There are so many great reasons to be on Signal. Now including the opportunity for the vice president of the United States of America to randomly add you to a group chat for coordination of sensitive military operations. Don’t sleep on this opportunity…
Editing to add the link to the messages: https://archive.is/2025.03.26-131842/https://www.theatlantic.com/politics/archive/2025/03/signal-group-chat-attack-plans-hegseth-goldberg/682176
Remember kids, if someone makes a centralized app or messaging claiming to be a savior of privacy and security, you should be skeptical of them and their integrity. Really you should be skeptical of anyone making grand promises of privacy and security, especially boastful ones. Though decentralized services are less risky than centralized ones, and that’s why I recommend people use Matrix instead of Signal.
Matrix still has problems but it being decentralized eliminates many of the corruption issues by simply using a server not affiliated with the creators.
Matrix shares metadata in plaintext with every participating server: who talks to who, when and how often.
…if someone makes [an]
centralizedapp or messaging claiming to be a savior of privacy and security, you should be skeptical of them and their integrity.True, but that doesn’t mean you stop there, otherwise it’s just reactionism. You can literally go and inspect the Signal code, compile the client yourself, and use it. You can verify that the E2EE claims are correct and that Signal can’t decrypt messages it relays.
The only thing you can’t know with 100% certainty is whether they’re storing encrypted messages or not. You can look at their track record. You can look at how they spend their money. But you can’t know that one thing.
However, Matrix instances may store encrypted messages. Just because it’s federated doesn’t mean it’s therefore more private; it’s just resistant to capitalist fuckery. You have to look at the entire implementation, and that becomes difficult when the way in which instances participate is voluntary, not mandatory.
I agree that people should be skeptical, but skepticism is a verification philosophy, not the act of simply rejecting claims.
I think the story of Whatsapp should’ve taught people that capitalist fuckery and living long enough to become the villain are bigger threats than people give credit for, and Signal is just as vulnerable to this as WhatsApp was. They’ve also fought against any ways that it could be mitigated, they fought and are still fighting unofficial clients (moxie himself went around harassing people to stop), they fought any form of decentralization or interoperability with other servers and self-hosting.
All things that could make signal a bit more resistant towards something like what happened with WhatsApp, yet they’ve all been rejected in favor of exclusive control on the app (and for a long time it was GMS tied on the PlayStore) and exclusive control of the the network. Two things that don’t exactly bode well for the future.
