You skipped whether you believe NSA follows them or not. Even if NSA ignores those rules, they have literally no rules about compromising foreign servers; they are required to do so, as part of their job.
Take a step back and note that nobody on HN is going to make an argument premised on "you should trust NSA to follow the rules". You can accept that as an axiom and have easier conversations here.
> Even if NSA ignores those rules, they have literally no rules about compromising foreign servers
This is not good enough. Signal server is a single point of failure: NSA (and any other attacker, e.g., China) knows that the users can't go elsewhere, so it's very easy to target them all (thanks to the Signals's politics of walled garden). In case of Matrix, there are thousands of servers around the world, which you have to find and get into. They can run completely different software. This is not very scalable or easy.
I guess this whole subthread is based on the assumption that non-US servers are somehow more safe than US servers; I completely agree that's obviously not true, I just want to point out that allies ratified shenanigans to pull between each other to stay compliant with internal regulations on paper but in truth have access to everything about everyone: https://en.wikipedia.org/wiki/Five_Eyes
No, I don't see that. I do, however, see you in the parent comment arguing that rules are what currently prevent the NSA from compromising AWS.
You skipped whether you believe NSA follows them or not. Even if NSA ignores those rules, they have literally no rules about compromising foreign servers; they are required to do so, as part of their job.
Take a step back and note that nobody on HN is going to make an argument premised on "you should trust NSA to follow the rules". You can accept that as an axiom and have easier conversations here.
> Even if NSA ignores those rules, they have literally no rules about compromising foreign servers
This is not good enough. Signal server is a single point of failure: NSA (and any other attacker, e.g., China) knows that the users can't go elsewhere, so it's very easy to target them all (thanks to the Signals's politics of walled garden). In case of Matrix, there are thousands of servers around the world, which you have to find and get into. They can run completely different software. This is not very scalable or easy.
I guess this whole subthread is based on the assumption that non-US servers are somehow more safe than US servers; I completely agree that's obviously not true, I just want to point out that allies ratified shenanigans to pull between each other to stay compliant with internal regulations on paper but in truth have access to everything about everyone: https://en.wikipedia.org/wiki/Five_Eyes
...and this is the declassified part.