Comment on What's the deal with Signal?
boonhet@lemm.ee 4 hours agoHow do you know that?
It’s what happens in the publicized source code, yes, but how do you know that’s what’s running in their servers? How do you know that all requests aren’t saved?
Luckily Signal has e2ee and client side code is easy to verify, so they’d only have access to encrypted messages anyway, but if you’re talking state level actors of the highest caliber, they might be able to crack Signal’s encryption eventually.
Look, I’ll agree that Signal is probably secure enough. It’s definitely secure enough for me, I only run Matrix as a hobby because I like decentralization, my Matrix server is probably less secure than Signal. But I’m just saying we can never know for sure what code is running in THEIR servers, therefore we can never trust is 100%.
Irelephant@lemm.ee 4 hours ago
signal.org/bigbrother/ Its all they claim to have at least.
boonhet@lemm.ee 3 hours ago
And I hope for sure that they’re never quietly forced to change that.
But again, if there were 3 letter agencies and gag orders involved with Signal, they probably wouldn’t give regular law enforcement or courts any of the data they have.
Really, my only problem is that with a centralized service, there’s no way to ever know for sure. There’s luckily no evidence of anything nefarious happening at least.
Irelephant@lemm.ee 22 minutes ago
Yeah, on an ideal world, the matrix spec would be fixed and everyone would be on that.
boonhet@lemm.ee 11 minutes ago
In an ideal world we also wouldn’t have to worry about communications being listened in on lol
AtHeartEngineer@lemmy.world 43 minutes ago
The code is open source, people look at the code, I’ve dug through their code a fair bit. It wouldnt be quiet, and it would take major code rewrites, it would be pretty obvious