Please, please, please consider organising off Facebook. Really. It's not snobbery. It's really dangerous to people who use their legal names to use Facebook for organising.
@h what do you mean by organizing? Posting or using i.e. the groups for coordinating things? What is the worst case you see, if staying engaged? And what about Twitter?
@Manuela @h By organizing on Facebook or Twitter, anyone with sufficent cash or at a federal agency can issue a single subpoena and get a total view of the conversations, IP addresses and potentially full identity of the participants, in the case of federal agencies they don't even need court approval or oversight for an administrative subpoena.
A mailing list provides more anonimity and makes it harder to get a total view (due to multiple mail providers), let alone organizing on Signal or Mastodon.
We all know what the issues are, though. Facebook has the user base, features like events, etc. Organizing is best done offline, but there is no better platform for boosting that I'm aware of rn
Ok, not best, but adequate. Like I said, organizing offline is best, but do you have suggestions for platforms that can replicate the functionality of Facebook for organizing purposes?
@derpayatz There is no single ideal system, but here's a couple of ideas:
1. Riseup.net (their services can be used for free, but you are encouraged to support the hard work they do)
2. Self-hosted Loomio (You're still at mercy of your ISP of choice, but *you* have a choice)
Even though I don't recommend it, and it's clearly also potentially dangerous, organising via Twitter has been ten times safer over the years than Facebook.
Using FB is the absolute worst of the worst. ** Really **
Have we been using different definitions of organizing? I use Signal, and I've used Riseup for some things. I use mailing lists (and oh boy are those easy to compromise). But what should I use to, for example, publicize a fundraiser? Aside from word of mouth, flyering, etc, which I also use? I know literally zero people locally who are on Mastodon, and I need to be able to reach mass audiences.
@derpayatz I don't know what are your definitions. This may be helpful.
It's possible you're thinking more of activism or mobilising
@derpayatz And please, don't insist with 'adequate'. I'm not interested in any more excuses for Facebook.
If you're genuinely interested, please read all toots in this thread and please do your best to acquire a more informed belief. Thank you.
Thanks for all the detaills. I also try use signal, mailing listes, owncloud, etc. and more recently mastadon, and in some cases even only face to face conversation. but I am still connected with most people via facebook and I want to stay connected to this crowd. so I still keep doing announcements on facebook, but internal organizing, discrete stuff on channels more aligned with my values. though I wonder, if they are really much safer...
@h @tbeckett @Gin @artemist @Manuela The goal is to mitigate the threat model of a bad actor compromising one central host to gain a total view of a group that's being organized. With Signal, you'd have to compromise most endpoints, Mastodon would require compromising the federated servers, and email has muxh the same threat model as Mastodon. Best to organize on Signal with disappearing messages if possible.
The Wire app is very similar to Signal but it's important that it's really open source, and SMS authentication is optional with Wire. Signal forces you to authenticate using SMS when you sign up, which in turn is operated by another US corporation, Twilio.
Wire still has some other problems, and it could be bettter if it were audited and if it supported a decentralised model, but at least we can peek into their code.
Other considerations from a legal point of view: The Wire application services are operated by a German company under EU law. Whisper Systems' Signal is from San Francisco and governed by US and California laws. Your protection and defensibility will greatly depend on the availability of legal resources to you under your particular jurisdiction.
Unless you're outside both the US and the EU, in which case you're probably fucked no matter what.
@Manuela @bob @h @mastodan @artemist @Gin @tbeckett If you and your contacts are on Android (not implying an Android phone is a secure platform), I'd probably recommend using Conversations, ideally with carefully chosen servers.
@Manuela there's not one single "most secure tool", and they're definately isn't a "best tool". It's going to depend on:
Who you are communicating with: if they aren't extremely technically competent, then if they can't figure something out, they're going to switch to something very insecure, like SMS
Who your attacker is: the NSA can do a lot, annoying teens, not so much
How much the attacker cares: the NSA might not care about what you're doing more than anything else
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!