A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 3.11K Posts
- 78K Comments
- Modlog
I’m always amazed how people come out of the woodwork to defend Signal any time any criticism of it comes up. It’s become a sacred cow that cannot be questioned. Whatever you may think of Telegram should bear zero weight on your views of Signal.
The reality is that developers of Signal have close ties to US security agencies. It’s a centralized app hosted in US and subject to US laws. It’s been forcing people to use their phone numbers to register, and this creates a graph of real world contacts people have. This alone is terrible from security/privacy perspective. It doesn’t have reproducible builds on iOS, which means you have no guarantee regarding what you’re actually running. These are just a handful of things that are publicly known.
And then we know stuff like this happens. NSA suggested using specific numbers for encryption that it knew how to factor quickly. The algorithm itself was secure, but the specific configuration of how the algorithm was implemented allowed for the exploit https://thehackernews.com/2015/10/nsa-crack-encryption.html
These kinds of backdoors are very difficult to audit for because if you don’t know what to look for then you won’t have any reason to suspect a particular configuration to be malicious. Given the relationship between people working on Signal and US government, this is a real concern.
The same kind of scrutiny people apply to Telegram and other messaging apps should absolutely be applied to Signal as well.
I’d just like to add that you can use a temporary phone number service to sign up to Signal as you only need a phone number to register, not to actually use Signal.