[ifelsehow]

> The most important concern is that Signal is a silo [...] you have to connect to OpenWhisperSystems servers to communicate with other users.

You can run your own private Signal service with OpenWhisperSystems' tools [1].

It's also worth noting that Signal - as a protocol - could easily be federated. (As others have mentioned, Moxie has chimed in on why the app is centralized [2]).

If confederated messaging is important, why not use the existing Signal protocol implementations, (including the X3DH key exchange, ratcheting protocol, etc), which is all F/LOSS, and has already been widely reviewed (as the article mentions)?

[1] https://github.com/WhisperSystems/libsignal-service-java

[2] https://whispersystems.org/blog/the-ecosystem-is-moving/

[stonogo]

> You can run your own private Signal service

A distinction without a difference. I use Signal because people use Signal. People do not use 'the Signal service'. They use OWS's app and OWS's servers and moxie has explained he will not federate.

The fact that OWS goes to all the effort of creating this excellent protocol, and then insists on only deploying it to insecure devices (with direct-memory-access baseband radios) baffles me, but I hope that things move in a saner direction with time.

The biggest benefit I think OWS has provided is the ability for other platforms (e.g. Whatsapp) to use their protocols. I daydream about a day when all these competing messaging services realize they would stand to gain a lot by federating, but I know it won't happen in my lifetime.

[ajamesm]

I'm not a fan of opaque baseband firmwares either, don't get me wrong, but what's the alternative? Not for the DoD, I mean for union organizers making $50k a year -- people who aren't going to get murdered by Mossad, but still need to authenticate and encrypt their communication channels. What device would you recommend?

[voltagex_]

Who's the likely threat to union organisers? I suspect a pair-locked iPhone with Signal or Whatsapp would be more than secure enough.

[ajamesm]

The most prominent example would be https://en.wikipedia.org/wiki/Jimmy_Hoffa

and then the long, storied history of American strike-breaking &c.

[kuschku]

Well, either the threat is a private group, then WhatsApp or even Google Hangouts is secure enough.

Or the threat is a government, then Signal is not secure enough either, because the US govt can just force Google and OWS to ship modified APKs.

[ajamesm]

conflating the specific binary instantiation with the general cryptosystem. Regardless, depending on your threat model, you can take increasingly { reasonable | paranoid } precautions like manually compiling and loading Signal, as it's OSS.

edit: "private group" can encompass a lot, especially in other ecosystems like Google and FB. If said "private group" adversary is, say, a prominent and wealthy Silicon Valley businessman and enterprising vampire who collaborates with fascists, then you can see the potential of compromising someone's security by coercing Google or Facebook engineers to run you a Hadoop query or conditionally inject malicious JS.