Nowadays, a majority of apps require you to sign up with your email or even worse your phone number. If you have a phone number attached to your name, meaning you went to a cell service/phone provider, and you gave them your ID, then no matter what app you use, no matter how private it says it is, it is not private. There is NO exception to this. Your identity is instantly tied to that account.
Signal is not private. I recommend Simplex or another peer to peer onion messaging app. They don’t require email or phone number. So as long as you protect your IP you are anonymous
You are very naive if you think that a company located un the US can provide an encrypted messaging service that can be used by anyone including terrorists, druglords and US enemies without the government being able to access the messages. Lavabit was a famous case and had to shutdown because its founder rejected to comply with an order from the US government to grant access to information. If you are using centralized communication service located in the US forget about privacy.
”Lavabit is believed to be the first technology firm that has chosen to suspend or shut down its operation rather than comply with an order from the United States government to reveal information or grant access to information.[3] Silent Circle, an encrypted email, mobile video and voice service provider, followed the example of Lavabit by discontinuing its encrypted email services.[25] Citing the impossibility of being able to maintain the confidentiality of its customers’ emails should it be served with government orders, Silent Circle permanently erased the encryption keys that allowed access to emails stored or transmitted by its service.[26]"
“Levison (founder) explained he was under a gag order and that he was legally unable to explain to the public why he ended the service.[21]”
Since when is encryption dependent on the service’s jurisdiction? When Signal has got subpoenaed it has always been incapable of providing data that involves the content of the conversation https://signal.org/bigbrother/
The app is also open source with reproducible builds (and you can use Molly instead, if you prefer) and when the clients of an end-to-end encrypted system are sound, that is all that matters to secure the content of the communication.
Audits are also performed as listed here https://community.signalusers.org/t/overview-of-third-party-security-audits/13243
I don’t understand where this doomerism comes from tbh, (online) privacy will cease to exist when either maths does or it becomes globally illegal to use encryption and the government’s intrusion is really so pervasive that they constantly know what you’re doing. Luckily we don’t yet live in that world, though the pressure is real and we are the first that have to fight for this basic human right
https://en.wikipedia.org/wiki/Tor_(network)#History
The US has a law that applies to any US company operating within its borders: it is illegal to tell your users that the US government has asked your company to spy on their behalf. This is called a key disclosure law, and the US’s version of it, called National Security Letters, underwent an expansion with the PATRIOT act; by 2013, President Obama’s Intelligence Review Group reported issuing on average, nearly 60 NSLs every day.
Companies that don’t comply with this law are forced to shut themselves down, or remain open, and grant access to user communications to the US government. The Signal foundation is a US domiciled company and must comply with this law without being able to disclose that they have been issued an NSL letter.
Comply with the government order of granting access to messages or shut down implies that we are already in that world, long ago. What makes you think that what happened to Lavavit and Silent Circle would not happen to Signal? Only wishfull thinking can make you think that, evidence tells you otherwise.
Ok government here are the messages i’m legally required to provide you.
If it’s so easy why Lavabit and Silent Circle had to shutdown?
Do you understand what encryption means? Genuine question.
If a company is compelled to spy on its users, it doesn’t mean hack them. (although perhaps there are same edge cases where you have to wonder the exact definition of hacking)