Comment by tamimio
2 years ago
>Privacy
That’s a very bold statement from an app that still requires a phone number using a broken protocol (gsm) to “verify” your identity and authenticate it, sim swap attacks can be carried out by kids these days. Also, don’t expect privacy when you are using a proprietary OS like iOS or one full of Google services that also have proprietary firmware drivers, they (the adversaries) don’t need to even decrypt these “privacy apps” when it’s easier to access the backdoor-ed OS or hardware, but enjoy the illusion in the meantime.
I'm always intrigued by people that have this POV. Security and privacy are not binary for fucks sake. Improvement on the status quo is great and Signal improves a hell of a lot.
Not to mention that half of your comment is non-issues.
there's a big social cost to trying to get others to use Signal, and it's not worth it if the advertised features don't work as advertised..
that said I stopped using Signal years ago because of basic deliverability being less reliable than SMS.. I switched back to SMS so I could communicate reliably with a loved one during an emergency when Signal randomly stopped letting me respond to messages, and I won't pay the social cost twice of trying to convince contacts to use it after having to abandon the service when I really needed it.
Actually between Element and Signal and the differences between their usability as advertised versus the reality of using them with non-technical users, I've used up all of my social capital for convincing people to use "better" networks and mostly just use SMS/RCS now.
I understand that. Signal has put in a lot of work since I started using it fulltime and is much more reliable now than it was just 2-4 years ago. The only time I've had issues now is when I'm backpacking in areas with spotty connection. SMS delivers quicker and is more reliable.
Right, so instead of 20 entities tracking you for example now you 18.. the false sense of privacy is far more dangerous than knowing your messages are not private (Like when Tucker Carlson used Signal thinking it was private to find later all his messages were not, regardless if it was a bugged app or an OS, the false sense of privacy is worse, he probably won’t texted those on iMessage for example). Same argument you can see with “vpn is private and we keep no logs because you can trust us!” plus it can be defeated with browser fingerprinting, or paying a hefty price for this “top private email” provider when the recipient doesn’t even use any privacy settings or anything let alone email as a protocol is not meant to be private, it’s all a business model, and the gullible buys it, you “have” to trust that Signal server is not backdoor-ed in real time, and as the old rule in security, if you can access the physical hardware you can in theory access anything in there, you don’t know the hardware is used there, is there any memory injection exploit that get activated after the so called audits? You can’t know, you have to trust that.
I'm honestly interested in what your solution for private communication is that will also get mass adoption among hundreds of millions of users. (And it's definitely not running your own XMPP server and getting everyone to switch to Linux phones).
1 reply →