We build Signal in the open, with publicly available source code for our applications and servers. To keep Signal a free global communication service without spam, we must depart from our totally-open posture and develop one piece of the server in private: a system for detecting and disrupting spam campaigns. Unlike encryption protocols, which are designed to be provably secure even if everyone knows how they work, spam detection is an ongoing chore for which there is no concrete resolution and for which transparency is a major disadvantage.

  • CHEF-KOCH@lemmy.ml
    11·
    3 years ago

    After days, you still do not let it go, quote everything to make a clusterf. out of it as I or others are not capable of understanding what you say. Do you quote the previous sentence in real life and then answer his question, no because it makes things worse.

    • Please always read everything and not only parts what you want to support because you are based.
    • Of course you can verify code on the server if you self-host it, again the instructions are given. If you love signal that much and you have an userbase with 1000+ people, you go through the hassle and self-host it. The degoogle people do that all the time across multiple platforms, session and whatnot. For some platform it is more effort than for others, point granted, but everything is possible.
    • You are here on lemmy, lemmy is FOSS oriented so yes for people here it is dead. Same like Facebook or you argue we shall continue supporting them because there are people. Stop defending dead systems. The Signal Team was not transparent on important things and this alone is a factor to not support or use their stuff. Period.
    • Your argument that modifications can or will happen, is pointless. Signal already did change something in the past on the server code. They even notified users of it with a blog post. This is part of how they work. Again, the normal user will so or so not able to verify it even if they release the source code or even show what exactly they changed with insights and links to their servers because this is beyond most people skills.

    Going by that logic you wouldn’t use anything because there is always some alternative. Why are you on Lemmy when Postmill is alternative? Why would you use Postmill if Lemmy is an alternative? People are using whatever fits their threat model and this is the part that you refuse to understand for some unknown reason.

    Yes there is always another alternative and there always will be, this is a good thing and not a bad. You ditch stuff the moment it is dead and move on, that is how the internet works. Otherwise, use existing alternative that exist since years, it is called XMPP. I am also btw. on Postmill and some other platforms. I am just not as active over there as I am on e.g. Reddit, Lemmy etc. But you compare now platforms in general to messenger apps who are mostly designed to deliver private stuff while as public forums are not private at all because everyone can read your stuff, so the attempt to make your point failed here. If I hear stuff like threat model, really … cringe man… The normal user gives a shit about wasting his time reviewing some security models.

    You contradict yourself a lot btw on one side you say decentralized is what people use yet you argue with me about that signal is okay to use, it is not.

    I don’t know where did you get that 90% from but IMO people shouldn’t trust them at all and should use decentralized platforms instead.

    I assume you do not use Signal here and defend a product which is from community standpoint dead.

    Now let it go and stop quoting every line it makes things worse, third time I say this…