“We’re aware of reports that access to Signal has been blocked in some countries,” Signal says. If you are affected by the blocks, the company recommends turning on its censorship circumvention feature. (NetBlocks reports that this feature lets Signal “remain usable” in Russia.)

  • barryamelton@lemmy.ml
    link
    fedilink
    arrow-up
    13
    arrow-down
    8
    ·
    4 months ago

    And before lacked this and that. It keeps improving, contrast to Signal having the server code closed source for more than a year so the Signal devs could get a headstart and insider knowledge in their Signal-included crytpo coin grief.

    How one can trust Signal after them showcasing what they truly stand for is mind blowing.

    • fira959@lemmy.ml
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      5
      ·
      edit-2
      4 months ago

      Whats mind blowing is the BS people like you come up with to shit on a non profit open source project.

      • JackbyDev@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 months ago

        Signal falls right into the perfect niche of usability and privacy, but the problem is that not many people want that. The privacy nuts don’t think it is private enough or transparent enough and the people that want something usable just use stuff with more features like Discord, Facebook Messenger, etc.

        I’ve gotten my wife to use it because we felt more safe about sharing lewd photos there than other mediums. We got our partner to use it because they’re on iPhone and we’re on Android and SMS/MMS sucks ass. One of my friends said he has it and would be fine using it if everyone else in the group chat wanted to. But that’s it. Everybody else in my circle wants to use Facebook Messenger.

        Weirdly, I think Signal needs to focus more on fin features than safety features for a while. It’s an easier sell for friends to hop over when it has the same cool stuff as the other platforms.

    • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      3 months ago

      Signal having the server code closed source for more than a year so the Signal devs could get a headstart and insider knowledge

      That argument makes absolutely no sense. This server-side code does almost nothing. The only task it really has is passing around encrypted packets between clients. All of the encryption is client-side, of course including metadata encryption. That’s how end-to-end encryption works. The server code really doesn’t matter. The Signal protocol, which is used for client-side, local, on-device end-to-end encryption has always been fully open, and it can be used by any app/platform.

      How one can trust Signal after them showcasing what they truly stand for is mind blowing

      It’s very simple. The client is open source, and the encryption happens locally within the client application. You don’t need to trust anything or anyone except for the code and mathematics, which are fully open, so you can verify them yourself.

      It’s mind-boggling how people attempt to spread so much misinformation while having absolutely no understanding of the topic their talking about.

      • barryamelton@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        3 months ago

        That argument makes absolutely no sense. These server-side code does almost nothing. The only task it really has is passing around encrypted packets between clients.

        So it knows about all metadata, plus registration with phone number, etc. got it.

        The Signal protocol, which is used for client-side, local, on-device end-to-end encryption has always been fully open, and it can be used by any app/platform.

        you conveniently leave out how you need to use the client built by Signal, with dependencies from Google Services and the like, and you can’t use one built from the source they provide. Which at that point means they can introduce whatever they want in whichever version.

        Decentralisation is the only safe way.

        • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          edit-2
          3 months ago

          So it knows about all metadata

          Metadata is encrypted on the client-side using Signal’s sealed sender implementation. The client also removes as much metadata as possible. All of this is open-source and happens in the client application.

          plus registration with phone number

          Signal doesn’t store phone numbers. It derives a user id from your phone number along with other parameters. It’s in the open-source server code, you can check it out yourself.

          you need to use the client built by Signal

          No you don’t. I myself use a fork of Signal called Molly.

          with dependencies from Google Services and the like

          Not true again. You don’t need to use the official binary that includes Google libraries. These aren’t required for the app to function. You can use Signal-FOSS or Molly-FOSS, and it works just fine.

          and you can’t use one built from the source they provide

          If this was true, forks like Signal-FOSS or Molly wouldn’t exist.

          Which at that point means they can introduce whatever they want in whichever version.

          Stupid conclusion, because all of your previous points are false

          Stop spreading false information, focus on the facts.

        • fira959@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          3 months ago

          You can use reproducible builds to verify that the provided clients are the result of the source code and you can also use alternative clients like Molly