• @pressanykeynow
    link
    English
    -43 months ago

    That’s incorrect, their client is opensource, you can check their e2ee yourself.

    • Todd Bonzalez
      link
      fedilink
      English
      -53 months ago

      The encryption algorithm may be open source, but they rolled it themselves. It is proprietary encryption.

      • @pressanykeynow
        link
        English
        73 months ago

        Again, it’s not, go to their github, check the code of the client, compile it yourself, and make a reproducible build to check that the client they ship to your phone is the same. You are talking nonsense.

        • Skeezix
          link
          English
          63 months ago

          Todd is a known bullshitter

        • Todd Bonzalez
          link
          fedilink
          English
          -2
          edit-2
          3 months ago

          You’re not getting what I’m saying, because you don’t understand what “proprietary” means in this context.

          Proprietary encryption ≠ Proprietary code.

          You can roll your own shitty novel encryption algorithm and license it under GPL if you want, it’s still proprietary encryption in that Signal has its own unvetted encryption algorithm instead of using a trusted existing algorithm.

          EDIT: How are people not understanding this?

          Proprietary licensing is different from a proprietary way of doing things.

          If you folks think that a GitHub repo and GPL license are all you need to vet an encryption algorithm, and you think that absolves an novel untested algo from being called “proprietary encryption” you’re gonna get burned one day because your trust was built on not understanding encryption.

          Signal built their own encryption algorithm. That’s proprietary encryption. If you still think I’m wrong, pick up a dictionary, look up “proprietary” and “encryption”, and you might just have a chance at understanding that “proprietary” is an adjective that can apply to a lot of different words.