Greetings!

A friend of mine wants to be more secure and private in light of recent events in the USA.

They originally told me they were going to use telegram, in which I explained how Telegram is considered compromised, and Signal is far more secure to use.

But they want more detailed explanations then what I provided verbally. Please help me explain things better to them! ✨

I am going to forward this thread to them, so they can see all your responses! And if you can, please cite!

Thank you! ✨

  • juli@lemmy.world
    41·
    19 hours ago

    This entire article is guessing at hypothetical backdoors. Its like saying that AES is backdoored because the US government chose it as the standard defacto symmetrical encryption.

    There is no proof that Signal has done anything nefarious at all.

    As an outsider, I mean isn’t that the same for news coverage for chinese/russian backdoors, but everyone believes it without any proof.

    Why is US company being a US honeypot a big surprise, and its government recommending it not a big red flag? but it is when China recommends wechat? Can’t we be critical and suspicious of both authoritarian countries?

    Do you have access to Signal servers to verify your claims by any chance? Afaik their servers are running modified codebase, and third party apps cannot use them. So how do you claim anything that goes behind closed doors at all? Genuinel curious.

    • patatahooligan@lemmy.world
      21·
      13 hours ago

      Do you have access to Signal servers to verify your claims by any chance?

      That’s not how it works. The signal protocol is designed in a way that the server can’t have access to your message contents if the client encrypts them properly. You’re supposed to assume the server might be compromised at any time. The parts you actually need to verify for safe communication are:

      • the code running on your device
      • the public key of your intended recipient