- cross-posted to:
- android@lemdro.id
- privacy@lemmy.ml
- cross-posted to:
- android@lemdro.id
- privacy@lemmy.ml
Link to article from main Lemmy❤️ developer about Signal privacy. Mostly fair points. I kinda distrust so centralized services but basically we have no other options (Matrix is buggy in many aspects). What can you say about this article?
You must log in or register to comment.
Many great answers in here but can someone address this point?
Signal could very well be another Crypto AG-style honeypot: the Swiss company which provided secure communications services to ~120 governments throughout the 20th century, and was secretly ran by the CIA and West German Intelligence.
I think if we assume that we run on our devices code that is public we are safe (without additional built in things, backdoors). This code is checked many times so it is good. If you use Android you can use some forks of official Signal client (Molly, Signal-FOSS) and be safe 🙂
Lemmy devs don’t have a lot of ground to complain about services being insecure imo.
If Edward Snowden uses Signal, we as regular people should be just fine.
He said it long time ago, is he still, maybe it is pr for money, we don’t know 🤷
Snowden doesn’t make any public statements any more without express permission from the Russian government. You can’t trust anything he’s said in the past few years, especially not since the war began.
All of these comments are completely off the rails. He informed us about one of the largest violations of privacy in the history of mankind. For that, he had to go on the run. He ended up in Russia, but not by choice.
If he wants to retire there and just keep his mouth shut, he should have our fucking blessing. The one thing he did was bigger than anything we could ever hope to accomplish lol.
Snowden doesn’t make any public statements any more without express permission from the Russian government.
Can you provide sources for this?
It might make sense for him to self-censor to avoid angering one of the few places that are allowing him to stay but even that’s not a given: if he felt something needed to be said badly enough, he’s shown to be the type of person who would rather something be said and take the repercussions on the nose than to leave something unsaid.
In January 2021, after WhatsApp, the most popular messaging app in the world, became acquired by Facebook, and announced its sharing of data with its new parent, Signal became the top downloaded app in > 70 countries.
Errr…
WhatsApp was acquired by meta back in 2014.
2021 was when WhatsApp released updated terms of service that allowed them to connect to Facebook servers and share the data they needed/wanted to.
This article seems like the average low effort hit piece against signal that keeps on popping up.
I still think signal is the easiest messaging app out there for the average user to gain a little more privacy in their digital lives.
Watch out… last time I liked to this article people started to say that I was spreading misinformation…
Now I am also a foreign agent 🙂
I’m just waiting for the EU’s Digital Markets Act (DMA), that requires interoperability between protocols (messenger, whatsapp, that apple thing, signal, matrix, etc., to kick in. Once that happens, I’ll take a closer look at matrix.
Matrix is also being rewritten in Go and one day, they’ll hopefully support decentralised identities (aka your identity isn’t tied to a server). When both are implemented, I think they’ll be superior to many things out there.
As to the article: yawn. Proof is lacking everywhere and the “it requires a telephone number” argument just keeps cropping up. Without a telephone number, what is the best way to discover your friends and family on a new network? If someone can respond with a viable alternative that doesn’t involve sending a message to everybody over some insecure medium, I’m all ears.
Matrix evolution is REALLY cool. Can’t wait for new mobile clients because old have problems with notifications on iOS devices (relatives are using them).
If someone wants to use Sigbal without Google dependancies, have a look at Molly.
Does anybody know what’s happening about Signal creating usernames to add people instead of numbers?
It’s seem abandoned, no ?
This branch is 2951 commits behind signalapp:main
It’s latest release matches with latest release from GPlay so it is not abandoned in any way. Look at version-FOSS branches, not main (it was not updated a year already).
This same thing has been reposted here so much. So I am going to copy-paste my original response once again.
Governments routinely fund the development of secure and open communication systems because they themselves benefit from having such communication tools which can be trusted. By the logic presented in this “essay”, one shouldn’t be using the internet at all. What you need to check is whether Signal’s technical claims about its encryption is true or not. There is nothing in this article that raises any question on Signal’s encryption. We already know how much data Signal has on its users through their responses to various legal subpoenas over the years (spoiler: its pretty much nothing).
Here are some cool links for you to check out:
https://signal.org/bigbrother/
https://www.aclu.org/news/national-security/new-documents-reveal-government-effort-impose-secrecy-encryptionWhy is it beneficial for the government to have these tools? They already have such for internal use. I am sure that the officials do not use Signal. Why not kill Signal as an organization so that users don’t even think of leaving WhatsApp?
You are really underestimating how hard it is build and maintain such easy to use and secure services. So using a trusted service like Signal is convenient. And government officials across the world use it:
https://www.zdnet.com/article/in-encryption-push-senate-approves-signal-for-encrypted-messaging/
https://theprint.in/tech/netanyahu-zelenskyy-join-world-leaders-to-signal-each-other-why-is-encrypted-app-popular/1204419/
https://www.politico.eu/article/eu-commission-to-staff-switch-to-signal-messaging-app/And moreover, the essay by the tankie creator of Lemmy does the mistake of assuming everything the US government funds or has funded at some point as nefarious. The US government is not unified by any stretch of the imagination. It is full of competing interests and some agencies do want to support ideas like freedom of information and right to privacy. If you look at the things that the Open Technology Fund has donated to, you will see that it has pretty much stuck to its objective of supporting “open technologies and communities that increase free expression, circumvent censorship, and obstruct repressive surveillance.”
And I still fail to see any real evidence for the claim that Signal’s privacy is compromised.
This is posted relatively often, and every time it is posted I feel compelled to note that said dev has not articulated any real reason to consider Signal insecure beyond an implicit conspiracy theory with no real meat to it.
“Signal’s use luckily never caught on by the general public of China (or the Hong Kong Administrative region), whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows.”
When you’re holding up China as an example for the world to follow for privacy, I have a hard time taking ANYTHING else you’re claiming seriously.
“Signal’s use luckily never caught on by the general public of China (or the Hong Kong Administrative region), whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows.”
When you’re holding up China as an example for the world to follow for privacy
I interpret that quote to say that China doesn’t trust US tech like the rest of the world does. It’s not saying that China has more privacy and the rest of the world should follow, it’s saying that the rest of the world also shouldn’t be so naively trustworthy of US tech either.
I don’t think the problem is that China doesn’t trust the US but rather that China wants to spy on their citizens.
Ok then you’re wilfully misreading the quote. That quote is not cryptic in the least. I have no clue why the parent comment is framing it as “holding up China as an example for the world to follow for privacy”. It doesn’t follow from the quote in any way.
Yeah that china comparison majorly derails this argument. When I read it earlier I just glossed over that but now it stands out like a sore thumb.
I don’t know what to think about signal anymore. I suppose as laymen we are pretty much non-players as far as the interest of government groups go, but still I suppose I need to learn a lot more about privacy best practices and threat assessment because some of the article was just difficult.
TLDR, the thought is that the USA is spying on users of Signal because some early funding came from the US government. But the evidence suggests not; indeed, governments worldwide are targeting Signal et al because they don’t LIKE that they can’t just demand access from providers.
Also in the same vain didn’t the US armed forces (possibly the Navy) develop TOR?
I also think the essay is pretty bad, but he right about a self-hosted solution is better.
100% agree. I appreciate the guys work on lemmy and the jerboa (the android app) but he’s got some weird ideas.
Oh jeez. That’s nasty.
