Would love having a signal, matrix or telegram group tbh :) Would probably be safer than to talk about it here. Especially if it's breaking the instances rule 1...
this post was submitted on 26 Aug 2023
10 points (100.0% liked)
hacking
43 readers
1 users here now
Join the Hacking Community at lemmy.world π₯
Explore a vibrant hub dedicated to in-depth discussions spanning the entire spectrum of hacking. Whether you don the cap of a Red, Blue, Purple, White, Gray, or Black hacker, you're invited to:
- π° Dive into the latest hacking news and trends
- π Seek assistance for penetration testing challenges
- π» Collaborate on crafting ingenious exploits
- π€ Connect with diverse hackers and enthusiasts
Unite with like-minded minds to dissect, debate, and develop across the ever-evolving landscape of hacking. Your expertise, curiosity, and unique perspective enrich our shared exploration.
Together, let's push the boundaries of hacking knowledge!
Session Chat ID: 05fefb1a9db94ea17c04d2978b5168f53419d984b6d9cc520bdfe1cd0dd6785a26
Session Chat QR Code
Session chats are limited to 100 users. If we get close to that limit, I will host a community for us to allow unlimited users.
Note: We are working on a wiki that will serve as a repo of the best hacking tools and knowledge. If you are interested in assisting with the wiki, or would like to be considered for a moderator position. Send a message to couragethebravedog
founded 1 year ago
MODERATORS
I am not sure that groups would be made like in telegram or matrix for the public to use in Signal until the username feature gets released.
Signal has usernames, they are linked to phone #s though which is signals 1 drawback. Session works similarly to signal except every user is anonymous. Telegram could be used but I just don't trust them. If it's what the community wants though, then it's what we'll do.
I am pretty sure I've seen a comment in GitHub say that you can optionally hide your phone number now that the username is going to be all you need. The username format will be basically like Discord's "old" username system.
That's fantastic. I found some more info on the feature: https://signal.miraheze.org/wiki/Usernames
Yeah that. I am surprised you were able to find such a good detailed wiki about Signal. Never saw this before.
I just used Boolean operators and looked for "Signal" "username" or "usernames". Then that was in the results.
"Usernames arenβt shared on your profile". This means that while people can use your current username to start a chat with you if they know it at that point, people can't see your past, current, or future usernames.
This link is not based on your username. Rather, it will contain a (random) UUID (not the account UUID, ACI, or PNI) called a username link handle that simply points to your encrypted username stored on the server. Since the username is encrypted (by your app before uploading it to the server to activate the link), it is likely the link will also contain a (random) key to decrypt the username (this key does not need to be submitted to the server). As such, this link can be created, updated, and deleted independently of your username. This means it may be intended for use as a temporary, throwaway link that you can share with someone without revealing your username or its hash directly (it will only be revealed to them once they look it up). When you delete the link, it can no longer be used to look up your encrypted username and hence contact you in any way and is thus rendered completely useless.
This is amazing. Seems like you can be "anonymous" to the one you're talking to without revealing your username or your phone number. Though someone that can access the API to get the encrypted username via the UUID in the URL from the server will be able to decrypt the username using the key in the URL. Am I right?
Lemmy is not private and tools already exist to try and identify lemmy users.
What kind of tools? Can you elaborate further?
I can't find the link to the tool I found the other day. It looked at things like most active user post time and would try to discern things like the users time zone, county they are in, etc. It was a fediverse version of Reddit investigator. If I find the link I'll update the post with it.
Okay, thanks.