this post was submitted on 13 May 2024
188 points (96.1% liked)

Privacy

31990 readers
467 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 20 points 6 months ago* (last edited 6 months ago) (6 children)

Let's be honest, Signal is not perfect either:

  • It requires your phone number
  • It has had some suspicious funding sources
    (UPD: It was funded by CIA)
    (UPD2: Here I will quote www.securemessagingapps.com:

This matters because “money talks”, as the saying goes. If the company or person behind the money is likely to have reason not to protect customers’ privacy, it’s important to know. This could be indicative of the company not doing as they say (Google, Whatsapp, for example) or changing their mind once they’ve onboarded enough customers from whom they can make money.

~~(I'm gonna find sources for the last two statements a bit later to not be unsubstantiated)~~
Done.

Although, we all can agree, that Signal is still better than Telegram, or WhatsApp, or Threema, or whatever.
Still, we probably want to look at the better alternatives, like Simplex or Session.

[–] [email protected] 12 points 6 months ago* (last edited 6 months ago) (1 children)

Session is also sus because you effectively cannot host a node, last I have seen. They claim it is "against a Sybil attack" but all it does is making sure only people wih large disposable funds can have nodes, and the effect might be the exact opposite.

Simplex is more interesting in this regard because while I am concerned with initial centralization (the default servers), they made hosting your own easy. But I personally stick with imperfect yet trusty XMPP.

[–] [email protected] 2 points 6 months ago

SimpleX is great. BUT it's not user friendly. Thus general adoption for the average user will be hard. Don't get me wrong using the app itself is easy but as soon as someone switches their phone that doesn't have technical knowledge they will loose their chats because they won't understand the concept of moving their DB. Since you don't have an identifier like a phone number with SimpleX those people could even lose contacts as a whole since they generate a new DB, hurting their social connections.

That's the reason I personally never recommend SimpleX to anyone who doesn't have the technical knowledge to understand stuff like that.

[–] refalo 8 points 6 months ago

It has had some suspicious funding sources

Wait until you find out where computers, the Internet, GPS, weather satellites and Tor came from.

[–] [email protected] 6 points 6 months ago* (last edited 6 months ago) (1 children)

suspicious funding

Which lines of its libre software source code are malicious?

requires your phone number

It's centralised

[–] [email protected] 2 points 6 months ago (1 children)

Which lines of its libre software source code are malicious?

It's not about code, but about funding.

It's centralised

Yes, and it's the downside, no matter how you look at it.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

So, which malicious lines of libre software source code have been funded? This is how we stop FUD. Don't let them derail us.

[–] [email protected] 0 points 6 months ago (1 children)

Don't get me wrong. As far as we know, no malicious code have been funded. The very fact that the Signal was sponsored by the CIA is suspicious (maybe I used some incorrect words, sorry if so). Of course, it's totally up to you whether you think that fact is sus or not.

[–] [email protected] 3 points 6 months ago

It's not. Our devices run software, not funding.

[–] [email protected] 6 points 6 months ago (1 children)

Telegram requires a phone number too? I mean yeah there's the option to use that blockchain phone number service, but you can do the same for Signal. 🤷

[–] [email protected] 6 points 6 months ago

Yes, it does. And yes, it is equally bad in both cases.

[–] [email protected] 5 points 6 months ago (1 children)
  • It requires your phone number

Not anymore, right? Or does it still need your number for signing up?

[–] [email protected] 11 points 6 months ago

Just to sign up

[–] [email protected] -5 points 6 months ago* (last edited 6 months ago) (2 children)

Signal no longer requires a phone number. You can now create an account. Not sure if that helps your outlook on it, but yeah. It was a fairly recent update that this was rolled out.

Edit: being told we still do need numbers to register. I haven't gotten a new phone since well before the change was made, so I haven't actually created an account and gone through the process. It looks like I misinterpreted what was going on when I read the changelog.

[–] [email protected] 10 points 6 months ago* (last edited 6 months ago)

That's not true. A phone number is still required to register, you can just set it not to be public.

Source: I just tried to register and it asked for my phone number.

[–] [email protected] 6 points 6 months ago

Last I have seen, it still requires a number to register - it just doesn't have to be public.

What gets me the most is the requirement of a smartphone to register. No way I am trusting my non-public chats to a phone, so that means either Waydroid/VM (which creates issues with copypasting) or signal-cli (which is fairly inconvenient).