[tptacek]

That's not the only problem, or the most important problem. The most important problem of federation is that it generates lowest-common-denominator security. For instance:

https://whispersystems.org/blog/giphy-experiment/

This is how Signal provides Giphy search (spoiler: they tunnel a TLS connection through their own server, with TLS negotiated end-to-end from the Signal app to the Giphy server, so that Giphy can't tell what client is searching for what GIF while at the same time Signal's server's can't see what people are searching for).

Does anyone believe that in a world where 90% of Signal-network client installs weren't Signal.app, that this is how features like this would work? It's not an unknowable question. All you have to do is look and see how Signal's competitors, like Wire, tackle this problem.

It's true that in a federated Signal-network, you might get clients that have security features Signal itself lacks. But because it's far easier to produce an insecure client than a secure one, insecurity will dominate, and be a boat anchor around any efforts to improve security down the road.

Call it "the libpurple problem".

[comex]

All true, but I think the situation looks a little worse for centralization if instead of 'security features', you think in terms of 'vulnerabilities' (almost but not quite an antonym). Signal probably has a lower vulnerability rate than competing software, but if someone finds an implementation bug, it can be used against every user on the network. Compare to, say, IRC, where there are a lot of really poorly written clients, but the sheer number of clients in use would limit the fallout of any one exploit.

Likewise, Open Whisper Systems is pretty trustworthy, but if someone gets access to their servers, either by hacking or by coercion, and starts, say, logging metadata (who's chatting with who), all Signal users are compromised. When I chat on a private (and SSL-only) IRC server, the security guarantees are awful compared to Signal - and I'm not saying that's not a problem - but at least I know that my conversations will only be compromised if someone really has it out for my group in particular; they won't show up in some massive leak and/or government database.

This also applies to binary distribution. When software is compiled by N different distros or package managers or by users directly, that does make it hard to get security updates out in a timely manner. But with a centralized system like Signal's, if the binaries are compromised, everyone is pwned. Yes, measures like reproducible builds can reduce the risk, but they're far from perfect. Is there even anyone who verifies Signal builds on a regular basis/automatically?