What Does It Mean to Be a Signal Competitor?
The article outlines criteria for messaging apps to compete with Signal, emphasizing open-source, end-to-end encryption, proper encryption implementation, key management, and privacy preservation as essential factors.
Read original article
The article discusses the criteria that a communication product must meet to be considered a competitor to Signal, a leading secure messaging app. The author emphasizes that any viable alternative must be open source and implement end-to-end encryption without any option for transmitting plaintext. This disqualifies many popular messaging apps, including Telegram and Matrix, from being considered true competitors. The author also highlights the importance of how encryption is implemented, suggesting that competitors should engage with cryptography auditing firms regularly. Additionally, the management of keys and the design of group messaging protocols are critical factors. The author warns against adding features that could compromise user privacy and stresses that Signal's focus on security is what sets it apart. Ultimately, the article argues that unless a messaging app meets these stringent criteria, it should not be recommended as an alternative to Signal.
- Signal sets the standard for secure messaging with its open-source and end-to-end encryption features.
- Many popular messaging apps, including Telegram and Matrix, do not meet the criteria to be considered Signal competitors.
- Proper encryption implementation and regular audits are essential for any messaging app aiming to compete with Signal.
- Key management and group messaging protocols are critical aspects of secure communication.
- Adding features that compromise privacy can disqualify an app from being a viable alternative to Signal.
Related
AT&T Breach Shows Why RCS Can't Be Trusted
The article criticizes AT&T data breach, questions RCS encryption, and advocates for secure messaging with end-to-end encryption. It discusses Apple's RCS support, law enforcement access concerns, and challenges in modern messaging platforms.
What Does It Mean to Be a Signal Competitor?
The article outlines criteria for messaging apps to compete with Signal, emphasizing open source, end-to-end encryption, and secure implementation. It warns against prioritizing features over user privacy and security.
Is Telegram really an encrypted messaging app?
Telegram lacks default end-to-end encryption, requiring users to manually activate "Secret Chats." This complicates privacy, as most messages may be visible to the service provider, misleading users about security.
9 commentsIt too has frequently prioritized features and usability over security. For example:
- Relying on SGX-based security for some of their features (e.g., gif search) while SGX has been thoroughly broken again and again
- Using phone numbers as account ids, which allows nation states to capture just one phone and immediately unmask the IRL identities of all other group chat members and contacts
Signal's authors have previously argued that it's better to give a some security to 100% of people than 100% of security to some people. Which is why they cooperated with WhatsApp on their encryption, or why they used phone numbers to ease adoption.
Matrix for example is doing exactly the same, just with a slightly different focus.
This narrow view of "Signal competitor" is more harmful than good.
It should even be a little more like WA because all said family use it with that pincode pop-up open... None of them understand it, and all of them expect to loose all their conversations when they loose their phone so who cares. For some I turned it off, but that should be easier. That said, I wish WA would have Signal's way of sending Gifs (or Jifs as some people call them).
I fully agree with this article by the way. Got my brother on Matrix and it was pain (he lost access quickly). I Started a Matrix group on fosdem, within a day people were complaining that I should turn of encryption because they had issues (from their own server probably), I never managed to do that... I love Matrix and use it a lot for communities, but Signal just works.
Basically I want the ship to be steered by someone who is maximally inoculated against selling out. Spending a decade of your life publicly railing against capitalism and sellouts, building a big community of active crusty friends who will call you out for turning evil, that’s valuable. It’s not perfect but I believe that it works better than various alternatives
moxies “bad business models create evil companies” thing resonates a lot also
https://github.com/LibreSignal/LibreSignal/issues/37#issueco...
Also how easy is it to run a custom Signal server?
Related
AT&T Breach Shows Why RCS Can't Be Trusted
The article criticizes AT&T data breach, questions RCS encryption, and advocates for secure messaging with end-to-end encryption. It discusses Apple's RCS support, law enforcement access concerns, and challenges in modern messaging platforms.
What Does It Mean to Be a Signal Competitor?
The article outlines criteria for messaging apps to compete with Signal, emphasizing open source, end-to-end encryption, and secure implementation. It warns against prioritizing features over user privacy and security.
Is Telegram really an encrypted messaging app?
Telegram lacks default end-to-end encryption, requiring users to manually activate "Secret Chats." This complicates privacy, as most messages may be visible to the service provider, misleading users about security.