People constantly ask why I refuse to use Signal.
I have been meaning to do a detailed write-up for this, however in researching for it I discovered this post which covers several of my biggest issues well.
1. Signal Foundation owns the only keys that sign the only client binaries allowed on their network, that in turn control they keys that encrypt all messages.
2. Signal Foundation owns the only keys that encrypt all metadata in a centralized and weak SGX enclave.
3. Signal Foundation owns the central network infra that has plaintext access to all TCP/IP metadata.
Those are pretty serious security and privacy issues.
What happens if someone at the foundation is pressured?
Welcome to mastodon.green This server is for people in Europe, but you can connect with friends on any Mastodon server in the world.