I just tried the app via the US App Store and it requires you to verify through SMS before use. This means that it’s neither anonymous nor fit for use in a disaster zone.
Good example of software that would be better if open source.
Hi! You can skip the SMS verification step, which is how thousands of people have used it after earthquakes and hurricanes :) we also have an SDK so that developer can create their own app and make it work however they want.
Considering what others have described here to skip verification, you have used a dark pattern to force users to resort to SMS verification, endangering all those thousands of users you/your company claimed have downloaded the app in Hong Kong. This dark pattern would also inhibit or reduce usage during natural disasters unless you place a “Skip Verification” button that’s as prominent as the one for SMS verification. You could explain to the user the benefits or disadvantages of both on the same screen.
Having seen FireChat, another closed source mesh network app that allows people to sign up without giving a phone number, there’s no reason for me to recommend your app or even for me to try it.
Apparently you need to fail verification a few times before it'll present the option. I kept giving it bogus phone numbers and eventually a "skip" button appeared.
It's likely because of those dark patterns that they can use it in the first place given how walled garden app stores treat apps that do allow for actual anonymous or distributed messaging systems.
I wouldn't either, but it would seem that HKers don't have many options at this time. Hope more are identified and that there aren't malicious intentions with this current one.
How is that a dark pattern? It's better if you do verify, so you can see your contacts and others can know it's you. If that fails, then we offer to use the app without verification.
Briar is definitely far superior. However, one major drawback is that it is not cross platform. This alone means it won't gain traction in the Hong Kong protests, unfortunately.
I had the same experience and was disappointed. But a good mesh app is inherently difficult to monetize!
Combining mesh over some/several form(s) of 802.11, Signal protocol public key distribution "locally" via QR code, and Delay-Tolerant Networking (Cerf et al. 2007) would be the holy grail (and would have no reliance on SMS or phone number) and also could not be monetized. Which is a damn shame, because it's eminently technically feasible, but complicated enough that I'd probably need a professional team to implement.
Most businesses do not care about the technical details of the platforms they use. Look at adoption of the PSTN (centralized) & Email (federated and interoperable) among businesses, they migrate to where their customers are most reachable.
Next step, Chinese intelligence hacks their database of verified phone numbers. Anonymity over. Having the resources of a nation state, they could probably do it easily.
If they were doing E2E encryption, that would not be a problem. Broadcasting to find the right recipient (the one with the decrypting key) but contents protected from everybody else.
If you can meet once physically, there is nothing better than that to exchange your public keys. That's why hackers meetings are "public keys signing parties".
I used a simple mobile "burner" and was fine to authenticate. I bought bunch of $5 cards with cash in a small store and used this one in my dumb flip phone bought on a flea market few months ago. I am certain to a high degree that's pretty enough setup to stay under radar.
yes of course, but if the burner and your real phone establish any kind of pattern it will be obvious after the fact to anyone who can analyze the records.
This kind of device matching can be done across any of the carriers or their MVNOs, all of them give up the data when asked by a government entity. Many tower locations will even be identical across carriers, making the matching even easier.
Also this correlation could be done with stingray towers without bringing the cell carriers into the loop.
It may take longer to get enough samples to filter out unwanted user associations but if you have all the data points from every tower retroactively over ~10 weeks of protest it's going to be difficult to hide.
I don't think gp here is in china, but rather just offering their procedure for acquiring a burner phone.
Just to clarify - I have nothing to do with HK or the riots going. I am just stating that I was able to use my somewhat "burner" setup to register the App. What happens after that is whole different story.
this is why you remove the battery of the burner until you use it. remove the battery and sim of your compromised phone
relocate yourself install sim and battery of your burner
If the legit phone goes off while the burner is on that's a pattern.
If the legit phone goes off and (travel time / distance) elapses before burner appears (travel time / distance) away from the last legit ping that's a pattern.
If the legit phone and burner phone hit the same towers at the same time more than 3 times that's a pattern.
If the burner phone spends most of the time off (battery out, faraday cage etc) then the times it does connect are even stronger signals.
You need to generate a ton of "noise" data where both phones are hitting different towers at the same time on a constant basis; and never being together. Maybe mailing the burner phone on a regular basis between isolated locations that the real phone never goes to?
Cell tower data is incredibly powerful for tracking people.
Is this baked in to the infrastructure so you can be located or baked into the phone so you can locate yourself? If the former, I would have expected more concern?
"I would have expected more concern"
From the public? Everyone carries a phone, pretty much everyone is on Facebook. Given a yes/no box to tick you're going to get a lot of "yes" to "do you think you should have freedom from being tracked", but given a choice of what hardware/software to use people are going to pick the ones which everyone else is using, so that they can contact them. Next to nobody is going to stop at 4g because 5g has a higher granularity of location awareness.
the still detectable pattern depends on how often you use your phone or make the switch. its not a pattern if its done over days or if you even leave a phone cached in a special place such as a geocache so it can be swapped by someone else for a different burner.
It's required for emergency calls to quickly enable routing of said emergency call. They work even with no SIM or IMEI in the phone in some countries, though most western countries are starting to require SIM cards due to abuse (SWATting).
Yes, but people typically want addresses to be identifying to _somebody_ otherwise they're not actually all that useful.
If I am Alice and know Bob, I want to know Bob's address. Using the cell phone number, an address I already have for Bob, solves that problem. Verifying the number via SMS provides some reasonable (but not ironclad) guarantees that it actually is Bob.
Yes, as an address scheme, it prioritizes convenience over other things. If you want wide acceptance, that's a requirement. Wide acceptance can be useful if you need to adopt something in a hurry and you didn't think to set up something in advance. It's also great because it isn't exactly great opsec to look different from the crowd, and using Tor is a giant "HI I AM DOING CRIMES" beacon to the world.
Signal is really three things with the same name (four or five, if you count the foundation and/or the LLC):
1) The Signal protocol, which can have multiple implementations (WhatsApp, Facebook Messenger and Skype all use it),
2) The Signal client and server, which are open source, and
3) The Signal service operated by Signal Messenger, LLC.
You can use either 1 or 2 to implement a system that doesn't require a phone number to use. Wire, for instance, is a messenger that has adopted parts of the Signal protocol and the Signal source code. [https://github.com/wireapp/proteus/blob/develop/src/internal...]
What you can't do is change how the Signal servers operated by Signal Messenger are operated, or refer to your own client/server using Signal trademarks.
For all practical purposes, "Signal" being open source hasn't made that happen. As for Wire, yes, I know about its origins and I use it too, but even Wire had disagreements with Signal on using the protocol and finally managed to settle it (this is from 2016, so take it for what it's worth). [1] Wire is also focusing more on paying users and businesses and building features exclusively for that market. So the free tier is no longer a great place to be in.
Good example of software that would be better if open source.