This article is just facepalm… Signal is just as much taking your contacts hostage as Whatsapp is.
And if most of their contacts are on Fb messenger at least there is a chance it can be reasonably bridged to XMPP or Matrix, which is really much harder for e2ee encrypted apps that don’t allow 3rd party clients like Signal or WhatsApp.
Edit: I would downvote, but at least the final conclusion is agreeable.
So you would rather have your messages be readable by Facebook that have to work a bit more to get your setup working with Signal. Setup that is only used by 5 people on the planet?
e2ee encrypted apps that don’t allow 3rd party clients like Signal or WhatsApp
Because FB messenger does? Everyone I know that uses a bridge to use messenger tell me that they spend a huge amount of time dealing with Facebook trying to ban bots…
I don’t disagree, but there is the theoretical approach and the pragmatic one. In a “world” where everyone but you uses FB messenger, it is good that FB messenger is somewhat easier to bridge to.
But not everyone uses Messenger. I have been able to convince many of my friends and family to switch to Signal.
Hello all, thanks for the comments and the feedback!
After publishing the article, I have also taken a dip in Matrix and I’m considering this choice too. Of course, federation/interoperability is the way to go in the future.
In general, I’m not the person that cares 100% about privacy. I mean, I can give up some privacy to get better features. But, I care about choice and I care about freedom of choosing how much privacy I want to give up.
That’s the main point I tried to address, and how I am not free to choose given that my contacts use Messenger, and I can’t persuade them easily to move away from it.
It’s an app that implements changes based to what its community wants, it’s an app that can care about your opinion and your choices.
i take exception to this comment. signal is an app that changes based on what moxie (and signal foundation) wants, not necessarily what the community does
deleted by creator
The only way to change the situation is to force those social networks to use their powers more responsibly. Europe’s GDPR law with its right to data portability is a step in the right direction, but it’s not enough. I believe we need more to regain our right to choose what services we use.
I wouldn’t bet much on these laws, because it’s the same EU that’s drafting bills for lawful access to encrypted data - https://www.cyberscoop.com/encryption-europe-tutanota-protonmail-threema-tresorit/
The adoption of the encryption resolution in the European Union does not affect the landscape for encrypted services in Europe immediately, as the resolution is non-binding. But its adoption suggests a “shift in tone and puts pressure on the European Commission to propose anti-encryption legislation in the near future,” the encrypted email service provider ProtonMail has argued.
After portability, we need to discuss about interoperability, which in this case is the ability to contact people that are are using different chat applications than the one you are using. The way email and SMS already work.
I don’t see a possibility for this in Signal, at least as long as Moxie is there pulling the strings and here are his views on federation - https://signal.org/blog/the-ecosystem-is-moving/
When someone recently asked me about federating an unrelated communication platform into the Signal network, I told them that I thought we’d be unlikely to ever federate with clients and servers we don’t control. An open source infrastructure for a centralized network now provides almost the same level of control as federated protocols, without giving up the ability to adapt. If a centralized provider with an open source infrastructure ever makes horrible changes, those that disagree have the software they need to run their own alternative instead. It may not be as beautiful as federation, but at this point it seems that it will have to do.
Signal is US based i dont know why people are putting to much trust on it…
deleted by creator
Thank you, while I would like to see several changes (including a new audit) I don’t feel the underlying tech is invalidated by their server location.
Obviously people are opinionated (more so now that user bases are somewhat easily swayed post-WhatsApp awakening, it seems to me) but I too feel there are several reasons to still choose Signal.
I guess you can make a case that Signal is just as centralized as many other messaging services too, despite it’s many notable security features. And iirc, WhatsApp is basically a fork of Signal minus some features and tighter integration with Facebook.
Whatsapp is no signal fork at all
They just implemented the same cryptographic algorithm, the app isn’t open source or trustable
You’re right. Was reading into it’s history…
WhatsApp is basically a fork of Signal
No, WhatsApp implements the Signal protocol, but that’s it. Their entire codebase is proprietary (and their implementation of the Signal protocol is too).
deleted by creator
It is a non-standard XMPP with a later added encryption scheme outcontracted to Moxie and likely similar to what Signal uses / OMEMO is.
that is the main reason why is suspicious to exist in USA…
Federation is not a thing in Signal. Funny how America preaches FREEDOM™ to everyone and Americans take it away in their software.
That said as avalos points out, the metadata encryption, audited encryption (also used in Conversations in OMEMO, as Megolm in Element (Matrix) and as Proteus in Wire btw), and all this being transparent and verifiable via open source code is a good reason.
Encryption does not work based on server location threat like 14 Eyes. I feel I have a say on this as someone who teaches threat modelling to many people besides having a hard stance against 14 Eyes proprietary technology.
Elon Musk’s tweet is not an indication of Signal being a honeypot. He simply capitalised on more fame, as his so called science poster boy reputation has taken a massive hit after tweeting “we all know who owns the media” and “we will coup [Bolivia for lithium]”. He likely has a certain political leaning and to anyone who is not living in a cave, can figure out his audience. He is pushed by the American military industrial complex as the science poster boy of USA, and USA projects their marketing icons onto the world as we know, which Musk is failing to be, as the world starts to wake up against America’s nefarious doings in small ways.
The last part is a bit political but this is what is going on here.