Cerques recents
Opcions de cerca
Administrat per:
I use #Signal not because I have something to hide, I use #SignalApp because it's none of your* damn business what I talk about with friends and family :)
* "your" can be governments, adversaries, stalkers or any other people/groups I have decided that I don't want to interact with.
(and, as always, the first comment tries to convince you to use something else instead of Signal. That's unfortunately just the way this thing here works as #Mastodon refuses to implement ways to manage replies.)
@jwildeboer even better (better meaning the server is not a closed thing), try Delta Chat.
@spla why do people like you always have to abuse my posts to promote their solution? And no, an open source server is not inherently "better" as it allows to be run by an adversary who can manipulate said server to collect more data. Or be run by someone who forgets to update in a timely matter. Etc.
@spla@mastodont.cat@jwildeboer because is a good advice, believe me. You don't know what happens into Signal server.
@spla I will not go into the "discussion" you want to push me. I trust the Signal ecosystem far more than your alternative. That's my decision and my freedom. Have a nice day!
@jwildeboer ok, you too!
@ujay68 I know what happen in Delta Chat servers because is free software, everybody can take a look.
@spla @patrizia @ujay68 If we want to make these tools for regular people to use, we need to stop reflexively assuming that self hosting is a viable option.
Yes, I need to trust Signal (to a limited extent, their design gives me some pretty strong guarantees on its own). But I'll take it if it means I can easily onboard non-technical folks.
@StryderNotavi @spla @patrizia @ujay68 The reason why you need to concern yourself with what and how the server does anything is because DeltaChat has much weaker security guarantees than signal, so having a trustworthy server is actually important.
Therefore, use #signal
@patrizia It is possible, to some extent. Signal uses a kind of reverse DRM so that the client can verify the server’s code hasn’t been tampered with. You can find more technical information on Signal’s blog.
because is free software
So is the Signal server: https://github.com/signalapp/Signal-Server
Licensed under the AGPLv3.
@Andromxda
This code depends on Amazon DynamoDB (for the database) and Amazon Simple Queue Service (for message queues) which are proprietary services only available inside AWS. You cannot run this code outside of AWS.
spam-filter git submodule is also not available.
@spla
You don't know what happens into Signal server.
The server is open source, but yes, you are right, there's no way to verify if the code that's running on Signal infrastructure is actually the code that's published in the repo. But that's the case with EVERY server application that has ever been created. Including Delta Chat's chatmail or the Email fallback mechanism it includes. This is exactly why the Signal protocol and implementation in the official client apps is designed in a way that avoids putting trust in the server. The servers could literally be run by the NSA and it wouldn't matter. Stop spreading misinformation and giving people a false sense of security.