Could not have said this better.
Comment on Signal is Flawed, Why XMPP is Amazing! (new animated video)
Melpomene@kbin.social 1 year ago
Could we stop with this nonsense? Signal is neither run by nor funded by the CIA, nor have any of its many haters shown that it is vulnerable to exploitation. Signal's obfuscation of metadata is absolutely capable of being bypassed, but the core function of Signal... E2EE encrypted messaging... remains secure. Signal's core purpose was -never- anonymous communication, but secure communication.
If you need anonymity, Signal is not the way. But attempting to malign it with conspiracy porn and misleading data points does nothing but undermine support for E2EE generally.
pranqster@infosec.pub 1 year ago
gamma@programming.dev 1 year ago
It requires a phone number to log in. That already kills any hope for anonymity. I use it to message family and close friends, of which the fact that I’m messaging them is not surprising.
ninchuka@lemmy.one 1 year ago
Where did signal ever advertise it’s too be used anonymously
DeltaTangoLima@reddrefuge.com 1 year ago
I think the commenter you’re replying to is supporting the point made further up. People aren’t using Signal for anonymity, because that’s not it’s advertised purpose. As we all (except the author of this article) know, its purpose is privacy.
jack@monero.town 1 year ago
Lol, privacy is definetely not what you’re getting with Signal. They know your entire connection graph, who you talk to, when and how much. They collect all of the phone numbers.
MashBoilPitch@lemm.ee 1 year ago
But Signal is bad, an op-ed by one of Lemmy’s founders: dessalines.github.io/essays/why_not_signal.html#c…
I certainly agree there is cause for caution, as one should always exercise where trust is placed in such matters. But there are leaps of bad logic in that writeup, and the dog pile of FUD swirling around Signal feels nearly orchestrated.
Melpomene@kbin.social 1 year ago
That's because it is. The Lemmy founder in question has a hate on for anything west and United States especially.
SummerBreeze@monero.town 1 year ago
I am NOT saying the average person should be concerned with CIA spying. What I’m saying is that one should promote decentralized internet infrastructures that empower the individual over corrupt institutions, even though this threat model likely does not apply to you. XMPP is just as easy to use use as Signal.
If you use Signal messenger, you have to trust the Signal foundation, which uses Amazon’s AWS for the cloud. So you’re trusting CIA military contractors. I am NOT saying that Signal is a CIA tool. What I’m saying is that you are trusting and obeying a centralized authority, as opposed to being able to run code on your own server. And this contributes to the centralization of the internet and a loss of freedom.
jack@monero.town 1 year ago
You seem open minded, have you checked out SimpleX Chat yet? There you have no identity at all, so you don’t even have to register an account at some server. This gives much more autonomy and also has some privacy/security benefits. Check out this comparison: github.com/simplex-chat/…/SIMPLEX.md#comparison-w…
SuddenlyBlowGreen@lemmy.world 1 year ago
Yeah, calling Signal’s founder’s politics confused and idiotic because he referred to China and Russia as authoritarian regimes doesn’t really make me trust this person and his biases.
cwdolunt@dice.camp 1 year ago
@SuddenlyBlowGreen
IIRC this person is a tankie and hosts lemmygrad.ml.
@MashBoilPitch @privacyguidesSuddenlyBlowGreen@lemmy.world 1 year ago
I somehow got the feeling he would be :-D
jack@monero.town 1 year ago
Security is not enough.
Melpomene@kbin.social 1 year ago
Is for me, but there are plenty of solutions for those who need more.
SummerBreeze@monero.town 1 year ago
I agree that I applaud the move from SMS text to Signal. I am NOT saying the average person should be concerned with CIA spying. What I’m saying is that one should promote decentralized internet infrastructures that empower the individual over corrupt institutions, even though this threat model likely does not apply to you. XMPP is just as easy to use use as Signal.
If you use Signal messenger, you have to trust the Signal foundation, which uses Amazon’s AWS for the cloud. So you’re trusting CIA military contractors. I am NOT saying that Signal is a CIA tool. What I’m saying is that you are trusting and obeying a centralized authority, as opposed to being able to run code on your own server. And this contributes to the centralization of the internet and a loss of freedom.
Melpomene@kbin.social 1 year ago
Except Signal has dozens of viable competitors, and even XMPP is likely passing through those same AAS servers if it spreads far enough. And you'll never even know, most likely.
Implying that the CIA using a cloud provider makes the entire provider suspect is silly, especially if we're talking about an E2EE service. Decentralization is great. I love it. But I also recognize the value of a centralized service when done well and when subjected to scrutiny and competition.
vlad76@lemmy.sdf.org 1 year ago
Signal uses computers. You know who else uses computers?? CIA!
Ildar@lemmy.world 1 year ago
And even FSB
NegativeLookBehind@kbin.social 1 year ago
FaSeBook
vlad76@lemmy.sdf.org 1 year ago
It was there in front of us the whole time!
nitefox@lemmy.world 1 year ago
Friedrick Stein Braun, who is a _C_ERN agent who wants to get the microwave Time Machine. Checkmate, Stalin!
Noreia@lemmy.one 1 year ago
correction: he wants the Phone Microwave (Name Subject to Change)
hansl@lemmy.world 1 year ago
Everybody knows you use a toaster, not a microwave, for Time Travel.
Pat@kbin.run 1 year ago
You're telling me governments use computers? That's insane, I don't believe it. Next you'll be telling me they're on the internet too.
FARTYSHARTBLAST@kbin.social 1 year ago
There is no Internet.
Neon@lemmy.world 1 year ago
Don’t worry. Most branches still prefer the Fax to the Computer.
Melpomene@kbin.social 1 year ago
Should we tell them about DARPA?
Kyoyeou@slrpnk.net 1 year ago
I heard those computers use electricity, damn
SummerBreeze@monero.town 1 year ago
Would you agree that Signal does sealed sender to protect metadata? If there were flaws in this system, then should we not discuss it?
vlad76@lemmy.sdf.org 1 year ago
Sure, but everything is flawed. So we need to find the best solution that is least flawed. Signal is the best alternative to messaging apps that has the features most people want and most importantly people actually use it. It’s at a good intersection of useful and secure. If the article headline was “Evaluating security of Signal” it would be fine. But it’s basically “SIGNAL IS FLAWED! USE SOMETHING ELSE!”. That’s like when someone switches from Chrome to Firefox, which is objectively a better choice, and then they get told “Don’t use Firefox is BAD” and point them to Brave, and when Brave has a flaw they tell people to migrate again. So you get a minority of people using the bleeding edge apps that no sane person would want to spend the time to set up, and the majority just goes back to whatever is the easiest option, which would be Chrome, or in our example probably WhatsApp. It’s important to address concerns, but also to do it in a manner that is careful to not start a panic where one doesn’t need to exist.