- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
This article is just an ad for the book of the author.
It just shows that Signal received a bit of funding from the US government via the Open Tech Fund like many other projects.
It does make a fair point that the fight for privacy should be more political and less technogical but it’s not like people aren’t trying.
Its definitely not irrelevant that signal was funded and may still be funded by the US government. That no one seems to dispute that, and think that there’s no conflict of interest between the worlds biggest abuser of digital privacy funding the supposedly secure apps they use every day, is boggling to me.
It’s not irrelevant but it’s not proof of anything either, and does not justify the clickbait title…
Many organisations everywhere in the world receive government funding but it doesn’t mean that they’re intelligence agencies’ honeypots. Matrix has received contributions from the French and German government, yet that doesn’t mean it’s a government op.
One difference is that matrix is self hostable, while signal isn’t. And signal only updates their server source code when they received a massive backlash for not updating it in over a year. https://community.signalusers.org/t/where-is-new-signal-server-code-why-not-share-signal/15068/9
The foss community hates them for good reason.
matrix is self hostable, while signal isn’t
You can indeed self-host your own Signal server, it’s just that the effort required to do so is significant and it doesn’t federate. Far easier to just use XMPP/Matrix.
The Tor project is also funded by the us government, that doesn’t make it less secure.
With open source software you don’t need to trust that nothing shady is going on in its source code.
Tor has decentralized nodes, signal is a single central server with no verification of what’s running on it ( that also uses phone numbers, which are tied to you identity, as its primary identifier). Also as a US company it’d be illegal for them to disclose if their server has been compromised.
Without any proof either way my gut feeling tells me that it is probably not a deliberate US government honeypot, but there are just too many ways the US government can compromise some of the Signal employees in charge of the server software and code development, which makes Signal inherently untrustworthy.
You don’t need to trust the organisation if you can see the code. And the way the signal apps are built you don’t need to even see the source of the server because you can verify that everything is properly encrypted in the client.
That’s very naive. There are many ways of obfuscate the code to hide stuff in plain sight and you can’t know what is done with the metadata on the centralized servers (content might be encrypted, but it is anyways more interesting for surveillance who you talk to and when, then the actual content of your messages).
signal is not anymore open source, u know shit about what is there and the fact that its crypted by client its just thw way how to make it look transparent.
deleted by creator
ಠ_ಠ
Removed by mod
i doubt many people are going to buy their book.