US based isn't a concern in this case, as the data they store is pretty much unusable.
They publish the subpoenas they receive and the dump of relevant data to the authorities, and it's usually a timestamp associated with some ID and that's it.
Actually very nice to integrate with. I'm not using Google or Apple in my life. On the phone I'm using sailfish OS, so the main stream apps are not usually ported natively. Fortunately someone used libsignal and added frontend so signal is my main means of communication with friends. And I still don't have to drown into Google or FB services.
Much better in that it is open source (so you can audit the e2ee), and it does a lot about metadata. It is actually better at protecting metadata than many decentralized alternatives.
How do you know the source code you’re looking at is for the same program you downloaded from the App Store? Does apple publish a checksum of software you’re installing?
This is a failure of Apple and their walled garden, not of Signal. If this is a concern to you, you either need to jailbreak or switch to a more free as in freedom platform.
Honestly, if it really mattered a lot to me (i.e. to my own security), I would compile Signal from source and install it on my device. Which I could not do with WhatsApp.
That article doesn't support what you're saying. It says that WhatsApp has access to metadata, which it hands over to law enforcement. This does not necessarily mean that they can read your messages.
It does say that 'WhatsApp can read some of your messages if the recipient reports them'. That 'if' is doing a lot of work in this sentence. It means that the recipient has to decrypt your message.
Although there are forms etc. within the app for doing this, it's essentially no different to taking screenshots.
There is no way to ensure 100% privacy if the other party you are communicating with does not keep data they have access to private.
I'm not a big Meta fan, but as far as I am aware, they can't normally read your messages. The fact that it's closed source just means that we can't verify that for ourselves.
> The fact that it's closed source just means that we can't verify that for ourselves.
That's really the whole point. As far as we know, it could be that it is not e2ee at all.
Also from the moderation article, it's not clear to me what that means: if I report you, does that mean that the moderators will get access to all your recent conversations? Could be, right? But then the FBI could report you for no reason, and then ask WhatsApp to provide your recent conversations. Which would effectively act as some kind of backdoor, right?
I'd say it's a lot better since it doesn't do unknown things with your address book. It actually doesn't do any unknown things and the fact that they're US based is irrelevant since they have nothing to give away thanks to E2EE.
WhatsApp uploads the address book from the user's phone to Meta's servers and after that it's unclear to outsiders what they do with it. Hence "unknown".
I'm presuming GP does not put Signal forward as a solution to outages. But instead uses the opportunity to talk about messengers and show that there are alternatives in general.
Yes it's what I do, and then I actively struggle to hold back on pushing Matrix/Element as the solution. The beauty of the federated system, it's the way the internet was intended to function, oh man I love talking about it. But, nobody unaware of Signal will ever run their own Matrix server of course.
Signal is simple, recognizable, very much like WA. A WA outage is indeed a good point in time to have a lighthearted conversation about messengers and platforms. A lot of people still don't realize Meta owns WA.
What I like is that the normy friends I have on Signal are now telling all their normy friends/colleagues about Signal and how we are still apping away while WA is down.
Yep. I host my own server and have it federated. That part was simple.
It was a struggle to get my core group of friends to sign up, and I just sort of haven't bothered trying to get anyone outside that group to try it. They are not technical people in the hn sense but are vastly more competent than the average joe.
It's the normies at large who dictate comms platforms really. Things like matching emoji support and easy + performant video and picture sharing are absolutely crucial.