this post was submitted on 26 Mar 2025
243 points (100.0% liked)
Privacy
1763 readers
341 users here now
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- Be civil and no prejudice
- Don't promote big-tech software
- No reposting of news that was already posted
- No crypto, blockchain, NFTs
- No Xitter links (if absolutely necessary, use xcancel)
Related communities:
Some of these are only vaguely related, but great communities.
founded 4 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
True, but that doesn't mean you stop there, otherwise it's just reactionism. You can literally go and inspect the Signal code, compile the client yourself, and use it. You can verify that the E2EE claims are correct and that Signal can't decrypt messages it relays.
The only thing you can't know with 100% certainty is whether they're storing encrypted messages or not. You can look at their track record. You can look at how they spend their money. But you can't know that one thing.
However, Matrix instances may store encrypted messages. Just because it's federated doesn't mean it's therefore more private; it's just resistant to capitalist fuckery. You have to look at the entire implementation, and that becomes difficult when the way in which instances participate is voluntary, not mandatory.
I agree that people should be skeptical, but skepticism is a verification philosophy, not the act of simply rejecting claims.
I think the story of Whatsapp should've taught people that capitalist fuckery and living long enough to become the villain are bigger threats than people give credit for, and Signal is just as vulnerable to this as WhatsApp was. They've also fought against any ways that it could be mitigated, they fought and are still fighting unofficial clients (moxie himself went around harassing people to stop), they fought any form of decentralization or interoperability with other servers and self-hosting.
All things that could make signal a bit more resistant towards something like what happened with WhatsApp, yet they've all been rejected in favor of exclusive control on the app (and for a long time it was GMS tied on the PlayStore) and exclusive control of the the network. Two things that don't exactly bode well for the future.
No, they're not. Whatsapp was never controlled by a 501(c)3. Selling everything off to a for-profit company isn't a simple transaction, or else OpenAI would have tried that already.
If you go and read the reasoning, it makes sense. Part of it is the enforcement of their internal standards (like not storing chats for longer than it takes to deliver them) and part of it is that it would require rebuilding almost everything. It was never designed with ad hoc server participation or self-hosting in mind; you can't just drop in an API on top of existing software.
I agree that centralized chat is a potential chokepoint for capitalists to enshittify things, but people are crucifying Signal for something that hasn't even remotely happened.
If it does, there's lots of options out there that are getting better all the time. My backup plan is SimpleX. But Signal still seems to be delivering what they claim, and it's a lot easier to get non-technical people on board with encrypted chat via Signal than many of the other options, currently.