#asknostr
How do you feel about signal messenger?
Do you belive it is truly end to end encrypted. Can I fully trust it for privacy and security?
How would one know?
Discussion
I've been using it for 10 years. It seems good.
This is what nostr:nprofile1qqst4agdxhnwgvx83m9hjh9lz08pykgdxawtgjgycmwe667h6hmm4xcpz4mhxue69uhhyetvv9ujumt0wd68ytnsw43qmqwtkm is for
Is it easy to get "normies" on to it?
Not hard at all.
No it isn’t to get them on simplex. That’s the tradeoff. Signal is very easy to onboard normies to. And it’s pretty good and secure. The CEO is based. The only problem is you need a phone number to make an account. But after you make the account, you can hide your phone number in the settings and connect using usernames only. Simplex is a little buggy and it’s newer so hasn’t been tested completely. For normies, I’d still say signal is the best choice and is a huge improvement over iMessage, WhatsApp, or messenger.
That makes sense. I have been using signal and it has been pretty easy to get others on there. People seem to be aware that WhatsApp and the like are spying on them. This question came up because the men's group I started is using signal currently and I am wondering if it is a good long term solution.
I think signal is great. There are interviews of government puppets pressuring the CEO to give backdoor access to signal user data and she pushes back consistently. She’s handling the pressure well and I believe she has stated she’d remove her app from certain countries before compromising user accounts.
using tiny Lokinet and non verifiable chat signature? worse alternative
I don't know what that stuff is. Are you saying simplex is a worse alternative to signal?
I d recommend Signal to newbies and people who switch from Whatsapp.
SimpleX imho is still too small and has no real security/privacy improvement
Thanks for the input. I am not super technical and I want to use decent tools.
The thing is that there is no perfect solution, there is no absolute privacy, there is no absolute security.
Privacy and security sometimes even exclude each other.
It all depends on your grade of paranoia. Ending up like #Snowden, solding your GSM/Wifi chip off your devices makes sense but on the other hand it makes your daily driver devices practically unusable.
Absolute privacy > pseudo-priavcy
I don't think you can ever fully trust any app, especially If they use phone numbers for login. But signal is quite safe, even if someone would spoof your phone number, they don't see your chat history. One must become a programer and inspect the code to know for sure 😅
I am logged in with a burner number. I do have a sim card. Only on wifi can you reach me. Feels pretty secure.
Any app that says it's end to end encrypted is lying. End to end encryption means the encryption keys don't exist anywhere except the endpoints. An app can't ensure that at all, it needs hardware to run on.
Signal is good, but not perfect.
Clearnet possible, centralized US server, fone number registration. BUT: its encryption is state of the art, open source also.
You might consider
- using burner SIM number
- using over Tor
- using the hardened Signal Fork #Molly
The last but most important:
No matter what encryption or what app in general you use (hi to the #SimpleX fanboys!) you use:
- if you download your app from an app store like Google or Apple, your app should be considered to be compromised.
- if you use iPhone or regular Google Android you are compromised
- if you use a custom ROM like #GrapheneOS and you are a person of interest for 3 letter agencies: They tap your fone by your closed source broadband chip that is maintained remotely by your telefone carrier. ANY OS on your fone is just a guest system.
The short version is, unless your threat model is very different to most people, you're probably quite safe.