You can use reproducible builds to verify that the provided clients are the result of the source code and you can also use alternative clients like Molly
You can use reproducible builds to verify that the provided clients are the result of the source code and you can also use alternative clients like Molly
What for? Running on a closed system there is no point to begin with.
They have provided reproducible builds for almost a decade https://signal.org/blog/reproducible-android/ https://github.com/signalapp/Signal-Android/blob/main/reproducible-builds/README.md
Most security experts who actually know what they are talking about do recommend Signal for most users, including [https://twitter.com/Snowden/status/661313394906161152](Edward Snowden), [https://www.schneier.com/blog/archives/2018/06/russian_censors.html] (Bruce Schneier) and [https://linktr.ee/glenngreenwald](Glenn Greenwald). Eveyone should consider whether they would rather follow the advise of people who have literally fought the NSA and read the entire Snowden documents or belive in the FUD spread by some people here.
The entire protocol is build under the assumption that you do not need to trust the servers. Let the NSA have then, it doesnt matter. On the other hand 95% of Matrix users are hosted on Matrix.org which was not only hacked several times, but would be an ideal target for any agency to compromise. Its naiive to belive the big Matrix hosts arent compromised. The only effective defense is to build your system around the assumption that the server is compromised, which is what Signal did.
They are refering to the crypto payment option that was build into the messenger a while back. Never used it and it never bothered anyone. It just isnt very well recieved as a feature in a secure messenger.
Signal Servers are using AWS and are spread throught the world. The entire protocl is build to remove any need for trust in those servers, so they migth as well be places in the datacenter of the NSA. So in the end it will be the same result. With decentralized protocls like Matrix you may get lucky and not have your small server taken down because it only hosts a few users, but if we are using the number of users as a metric, Signal would fare better against server takedowns, since all users are replicated throght the world, while my matrix server is the only place where my user data is stored. Then again both can deal fairly well against takedown ins single countries.
That is true for both cases as well. One thign to add though is that signals own cencorship circumvention makes it even better at resisting this kind of blockage then an arbitrary decentralized protocol, though for an objective comparison it would take some research.
You can just as easily identify servers of a decentralized platform and block them. The disadvantage of a central service would come into play if say the US were to intervene, though Signal has already said they would move abroad if that was the case. For network level blockage it makes no difference if the service is central or not
Whats mind blowing is the BS people like you come up with to shit on a non profit open source project.
All decentralized protocols have this issue. The servers need to handle metadata for chat groups, like who is part of which group. If the servers are under individual control, nobody can force them to delete this data. The question is, do you trust a non profit organisation like signal to minimize and delete metadata (which court orders have proven they do) or do you trust all individuals of a group chat to do the same when you manually ask them to.
Matrix is the worst option when it comes to avoiding metadata. A group chat with users on 10 different servers will create ten different places to store the metadata with no way for any user to delete or edit this metadata. Its a privacy nightmare.
Nobody forces you to use it. A manual arch install is still one of the most valuable leassons I learned when I started using this OS and nothing keeps new users from doing the same today
This is the same discussion as with learning programming languages. In the us, most universities start with python, to make to easy by avaoiding memory management. In Europe, most universities start with C and C++ to teach the basics to the core. Both approaches can be appropriate depending on the student.
Lazygit
Thats pretty good, thanks.
I would recommend Arch, but only to users who want to learn and understand linux and have the time to do so.
Git - the Github Desktop application is a great example of how easy git could be for users like me who only rarely use git. Every time I need to do somethign other then a simple pull or push I need to look it up and by the time I need it again I have forgotten the command and need to look it up again. Just give me something like Github Desktop on linux
Before Github, there was no collection of open source repositories that are easily searchable, making it easy to find and promote open source software. I am not aware of any alternative that ever did or does a better job at making open source contributions that easy. Even when I try to use codeberg as an alternative, my Github repos will always get more contributions. No idea how we could even begin to change that.
Why are you so keen on spreading misinformation around? A feature you dont like does not affect the trust in the restof the application at all. Also, the integration of MobileCoin is part of the wiki page as well.