That article in Signal is bogus. It is entirely based on speculation from how funding comes in, and also either ignores, or misunderstands how Signal fundamentally works.
The EFF recommends Signal, and it’s one of the most secure ways to communicate.
https://ssd.eff.org/module/how-to-use-signal
You can make your own decisions, but if you just grab any random arguments, you’ll find a reason to doubt everything.
https://community.signalusers.org/t/overview-of-third-party-security-audits/13243
https://freedom.press/newsletter/crossfire-over-messaging-security/
https://freedom.press/training/locking-down-signal/
You don’t have to take Signal’s word for it, because it’s been audited. The EFF, who are VERY privacy minded, and do extensive research into this type of thing, recommends Signal because it’s known to be secure.
I fight for privacy to protect myself.
Now, what am I protecting myself from? I don’t think anyone is going to come arrest me for what I do. I don’t think any big companies are going to leak my data and embarrass me. I don’t think anyone is going to compromise my bank and drain my funds.
I am protecting myself from being influenced by advertising and targeted news.
I am protecting my thoughts and feelings, because in the end, that’s all that really matters. I don’t want to need the next toy, or jump on a bandwagon. I don’t want to see advertising and I don’t want a carefully crafted worldview pushed on me.
I’m currently looking at setting up Reolink cameras on a homeassistant setup.
Not sure if it perfectly meets your requirements, but it should be ad free and closed system.
A ton of these requirements are due to regulatory requirements for securing access to accounts at the state and/or federal level.
Requirements are then interpreted by each financial institution and implemented by different teams. It’s most likely due to the fact that a desktop is assumed to be more likely to be a shared device, while a phone/tablet is most likely to be a personal device, which is password/bio-metrics protected.
As for security around a browser: if you look at how phishing/hacking attacks happen on a desktop computer, if you can be tricked into launching an virus, it can copy all of your browser cookies and login sessions to the attacker, then they can duplicate your browser session. If you have an unlimited login for a financial institution, then they now have a logged in session for your bank.
https://www.reliaquest.com/blog/browser-credential-dumping/
So if you add up all that, then they’re more likely to allow long term login sessions on an application that they control than on a desktop/web browser that they don’t.
Logarithms…