• slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    63
    ·
    6 months ago

    This whole article is an advert for this companies own new secure messenger because…

    Why Would We Stop Using Signal?

    We had a security breach of some root keys for a legacy chat server we were running and it got attacked and destroyed. It was too hard to restore after the attack and was abandoned. We tracked down the data leak to Signal, as the engineers had used Signal to send these keys between themselves.

    Human error. Why are you allowing private keys on untrusted devices?

    • PotatoesFall
      link
      fedilink
      arrow-up
      25
      ·
      6 months ago

      The next sentence is the most important:

      However, you can never be 100% sure and after the fact it’s impossible to prove with certainty that was the cause….but it made us wonder.

      lol

  • swooosh@lemmy.world
    link
    fedilink
    arrow-up
    39
    arrow-down
    3
    ·
    6 months ago

    Who are the donors? Signal costs a lot of money to operate. Who gave it the funds to operate?

    If you don’t know that, maybe you should start researching before writing a blog post. I’m not doing that part for you because you were to lazy/dumb.

  • Max-P@lemmy.max-p.me
    link
    fedilink
    arrow-up
    30
    arrow-down
    1
    ·
    6 months ago

    That’s a hell of a lot of massively unsubstantiated claims and paranoia.

    It’s end to end encrypted, that it’s hosted on AWS or who funded the project doesn’t matter. The encryption is open-source and auditable (and has been audited as well). It doesn’t even know who talks to who. For notifications, it’s decrypted locally on the device by Signal, and can be turned off. It’s also encrypted in transit on top of the E2E so only Signal servers can decrypt the little metadata there is, not everyone on the network.

    And none of this is confidence inspiring about their own service. It’s 2024, how the fuck isn’t rebuilding their compromised server not a single command away, and why are they even attempting to fix it in the first place? Why do they even have access to the server at all?

    Absolutely zero credibility. None.

  • Eager Eagle@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    edit-2
    6 months ago

    It turns out that startup funding for Signal was from a US Government tied entity. Some people won’t like that. Here’s an interesting article: Signal Facing Collapse After CIA Cuts Funding

    Someone already commented on the “nothing-burger” this article and line of reasoning actually is, so I won’t repeat it here.

    $19m / 50 = $380,000 per year per employee!!!

    This $19M figure includes more things. That’s why a blog post shouldn’t be read as an accounting report. Report summaries with salary figures are available btw, one search away.

    The infrastructure was not designed to minimize the cost of operations, it was designed for another purpose, data collection by third parties:

    The quoted text is not evidence for this. Quite the opposite, in fact.

    Elon Musk also promotes Signal:

    He promotes Linux too. Also, I bet he drinks water.

    I see some valid concerns / questions, but it’s immersed in a muddy water of arguments that is hard to disentangle.

  • RmDebArc_5@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    edit-2
    6 months ago

    So the solution for signals problems is a matrix based app that doesn’t even have passcode rekeying? Also it seems like the source code of the app isn’t available and they literally advertise that they will hand over to the government on request

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    8
    ·
    6 months ago

    I mean, they’re trying to sell a service but at the same time they aren’t wrong about the rest.