• @[email protected]
    link
    fedilink
    English
    73 months ago

    Personally since I read this, I stopped recommending Signal. In this article among other things they say:

    To keep Signal a free global communication service without spam, we must depart from our totally-open posture and develop one piece of the server in private: a system for detecting and disrupting spam campaigns.

    I also saw a video where Moxie was a speaker defending centralization not only for Signal, in general, and I don’t agree with this approach. (I think it was this one 36c3 Moxie Marlinspike: The ecosystem is moving)

    • @[email protected]
      link
      fedilink
      23 months ago

      I see where this is coming from and I personally prefer Matrix because of that but I must recognize that while I disagree with Moxie on some things he has a more pragmatic approach that has merits and probably has this position for good reasons that do not come from an evil/corporate plan. He wants people to use secure communication and he proposes compromises between security and ease of use (without which no one will switch, making general communication worse).

      I still recommend Signal. To my geekier friends I recommend Matrix. But all in all, I consider Signal is still fighting the good fight.

      • JackbyDev
        link
        fedilink
        English
        4
        edit-2
        3 months ago

        I’ve said it before and I’ll say it again. Signal is in the perfect niche of privacy and usability and, sadly, suffers for it. Privacy enthusiasts don’t think it is private enough and “normies” (for lack of a better term off the top of my head) don’t use it because there aren’t enough people using it or it just isn’t fun enough. Meanwhile, it’s insanely trivially easy to install and register and it works like a normal message app.

        Edit: ironic that I accidentally triple post a comment that starts with “I’ve said it before and I’ll say it again”

    • @[email protected]
      link
      fedilink
      1
      edit-2
      3 months ago

      I agree with you but I think that signal was built as to not trust the server either way.

      • poVoqM
        link
        fedilink
        33 months ago

        That’s what they like you to think yes. But it is only the message content and not the various forms of metadata that is protected by their encryption scheme.

        • @doodledup
          link
          1
          edit-2
          3 months ago

          It’s also the metadata. Profile and contact discovery is also private. I don’t think they have anything except your IP.

          • poVoqM
            link
            fedilink
            13 months ago

            Seal sender is a nice idea, but since you can easily run timing attacks on centralised infrastructure it is pointless for Signal, or rather you have to trust them that their infrastructure is not compromised.

            They also store device ids for push notifications via Google/Apple.