Several countries have recently blocked Signal, leaving their residents without a trusted and safe place to communicate. To help in this situation, Signal provides a built-in censorship circumvention feature and also includes support for a simple TLS proxy that can bypass these blocks in many cir...
Personally since I read this, I stopped recommending Signal. In this article among other things they say:
I also saw a video where Moxie was a speaker defending centralization not only for Signal, in general, and I don’t agree with this approach. (I think it was this one 36c3 Moxie Marlinspike: The ecosystem is moving)
I see where this is coming from and I personally prefer Matrix because of that but I must recognize that while I disagree with Moxie on some things he has a more pragmatic approach that has merits and probably has this position for good reasons that do not come from an evil/corporate plan. He wants people to use secure communication and he proposes compromises between security and ease of use (without which no one will switch, making general communication worse).
I still recommend Signal. To my geekier friends I recommend Matrix. But all in all, I consider Signal is still fighting the good fight.
Moxie isn’t involved in Signal decisions day to day, he resigned in 2022.
TIL. Thanks!
I agree with you but I think that signal was built as to not trust the server either way.
That’s what they like you to think yes. But it is only the message content and not the various forms of metadata that is protected by their encryption scheme.
It’s also the metadata. Profile and contact discovery is also private. I don’t think they have anything except your IP.
Seal sender is a nice idea, but since you can easily run timing attacks on centralised infrastructure it is pointless for Signal, or rather you have to trust them that their infrastructure is not compromised.
They also store device ids for push notifications via Google/Apple.