There are so many great reasons to be on Signal. Now including the opportunity for the vice president of the United States of America to randomly add you to a group chat for coordination of sensitive military operations. Don’t sleep on this opportunity…
Editing to add the link to the messages: https://archive.is/2025.03.26-131842/https://www.theatlantic.com/politics/archive/2025/03/signal-group-chat-attack-plans-hegseth-goldberg/682176
Remember kids, if someone makes a centralized app or messaging claiming to be a savior of privacy and security, you should be skeptical of them and their integrity. Really you should be skeptical of anyone making grand promises of privacy and security, especially boastful ones. Though decentralized services are less risky than centralized ones, and that’s why I recommend people use Matrix instead of Signal.
Matrix still has problems but it being decentralized eliminates many of the corruption issues by simply using a server not affiliated with the creators.
Blegh. Use literally anything decentralized but Matrix.
Their claim that they dropped sms support because engineering costs causes me to question them.
There are free sms apps. Android handles SMS, an app just reads/writes the SMS database via an API.
They also claimed they couldn’t leave bubbles in different colors because of the engineering effort. They had to make the android bubbles look gross like apple bubbles to reduce their test and maintenance costs.
Matrix doesn’t support SMS.
They didn’t drop them because of money costs, where did you get such a statement?
In any event they didn’t really have much of a choice, even if they dropped the ball by not simply resurfacing the old SMS product they did and do have. Having SMS and have people assume it was private because it was on Signal had already caused various issues, of the kind that causes bad mouth-to-mouth for your service. Signal’s response, while adequate, was also lazy.
True, but that doesn’t mean you stop there, otherwise it’s just reactionism. You can literally go and inspect the Signal code, compile the client yourself, and use it. You can verify that the E2EE claims are correct and that Signal can’t decrypt messages it relays.
The only thing you can’t know with 100% certainty is whether they’re storing encrypted messages or not. You can look at their track record. You can look at how they spend their money. But you can’t know that one thing.
However, Matrix instances may store encrypted messages. Just because it’s federated doesn’t mean it’s therefore more private; it’s just resistant to capitalist fuckery. You have to look at the entire implementation, and that becomes difficult when the way in which instances participate is voluntary, not mandatory.
I agree that people should be skeptical, but skepticism is a verification philosophy, not the act of simply rejecting claims.
I think the story of Whatsapp should’ve taught people that capitalist fuckery and living long enough to become the villain are bigger threats than people give credit for, and Signal is just as vulnerable to this as WhatsApp was. They’ve also fought against any ways that it could be mitigated, they fought and are still fighting unofficial clients (moxie himself went around harassing people to stop), they fought any form of decentralization or interoperability with other servers and self-hosting.
All things that could make signal a bit more resistant towards something like what happened with WhatsApp, yet they’ve all been rejected in favor of exclusive control on the app (and for a long time it was GMS tied on the PlayStore) and exclusive control of the the network. Two things that don’t exactly bode well for the future.
No, they’re not. Whatsapp was never controlled by a 501©3. Selling everything off to a for-profit company isn’t a simple transaction, or else OpenAI would have tried that already.
If you go and read the reasoning, it makes sense. Part of it is the enforcement of their internal standards (like not storing chats for longer than it takes to deliver them) and part of it is that it would require rebuilding almost everything. It was never designed with ad hoc server participation or self-hosting in mind; you can’t just drop in an API on top of existing software.
I agree that centralized chat is a potential chokepoint for capitalists to enshittify things, but people are crucifying Signal for something that hasn’t even remotely happened.
If it does, there’s lots of options out there that are getting better all the time. My backup plan is SimpleX. But Signal still seems to be delivering what they claim, and it’s a lot easier to get non-technical people on board with encrypted chat via Signal than many of the other options, currently.
I hope you mean XMPP / Jabber? Matrix is as open and chatty as Trump is when servicing Musk.
It’s not really but ok
If you think it is, back it up with something
My issue is that it is just much heavier. My XMPP server consumes a fraction of RAM and CPU that my Matrix server does.
synapse is notoriously dogshit because they’ve ended up needing to constantly focus on developing it rather than finish getting dendrite (the actually optimized server software) feature-complete so it can take over as the reference implementation.
like, jesus christ, synapse is written in python! entirely unsurprising it has terrible performance.
They even admitted this, lol. “Oopsie, our flagship server implementation doesn’t scale. Here, we made a commercial version for your bigger deployments”.
Matrix has other issues, something like session might be more equivalent to signal.
Such as? If you want to write lackluster information-free messages like that, you should at least provide your list of things with zero issues whatsoever so we can compare. Session definitely doesn’t have zero issues whatsoever.
I agree. Their comment is probably one of the more useless comments I’ve encountered on the subject.
Fair call. Other people have commented on issues with matrix so I won’t dilute the thread by repeating that. I mentioned session as an alternative because it meet the criteria set for the poster by being decentralised. It’s also E2EE and routes messages via onion so encourages anonymity.
There are a heap of comparisons available on the different encrypted messaging apps, but they all put different weight on various features which can skew perspectives. Here’s one for consideration:
https://www.securemessagingapps.com/
Personally I use signal, matrix and session, and think they all satisfy the requirements for my threat model.