"Centralised messenger Signal has just announced that they are making part of their server software closed source. They claim it is to fight spam, but by using closed source they make it impossible for outsiders to verify the truth. This is worrying.
We really, really need a fully open, decentralised alternative to Signal.
There are several alternatives being developed, please support them:
➡️ @matrix
➡️ @delta
➡️ @briar
➡️ @Jami "
I don’t have a stake in this, but here’s my two cents:
It’s highly unlikely they have not updated their backend code for the whole year that their public repo was silent. By the definition of open source, if they made changes to their production codebase and did not disclose them, it means that said codebase was proprietary for that time.
This is especially true for Signal’s server, since it’s licensed under AGPL-3.0. For ANYONE else using the server code, modifying their production server and not disclosing it for a year is a direct violation of the license’s requirements and in the worst case could get them sued or the right to use the codebase revoked. The only reason that Signal themselves can get away with it is because they own the code so they’re not bound by the license terms, but that means they were explicitly acting outside the bounds of their very own open source project.