Not just Meta, all proprietary software can't be trusted. Apple, Microsoft, Google, you name it. If they claim "privacy" and "end-to-end encryption" without code auditability you must assume they are lying and the device is compromised. Do not be fooled into thinking you are private with Signal or SimpleX on an iPhone. The private keys are still held on proprietary software. You are still compromised. GrapheneOS or similar FOSS Operating Systems of mobile ONLY.

Well, in the case of Whatsapp, I remember them stating fairly plainly that their encryption protected against outside attacks, they themselves would still be able to read everything and via the Patriot Act, so would every bureaucrat in the Western World. I've stopped using Whatsapp in 2018 and have since regarded anyone still using it as living rather dangerously.

Oh ffs!

Well said. Encryption that doesn’t protect you from the platform or the state isn’t real privacy.

My guy @ManyKeys would like to have a word with you about firmware and ensuring your physical hardware isn't compromised. not clear how that is done exactly, so we might be fucked.

For desktops/laptops your best bet is

Libreboot – Free and Open Source BIOS/UEFI boot firmware

Libreboot – Free and Open Source BIOS/UEFI boot firmware

Libreboot – Free and Open Source BIOS/UEFI boot firmware

the fastest one you can get is an i5 Thinkpad T480. Ideally flashed by yourself and all that.

system76

for modern computers. Coreboot firmware with ME_cleaner, but with weaker ME disabling guarantees than libreboot. I wouldn't put my most sensitive stuff on these, but a great use case for something like QubesOS where you need lots of threads to maintain performance. Phones are mostly a lost cause until we can get free and open source firmware SoCs. GrapheneOS has great privacy guarantees on a software side, but the Titan chip is a major black box, same with the modem and the SoC as a whole.

Note too that when you get into firmware backdoors, you're getting into expensive targeted attack territory. Mainly with compromised trusted execution environments and trusted encryption chips. Passive surveillance is nearly impossible at this level and thus, for most threat models, a spyware free Linux distro and GrapheneOS is more than sufficient for extremely strong privacy guarantees for most. If you're hiding thousands of Monero from state actors then you're going to want Libreboot + Kicksecure live mode + Veracrypt hidden volume for wallet files or something similar. As your threat model decreases you can compromise on these measures.

Honorary mention to puri.sm too they also have similar offerings to system76.

Libreboot/Dasharo is the only viable option from what I was able to find. Only Intel ME can be neutered; AMD, Apple Silicon or mobiles not possible. You can buy ME neutered laptops, desktops and/or servers here

shop.nitrokey.com

Products | shop.nitrokey.com

Unfortunately so many people use it

👀 Doesn't prove anything, but wouldn't surprise me at all. Use #Signal. It's never too late to ditch #WhatsApp. View quoted note →

Even if they win this case in certain countries, jurisprudence will twist a lot of citizens of poorer countries, who will not win against them. Their banks will surely use their chats to steal from them under the name of income tax fraud, pending payments, mortgages, loans and other crap. Things will get a lot worse before they get better. Fuck WhatsApp, fuck the Oligarchs 😡 View quoted note →

We've known this for a while Ser. I know because my mother literally gets Facebook adverts on things that were mentioned in WhatsApp text messages.

I also hate nowadays that when I receive a WhatsApp my keyboard wants to reply itself, like wtf 😒

Why would you be wasting your time there?

Encrypted, but they have the key tol

"yeah so if you ever need info on people at harvard just ask, they "trust me", dumb fucks"