[smarinov]

> This isn't the security community. The security community is pretty much unanimous in supporting Signal over all other secure messengers.

Sorry, but I am still yet to see the proclaimed unanimous support for Signal as a messenger. As a protocol – sure, most infosec professionals obviously support Axolotl, but this does not imply your statement in any way.

> The entities most harshly critical of Signal are supporters of other messaging applications and protocols.

So the support for Signal isn't that “unanimous” after all, is it?

Otherwise, of course they will if they think that Signal has lost the proper direction for some reason (according to their view). Even many protocol supporters prefer using something like WhatsApp or Wire, the former due to its purported network effect and the likes of the latter because of features like E2E encrypted file transfers, 1:1 video or group calls w/o apparent security trade-offs compared to Signal.

> I don't so much care what messaging system you use to talk to your friends or chat with your gaming guild. But if you have real adversaries, the security part of your messaging system has to work, even more than the messaging part. For that situation, Signal is the only messaging system I'd recommend unreservedly.

In the end, it turns out that this is your personal opinion, not that of the security community as a whole (hint: there is none), which is fine if you didn't misrepresent it in most of your post. The networks of other people may or may not choose to go a different way, although some (or even many) of them may support the same core technologies, just because they do not agree with some decisions OWS made along the way and don't want to reconsider for any reason opposing parties have presented, e.g. in articles like the one we are commenting under.

To sum up, feel free to suggest Signal as an instant messenger, but please be careful with your supporting claims because there are other great and upcoming messengers out there like Matrix, Wire, Onion.chat, GNU Ring, any of the mentioned elsewhere Telegram and WhatsApp, or many, many others. Signal has legitimate reasons on its side that will make your argument weigh more than unjustified claims that it should apparently be the end-all and be-all of one's instant messaging needs.

[tptacek]

I think you misread my comment, which didn't suggest that there is universal support for Signal among everyone, just among security professionals (I adopted the term "security community" from the parent comment, but I agree with the implied criticism that the term "security community" is largely meaningless).

A good way to rebut my claim would be to cite the most high-profile security engineer or security professional or crypto engineer or crypto scientist you can think of who recommends some other system over Signal.

[baka]

Unfortunately, and to a large extent why people listen to "open source advocates", the community of security professionals has a surprisingly bad record when it come to things like risk analysis, legal matters, understanding how law enforcement or intelligence agencies work and other ”soft skills”. I trust security professionals when it comes to crypto. Anything else I'm not convinced they aren’t as incompetent as everyone else in software and maybe even more so.

[tptacek]

So, I totally agree with this but would like to know more, specifically, about why you believe it, to avoid talking past you. What are your specific concerns?