Ulitmately, the user is responsible for their own security. You cannot entrust this with the service operators.
  • There is no way of proving that the software actually running on SN servers is the one that's on GitHub, and not a forked version that FBI made them run. (You can only theoretically verify the client yourself.)
    • Does it make sense for you guys to have a canary page? @ek @k00b
  • If you want to use multiple identities and hide that fact from the service, use a different Tor/VPN exit node for each. Use separate browsers or browser profiles too, to avoid fingerprinting.
  • ALWAYS assume someone (could be your ISP) logs your IP and the fact that you connected to this or that website.
  • Be conscious of "social fingerprinting" - activity hours, writing style, tipping patterns.
10 sats \ 0 replies \ @ek 22 May
Does it make sense for you guys to have a canary page?
Yes, it's planned
reply