I would like to express concern about the future of the Signal messenger. Although Signal currently has a significantly smaller audience than WhatsApp, there are existential risks associated with the messenger covering a larger number of users. Is it rational to say that the goal of this messenger is to be used by the largest number of users, so let’s assume for a moment that Signal was able to achieve its mission and most WhatsApp users switched to Signal - I know this is right now unrealistic, but even 30% of users would be an enormous, huge number. Thus, what is the future of the messenger when it starts organizing communications for 1 billion users worldwide?
Would it be rational to assume that counterintelligence forces and special police will send their agents to the organization as undercover workers to sabotage the work and embed backdoors during companies in the context of company growth and staff expansion in this scenario? The question is rhetorical.
I would like to hear the response of the company’s president to this existential threat, and to thank for their work.
Signal Foundation is a nonprofit in California, and they are the ones that operate the relays and maintain the FOSS app. Since they’re a regular 501©3 and not a religious org, you can look into how their money is spent (to see if it’s going to any suspicious recipients) and whether they’re getting suspiciously large sums of money.
On top of that, they don’t have access to the communication data itself. It’s all E2EE, and the app being FOSS means you can inspect how that data is encrypted and sent (and even build your own from source, if you’re paranoid). Even if they’re unknowingly hiring covert bad actors, it’s unlikely their activities would stay hidden for long.
So while it’s certainly a concern that it’s still centralized messaging, it’s probably one of the best options due to the easy access for most people. Other than a billionaire buyout or government laws that force backdoors into encryption, the only real existential threat they currently face is operation costs. They were fortunate to have wealthy philanthropists in the beginning, but if they have an explosion in users (unlikely), it might bring the organization to its knees.
I don’t find your particular scenario to be worrisome. And if it turns out that it’s compromised in the future, there’s other good apps out there, like SimpleX.
There’s also XMPP(on which whatsapp is based on), it’s quite good with OMEMO.
Yep, and I think there’s a third option that I can’t recall at the moment (not Matrix), but no matter what, there’s alternatives that work and could be made to fit people’s chat needs.
Hi, what about gnu linux xz utils backoor scenario? Also is there any regular auditing of signal by third party auditing company?
About simplex its not allowed in my threat model, I will rather use pure xmpp protocol with omem as an alternative.
Why not simplex?
This was caught by the community thanks to it being FOSS, and it was somewhat distinct from the scenario we’re talking about here, since the repository was wholly taken over by a bad actor who tricked the original (burnt out) maintainer to hand over the repo.
Could a bad actor get their claws in and take over the repo? Possibly, but given the fact that it’s maintained by a foundation with lots of devs and not just one thankless hobbyist, that likelihood is probably small.
Regular? I don’t know. They have been audited, iirc, and they have received numerous legal requests to turn over data to courts, to which they’ve been able to reply “what data?” Bear in mind that they would almost certainly not do this if it meant jeopardizing their entire business. No business is going to go to jail for us, after all.
You do what you feel is appropriate for your threat model, but as far as general threats to privacy or Signal’s existence go, I’m not currently concerned about their future.
Hi, I think you not really understood threat that I published -undercover agents -developers that will apply for the job at signal and receive it, and they will do their backdoor without Signal foundation knowing,its obvious. About audites that you mentioned - could you provide some link to it?