Hacker News new | ask | show | jobs
by palata 1336 days ago
They say they do, but you have to trust them. You don't have to trust Signal, you can audit the sources (or trust some third party to do it for you).
1 comments
jliptzin 1336 days ago
How do you know the source code you’re looking at is for the same program you downloaded from the App Store? Does apple publish a checksum of software you’re installing?
link
gaius_baltar 1336 days ago
> Does apple publish a checksum of software you’re installing?

Reproducible builds: https://github.com/signalapp/Signal-Android/tree/main/reprod...

link
skeaker 1336 days ago
This is a failure of Apple and their walled garden, not of Signal. If this is a concern to you, you either need to jailbreak or switch to a more free as in freedom platform.
link
palata 1335 days ago
Honestly, if it really mattered a lot to me (i.e. to my own security), I would compile Signal from source and install it on my device. Which I could not do with WhatsApp.
link
jliptzin 1335 days ago
True
link