JUST PUBLISHED: press release from the Paris Judiciary Tribunal, laying out the specific charges against Pavel Durov.

These all appear to be France-specific charges, nothing to do with the European Commission.

Worryingly, this seems to be a “throw everything and see what sticks” situation. Such charges could be brought against Signal or any other encrypted messenger.

The inclusion of cryptography-related charges is especially troubling, as it suggests an attack on the fundamental security technologies that encrypted messaging platforms rely on.

This confirms my worst fears and means that this must be fought, hard. They’re going for a precedent.

If these charges lead to significant legal actions or convictions, it might embolden other jurisdictions to pursue similar cases against other encrypted messaging platforms like Signal. The implications could be far-reaching, potentially challenging the very legality of providing end-to-end encryption without compromising user privacy.
Just in case I wasn’t clear: this is not just bad; this is the worst possible situation. This is a five alarm fire, and we need to organize, fast.

Signal is now encouraging random people to run their own Signal proxies to help users access it in countries where it’s been recently censored, such as Russia.

Anyone done any analysis on how much data a malicious proxy run by, say, the Russian government, can harvest on users? Oh God. It's literally a Docker image that runs an nginx proxy:

Signal's blog post encourages people to discover proxies through social media through #SignalProxy hashtag, thereby opening up discovery to as much social engineering as you can imaginegithub.com/signalapp/Sign…

🧵 OK. In light of CrowdStrike's EDR causing the world to end, let's talk about why EDR (Endpoint Detection and Response) solutions are mostly bullshit. They're marketed as the ultimate cybersecurity solutions, but the reality is far from the hype. 🧵 2/ Big companies are buying thousands of these licenses, deploying them on employee laptops and server hardware. It's not just voluntary; sectors like banking are often forced by regulations to implement these solutions.

"Signal needs your donations"

Signal, a 510(c)3 nonprofit operating under $50M loan (not grant, loan) from WhatsApp co-founder Brian Acton, paid its top developers and executives, on average:

- $650,000/year in 2021,
- $464,000/year in 2022.

Signal really needs our donations!

Note that that's $650,000/year average per top developer or executive, not total!

How are these nonprofit salaries? How is this a responsible way to manage a nonprofit that's propped up by loans and begging for donations?

Wrote an explainer for goodwrite.app (click on "Learn more") "Inharmony warning"

Apple distributed an internal memo today which referred to pushback against its new content surveillance measures as "the screeching voices of the minority." I have nothing to add. If you too want to be part of the screeching voices of the minority, sign the open Apple Privacy Letter: appleprivacyletter.com

2021: Child safety
2022: Terrorist recruitment prevention
2025: Firearm regulation enforcement
2027: "Combating misinformation"

apple.com/child-safety/ Spending this weekend debating whether I'm switching back to Windows or Linux