman. Thank you for your great work
proud to say after watching tons of these vids I am no longer a normie
the fact that you feel the need to mention it, yea you still a turbonormie...
Honestly you kinda do look like that Gigachad guy
he IS the gigachad guy
Privacy in the Current Year: Behave like a criminal
Saw a twitter post that said, "Telegram is used by 2 groups of people: furries and criminals."
This is the most true thing I've ever read off twitter
And crypto devs, I can't think of single coin that doesn't have an official Telegram group, even Monero has one.
my school uses telegram too lol
Covid deniers and anti vaxxers
if youre outside of the anglosphere and you use telegram, youre a furry, criminal or really edgy kid. in other countries like some places in europe telegram is more common
What if I told you my south american school uses telegram?
Element with the matrix protocol is quite good too!
I agree. Problem with matrix is that it's too hard for normies. That's why I like Signal, it's as simple as WhatsApp and any lowIQ normie can use it.
I convinced my gf to switch to element a few months ago. It took a few weeks for her to get use to it lol
Group calls aren't E2E encrypted yet which is a drawback
@severidad hard agree, I abandoned it when my friends didn't join but when I came back to it this month, I saw the rooms infested with foul bots and no activity - esp on the signal room. This will not take off for a while if this is the case.
mental outlaw matrix chat when 😳
I love it when people embrace a meme!
Meme?
@@ErikUden the beginning when he said he was Luke Smith. People joke that Mental Outlaw just steals ideas from Luke Smith.
@@Kodeb8 meme?
@@Kodeb8 Why would he steal from himself? 🤨
You actually think this is a joke? ... No. First off, there's no joke that mental outlaw steals ideas from Luke Smith. Period. That's not even an accusation. We have independently _CONFIRMED_ that this IS Luke's backup channel deepfake.
If you will use your phone #2 several times, especially near phone #1, then: it will be possible to link all your activity from all accounts, which use the same phone number; it will be possible to link your two phone numbers with each other (because of the same geographical coordinates).
You are totally right. If you can think of that... Big Data has probably thought of that as well... and implemented it.
Decided to try out telegram nearby groups and 2 of them were about weed. I live in the UK btw
Trust me. Not only the UK is affected. The features idea wasn't in my opinion a bad one though
Init?
Yea I was told that apparently that's a big thing on telegram, which makes me question why don't those people use something more secure.
Also wonder how many of those are honeypots or something
Coming from the wireless industry this is pretty accurate.
You're definitely not how I expected you to look. You're smart and you could probably pull too yeshhhhh I need to step my game up!!!! Love the channel bro
Luke smith posted today about why you shouldnt use telegram, just if anyone is interested
"once the employees find out im not going to rob them" had me rolling 🤣🤣
The point you make about masks is spot on. That's what I've been thinking this whole time.
The problem with Signals encryption is still that its protocol relies on server trust. The papers of the signal protocol are even mentioning that. So in the end I wouldn't heavily trust this protocol and applications which use it just because it's a wide used standard. I mean the most reason to use the Signal protocol is forward secrecy technically. However the end-to-end-encryption doesn't help you if you encrypt your messages with the key of an attacker... and the Signal server is a potential attacker in that case. Also even if the server would not be able to impersonate anyone, it could still drop messages and create a social diagram about you, your contacts and the amount of data you exchange. Metadata is pretty valuable on its own.
This is the real reason why i don't use signal cause all hackers have to do is attack server side instead of client side. there is no decentralization at all.
This is the most ignorant take I've ever seen written about the Signal protocol. Literally EVERYTHING you've said here is 100% factually incorrect. EVERYTHING. Signal's protocol doesn't "rely on server trust". THAT'S THE WHOLE POINT OF E2EE! You don't trust the server which is why the entire transaction is PRE-ENCRYPTED by the Sender on the CLIENT-SIDE, using the Receiver's PUBLIC KEY, before passing THRU the untrusted server where it's then decrypted CLIENT-SIDE, by the Receiver using their own PRIVATE KEY. For this chain of trust to occur, Signal utilizes the Diffie-Hellman key exchange protocol which has been thoroughly vetting by scores of math nerds, crypto professionals, & Alphabet agencies and found bulletproof, NOT requiring trust of any middleware servers! On top of this, they actually "ratchet" the encryption key for every single message going forwards. They use an ever changing ephemeral key for each sent message so breaking 1 key means only breaking 1 sent msg, not the entire conversation & no previous conversations. And you claim about Signal's servers acting as a MiTM is idiotic b/c the entire protocol & key exchange is designed to be completely SECURE WHILE THE ENTIRE KEY EXCHANGE IS BEING VIEWED IN PUBLIC by a malicious bad actor, or a malicious server. Also, to absolutely insure you're exchanging keys with the actual individual YOU THINK you are communicating with, Signal explicitly encourages you to perform the identity verification process OUT OF BANDS!!! - like IRL/face-to-face/or over a separate comm's channel where you can physically see each other & verify their identity during the key exchange. This ensures u aren't being catfished by some 57yo, white nationalist, pervert from Tennessee instead of your 17 yo high school bf/gf. In summary, your "claims" about Signal's servers acting as a MiTM and requiring trust by users is beyond stupid! As for metadata, of all the secure messaging apps, Signal probably keeps the least... and they're actively working on keeping less. Right now they don't know anything about you besides a random phone #, date & time of account creation, and perhaps the IP at time of account creation. They don't know your name, contacts (u CAN provide this for contacts discovery but it's HASHED!), address, email, social graph, picture, or anything else. Yes Signals knows the destination of the messages being send, but duh! It's like a physical letter... you need to write the destination address on the envelope in order for the Post Office to deliver it to the correct house/Signal acct. But Signal actually has written a white paper outlining how they are working to mitigate EVEN THIS. If you want the details, go look it up on Google if you're curious. And lastly, Signal is working to switch from a phone number based account registration to a User Name registration system for even more privacy. Yeah I know they've been working on this years, but they are steadfast in stating implementation IS GOING TO HAPPEN. It's not just talk. It's an active project that's happening. They're just trying to workout a feasible account recovery method that won't alienate 99% of Signal users who are Normies and have zero clue about offline backups, or writing down recovery codes, or even how to use a PW manager.
@Eric S. Yeah I don't know jack shit and even I know it's encrypted on each device lol
I have to enter a pin everh so often to keep using the app. Not sure what happens if I don't enter it though.
@@tedkaczynskiamericanhero3916 In the end the encryption by itself does not matter if the protocol got weaknesses. For example Signal addresses missed messages by allowing your second devices or your contacts devices to retrieve messages after they have been sent already. For that matter you need to repackage them using their own encryption key.
That means you will resend a previously end-to-end encrypted message again using a different key, potentially specified by an attacker if they are able to impersonate as a secondary device of your own or your contact.
So how would they do that? Thing is that the device which actually authenticates your devices as belonging to your contact is the Signal server. Because your contact might not be in reach. So you ask the Signal server what your contacts devices are and which keys they use. The Signal server responds with something hopefully being the truth but you can only verify by comparing devices and keys with your contact via a third connection or physically. Good luck with that being a standard...
This weakness is actually addressed in the white paper of the Signal protocol indicating that the protocol still relies on server trust. That is correct since end-to-end encryption does not prevent your device from encrypting the private information for the wrong person. Key exchange is the most important aspect in that matter and physical exchange is an afterthought at best by Signal.
You can theoretically verify keys in Signal with your contacts. But most people won't do that. Also because Signal focuses on forward secrecy as much, keys change after each message ideally. If your have multiple devices, this scales horribly to verify everything properly.
That is why I think neither Signal or the protocol should be thought of as the solution to privacy. It has issues. Physical key exchange should have priority in a messenger which aims for proper end-to-end encryption. Still the only popular messenger which visually indicates key verification without going to hidden menus is Threema. But even that won't help with metadata being an issue which should be addressed as I mentioned originally.
I have read their white papers for that matter. I am working on developing an open-source messenger which does not require any personal information and which focuses on physical key exchange, having security in mind as minimum and building convenience on top - not the other way around.
That is why I don't answer to an ignorant comment from Eric here. Just look up the GNUnet Messenger. It's fully decentralized. There's no requirement of personal information and no requirement of an internet connection either. If I'm wrong by requesting this as bare minimum for privacy, please tell me why I'm wrong. If the code I've written so far is broken, I'm open for corrections and fixes.
@@EricS-uf9mv100% agreed. These kids have no idea what they are talking about.
looking forward to the video of how to receive SMS verifications Like a Chad
"Once the employees figure out that I am not there to rob them"
Exactly my thoughts 😂 that's exactly how a thief would look
Not back then, it was normal to look crazy
Oh, how are your Luke Smith's deep fakes going? Also really nice video, thanks :D
Here in Australia, even on pay-as-you-go you need to register your sim with a drivers licence, passport or student id care (if under 18yrs).
That's scary. Especially since most services these days require a phone number. I tried to get an anonymous email address recently and was surprised to see that I basically couldn't get one without giving them my phone number. We're so incredibly close to losing all privacy...
Most of Europe too actually. Few years back, you could by them without registerig.
Since, obviously, a lot has changed, not for the better
@@whcw11- Australia has lost their privacy from big gov a long time ago, it's a nanny state.
Gonna have to disagree with you on the bandanna advice. Best opsec is to be as unassuming as possible, so get a cheap medical face mask and only wear sunglasses near the middle of a sunny day while visiting stores that have large windows to the outside so you can plausibly say that the light bothers you. And for the love of god don't try to act clandestine about it. You're trying to look like an average shopper; not a leet hacker. Engage in relatable smalltalk so that if you're paranoid about the security cameras that if any security guard watches they'll only see a relaxed and smiling store employee and will subsequently treat you as a non-threat and ignore you.
The more you look like the masses, the more you'll be able to fly under the radar.
Oh snap Jayson Tatum is smart just joking my first time seeing your face great content.
LMFAOOOOOOOOOOOOOO
So you do all that work to buy a cell phone anonymously, then the second you turn it on it's going to ping the cell towers and tell them "this IP is located at X longitude, Y latitude" which happens to be your house.
An actually good tip is to cover your ears, too, because some facial recognition have higher match rates when only the ears are given.
In my country "Pay as you go" is the same as the regular mobile subscription, both ways you need to provide id number equivalent of Social Security Number in US.
Guess which country is freer?
By the way, sopa-de-macaco? Back in the day we didn’t have to have ID with pre-paid phones. Just buy a SIM for 15 bananas on the newsstand and use it.
Use information, bud.
You look like an absolute chad with the sunglasses/bandana on. LOL
I have Signal but like none of my friends and family want to go there except a few. They are like "you care too much about privacy" DUDE IT'S NOT THAT HARD TO JUST USE SIGNAL SO WHY DO YOU NEED WHATSAPP SO MUCH
I dont think signal is very private
@@Cookiekeks a lot private compared to whatsapp and telegram. There are some more secure messaging services out but most of the normies never heard of them. You can't use a messaging app just yourself. You need some people to text.
@@garajimdakiejder2945 You're a retrade if you think Signal or anything asking you for a phone number is secure.
Session does not.
Unless you're using tele or signal for illegal shit you shouldn't care about privacy either. You're a nobody.
"Once the employees figure out I'm not there to rob them-" LOL
Thank you, I really appreciate your effort and detailed explanation. I'm only getting into knowing how to navigate this area so it was really helpful.
He looks like the NBA player Jayson Tatum holy
Digital Chad-face is getting really sophisticated these days.
6:35 you have become marcus holloway, welcome to dedsec
Great channel. Keep up the good work!
One of your best! right next to DTs ''GTA'' video.
Great video! I have a request. Could you please do a video on buying/selling crypto while avoiding KYC sites? I think a few people might be interested in that.
I'm not largely into crypto but I don't think there's such a thing as a non-KYC online exchange simply due to the nature of how you're buying it- since you're using your bank or some other payment processor linked to your bank account, the exchange will always keep tabs on who is buying what. AFAIK the only ways to semi-anonymously buy crypto is either through some of the specialized ATMs or through ads on sites like localmonero where you buy them directly from another person, where they will totally 100% send you the crypto after you transfer them fiat and never scam you ever
@@Assault_Butter_Knife I think there's a mm service
@@jacobhinchliffe6659 I don't know what mm is but funnily enough today I learned that there is a P2P exchange called bisq which allows to trade crypto between individuals. The system is lacking real fluidity from what I've seen, but they do provide an escrow so that it's harder for either of the two parties to pull a scam, so OP might be interested in this one. I don't vouch for it though
@@Assault_Butter_Knife middle man
man, I frickin love this content❤
The Telegram creator is a World Economic Forum dude
tech lead showed us REAL programmer chairs. folding chairs are sus, glowboy
There is no KYC here in the Netherlands on phone numbers so I might actually just buy a sim at a store using cash. So lucky for being able to do that.
They don’t ask ID in The Netherlands? Isn’t it obligatory in the entire EU?
@@node547 you do have to give information to your provider, note this does not apply to sim only subscriptions but only on prepaid
dude just dropped 50 on the wizards and comes back to do youtube videos
Make a video on beard grooming, because yours looks slick.
Deepfake.
This is the greatest tin-foil hat video by mental I have ever seen.
wait, phone numebrs in usa aren't by law linked to you passport data? truly, the land of the free
upd: this was a very cool and interesting video about american life. thanks, luke- i mean thanks, kenny!
@@javaman4584 wow
Once he put the sunglasses in bandana on I just started singing "let's get this party started" like I was in middle school again 😂
homeless people are opsec gods we need to take tips from the homeless
Plot twist: luke smith is his rendered bald version
My man looks like a metaverse character wtf
Outlaw turned into a gangsta in two steps
I would say a common flu mask definitely works better, it's hard to identify since everyone has the same one. Bandana would have patterns
I needed to see this. This is funny as heck!
In the Czech Republic we have credit simcards at the checkout in some larger stores, which is also quite anonymous.
2:34 you might not want to use them with a phone where you had a normal sim card, i heard that (at least in russia) they can track you even with a new anonymous sim since they have your phone identifier connected to your identity.
That is correct, you NEVER want to mix phones and sims because every cellphone can be uniquely identified with its IMEI
@@MentalOutlaw upto what point can the IMEI be read? Could they read the IMEI from packets exiting TOR and connect it to a phone connecting to a cell tower?
I'm sorry if this is a really stupid question. I'm just now getting in to this
The only issue with this is IMEI and MAC addresses. Probably best to buy a dumb phone with your SIM, and don't even bother topping it up - you only need to receive confirmation texts. Once you begin using your "anonymous" phone number for calls and unencrypted texts/net, its not really anonymous anymore.
You might, technically, have to use your “real name”
Luke?
4:58 Thought you actually knew what I was thinking but I was just thinking I can't be bothered to go to the mall every month.
Also I live in sweden and I don't think we can do that here.
In germany thats not possible. Since 2017 you need to videochat with someone and show them your ID with your face together to activate your sim card
Sorry to hear that, would it be possible for a German to travel to some other country in the EU which doesn't have this requirement, purchase a sim and phone with cash there, and return to Germany to use it?
@@MentalOutlaw I think that would be possible, but not necessary, there are people selling activated german sim cards from the time before ID was required. I also saw people selling UK sim cards on ebay I guess thats also an option
@@Cookiekeks Cool mal einen Deutschen hier zu sehen haha
@@wrng-i9f Ja :D
@@wrng-i9f The Deutschsprachegesellshaft was always there, only hidden within the Englischkultur of the internet I guess :v
In India you can't get a SIM card without an Aadhar Card (similar to Social Security number) 😭. Pay as you go or otherwise...
His fade is on the HIT!
Self hosted platforms. Thats the way of the future.
Didn’t realize Jason Tatum was so into cyber security
Damn didn't think you'd look like such a chad from the voice
Bro really said buy a cellular plan dressed up like a drill rapper
6:45 why am I laughing so hard
Missed opportunity for him to say Luke Smith
OpSec don’t forget to cover your ears 👂🏻 as those are readily identifiable by algorithms.... unique ear-print.
Please do a video like: "Why Luke Smith sucks"
(pro tip: there are none)
The only thing I noticed about him that irked me was that he does not 'believe' in coronavirus when it has, and is killing tons (literal physical measurement) of people. Also that he says his old laptops are more than enough, which is just flat out untrue when exactly when he is saying that, his chat is complaining about extreme lag and pixelating.
That being said, he defiantly has some great thoughts for software and life.
y would luke smith say that he sucks ?
@@BloodAsp the old X220 is enough for daily usage, trying to stream on it however... I don't remember him outright denying covid though.
@@BloodAsp He also recommend Brave which is a massive spyware
Can you give the name of your deep fake’s barber, cause damn that’s a nice haircut
I would actually recommend going to Walmart or some store like that, and buying the cell phone with the phone plan card there. It's what I used to do when I was a teenager
As soon as you said PII I got HIPPA compliance flashbacks
Me: can buy as much Sim cards as needed cuz country doesn't need my documents for that
One potential problem with an "anonymous" phone like this is ultrasonic and infrared signaling. If you've got an anonymous phone and a non-anonymous phone and they're turned on while sitting next to each other, they can exchange low-bandwidth data using ultrasound. Similarly, if their IR sensors and cameras can see each other, they can pass data that way. If your anon phone spends all its time within ultrasound range of your non-anon phone, it will be pretty easy for any apps with microphone and speaker access to infer that they're owned by the same person. Smart TVs already use this technology, so it's pretty safe to assume everyone else does it.
The rabbit hole goes deeper
yea but pay attention to the fact that on signal your phone number is public to everyone, on telegram instead is private and only used to create the account
I heard that Signal was working at nicknames, but really idc about signal, telegram, because session don't require number phone. And even if they would get rid of number phones, I still would be very, very skeptical and suspicious anyway.
If someone didn't start with full privacy, then I assume they work for governments etc. Especially that I heard that USA/NSA was donating money to signal.
Well, at least you told people the truth and provided concise information.
Still don't recommend anything other then signal though. (for mainstream users)
Step 1: Be Mental Outlaw 😎
Exactly, bro, I love facemasks anything to put the F#$ks to facial recognition. Love the channel(s)...
In my country it is impossible to get a new phone number without presenting a government-issued ID card.
What county?
@@Samer911 East Asian here. This stands true for me as well.
some dystopian hellscape
Same in Germany
Kenny is Yin to Luke's Yang
We make so many problems for application and software developers, claiming to have open-source codes for full transparency but still we don't care about our overpaid politicians and corruption when they should run their duty openly and transparently and maybe return to the society after 8-10 years of their public duty...
There you go I gave you another topic to talk about.
Omg my mom is on that shit it’s so annoying
Anytime I go outside I wear mask, hat, and sunglasses. Good luck trying to recognize my face.
They can analyze your body movement too, that’s why mask mandate - to setup the better ai recognition
@@Raccoonov i doubt that im pretty sure the only people doing that rn is china
@@killertigergaming6762 for now
Bro. If you walk into that phone store like that😂
"Trust me bro, I ain't robbin' ya blind!" ha-ha-ha
How do you have enough time to make these videos while playing for the Boston Celtics?
He do kinda look like Jason Tatum Lol
@@CAPITAL202054 and he lives in Massachusetts
Stunning beard bro
It's hiding a lot of secrets. lol
6:20
If I walk into a store looking like that, I’ll be shot on site
Post notifications on time, nice
The deepfake went from an NBA celeb into CJ from gta
I would like to stress that I watch this out of purely legal reasons.
here in germany your ID gets photographed by the employee and sent to the gov together with the info of the sim card to activate it.
Time to move.
Get a fake ID
1984
In Mexico now theres a law that requieres an ID to buy a sim card or continue using your service, kinda shitty that isn't the first time the gov here do that :c