Privacy

35064 readers

500 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Why not to trust Signal (Blogpost from 2018) (drewdevault.com)

submitted 4 years ago* (last edited 4 years ago) by [email protected] to c/[email protected]

49 comments fedilink hide all child comments

Good summary of several red-flags in regards to using the Signal messenger.

Also interesting is this one.

Use a locally hosted XMPP with the Conversations client :)

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 4 years ago (1 children)

F-droid sign their releases themselves instead of letting the Signal Foundation sign them

they do sign releases themselves, however:

We also support reproducible builds, so we can build a version from source and check against your official release. If they match (ignoring the signature) we can then publish your official APK with your signature used. This is a tedious task, since we have to standardize on the build parameters and tools, but it should be worth it in the long run.

[–] [email protected] 6 points 4 years ago (1 children)

Interesting. This sounds like something custom made just to defuse Moxie's argument, yet Signal is still not on F-Droid, confirming that there are in reality other reasons.

[–] [email protected] 1 points 4 years ago

probably has something to do with this:

We can try to reproduce your APK, as mentioned above, but if this fails (or e.g. when you want to distribute an app with closed-source components or API keys etc.)

apparently signal checks for play services even when you download the .apk from their site