https://www.city-journal.org/article/signals-katherine-maher-problem
U.S.-supported Color Revolutions abroad.
This is 100% Russian propaganda language and the whole article is built on this narrative 🤮
The problem is that the article does not point to any specific surveillance or backdoor issues in Signal code which, as we all know, is open-source. It does not even point to any specific legal or organisational issues which could lead to tampering the software. And because the author does not have any such arguments, the whole premise of the article is built on top “look, she worked there” and the rest is left to the reader and their personal paranoias 🤷
And these references to “regime changes” and “color revolutions” only confirm author’s own political bias and highly insulting to everyone in these countries where people fought for their own freedom.
Adding Durov’s quote on top of that is rather ironic, as the messenger is known to cooperate with FSB requests and completely opaque as it comes to its operations and server-side code.
[Telegram] is known to cooperate with FSB requests
Source?
@Hyolobrika @kravietz @feld
Not what you ask for, but my reason not to trust it:
https://social.librem.one/@m0xee/112529843691683740
No hard proof, it's only indirect, but after that PR-stunt campaign of attempting to block it and failing to do so, Telegram is one IM that I, being Russian, trust the least.
https://gist.github.com/soatok/8aef6f67fec9c702f510ee24d19ef92b?permalink_comment_id=5058644
@feld
Yes, I'm aware of presence leak in multi-user rooms, I think this existed for years — would be great if they fixed that, but I'm not really concerned as I'm not using them 🤷
I ask because you can easily "upgrade" a two-person room to a multi-person room.
@Hyolobrika @feld
They are, but whom would it leak the status to in this case? There is your server and the server the other party is on — both are already aware of your presence 😆
The way I understand it, it sends out your status to all participants of group chats even to the sessions that no one verified explicitly or implicitly — if one of the participants is compromised, it could be used to track when you go online.
@Hyolobrika @feld
The problem was already blown out of proportion as it is, but in case with 1 on 1 chats it's not even relevant.
Besides, I think they have already implemented a "sort of" fix for that: "Never send encrypted messages to unverified sessions in this room from this session" in room settings is just that, but it's not perfect as you have to enable it for each of your sessions individually.
Or is the problem that notifications are being sent automatically without the user's knowledge?
@Hyolobrika @kravietz @feld
To be fair — I don't trust Signal either, anything that uses phone numbers is a hard pass in my book as I can never trust cell carrier in Russia.
But double-ratchet that was pioneered in Signal was adopted in Matrix, XMPP with OMEMO and plethora of other messengers, there is no reason to use Signal itself 🤷