Hacker News new | ask | show | jobs
by RunSet 1336 days ago
That page says:

> the Signal Android codebase includes some native shared libraries that we employ for voice calls (WebRTC, etc). At the time this native code was added, there was no Gradle NDK support yet, so the shared libraries aren’t compiled with the project build.

Also, assuming you trust the client, how to tell if the Signal server is running the published code, especially given Signal's track record of (not) publishing its source code?

https://linuxreviews.org/Signal_Appears_To_Have_Abandoned_Th...
1 comments
kijiki 1336 days ago
Signal server is explicitly untrusted in the Signal threat model, which is must be due to being based in a country (like any other country) with laws that can be used to compel actions on the server's owners. They publish legal orders they receive and their responses.
link