Granted, the part
The globally recommended app by privacy and security experts, Signal, is now being downloaded massively and tops the Danish Google Play Store
is a little ironic, but you gotta push this winning tide and then work from that.
Granted, the part
The globally recommended app by privacy and security experts, Signal, is now being downloaded massively and tops the Danish Google Play Store
is a little ironic, but you gotta push this winning tide and then work from that.
Besides being hosted in the AWS servers, there’s no way to check if what’s running there is the same as the published code. That’s why i don’t use signal.
When the signal foundation is losing money every year, i can just wonder what will happen when the money runs out. Even the good guys need to eat.
Or what will happen when trump will decide to seize the AWS servers running the signal application server.
You don’t need to care about the server code since the secure bits and encryption that matters is all on the client side and verifiable.
i do care about metadata.
If you care about it then just use Signal since it’s the one with least amount of metadata fying around. A big central server with many normies using it also ensures that it’s very hard to correlate traffic.
No, because of:
I have seen this film so many times…
as in phone number, IP and timestamps? If I were worried about that I wouldn’t have a phone in the first place but if private messaging (content is private) I think signal works fine
It shouldn’t matter because you can verify that your data is encrypted and thus not accessible to the server, but also, IIUC, they use secure enclaves so that you can verify that their server is running the published source code.
How do we know he hasn’t already?
No need to size them. AWS is deeply embedded into the intelligence apparatus of the NSA as one of their prioritized suppliers.