How credible are the claims that Signal is compromised by the CIA? https://surveillancevalley.com/blog/government-backed-privacy-tools-are-not-going-to-protect-us-from-president-trump
@eiaine The article only implies "guilty by association", but doesn't raise any specifc technical concerns. Also no mention of how open source code can not only be audited but also forked.
I call bullshit on her conclusion:
"If they ever posed a threat to the United States — and to the corporate monopoly power that calls the shots here — their funding would be pulled and they would cease to exist"
@PaulTroon yasha is a dude :b
NSA hid a backdoor in RSA for many years. it's entirely speculative, but who knows.
and i agree that there's too much weight placed on the funding aspect. Signal needs a phone number to use the app, so Apple/Google could kill it by pulling it from the app stores, or cell provider could ban it.
@eiaine The phone # as your Signal ID is a problem for sure, but bootstrapping an alternative communication network is hard. Alternatives have barely any usage.
I would like to put a Signal fork in F-droid that removes the phone registration and the servers, which are a single point of failure (and maybe trust).
I wonder where I send my NSA grant application to fund this effort?
Bitcoin Maston Instance