On its 10th anniversary, Signal’s president wants to remind you that the world’s most secure communications platform is a nonprofit. It’s free. It doesn’t track you or serve you ads. It pays its engineers very well. And it’s a go-to app for hundreds of millions of people.
I would disagree, this guy’s been finding issues and reporting them to Matrix for a while now and appears to find them every time he glances at the project.
Issues being found with technology is perfectly normal, and in fact contradicts your whole previous argument. People do find flaws, and then these flaws get fixed, and things get more secure in the process. That’s how things work. However, the key difference is that Matrix doesn’t harvest metadata like phone numbers by design while Signal does. That’s not a problem that has been identified but cannot be fixed because Signal is central server that’s controlled by a US company.
I agree! Trust the countless researchers, security and cryptography experts.
I love how I’ve addressed this numerous times but you’re still unable to understand the difference. Trusting that the protocol works correctly is different from trusting people operating a server. Clearly this is a concept that is beyond your comprehension.
Matrix doesn’t harvest metadata like phone numbers by design while Signal does.
You’re right, Matrix doesn’t ask for a phone number but it damn sure leaks metadata like a sieve. Unless things have significantly changed in the last year, here’s a list of things Matrix can see about you in an encrypted room, that an app like Signal cannot:
Your content
Your username
Your display name
Your avatar
Your rank within the room (admin, moderator, etc)
The Sent date of every message
A link to every message you responded to (the contents of which are encrypted)
Every emoji reaction you send, and to which message
(If on your home server) your IP address
The room content
The room name
The room icon
The room description
The room membership
Your changes
The time and message ID of messages you edit
The time and message ID of messages you delete
A history of rank changes (promotions, demotions) and who changes your rank
A history of things you do to other users, if appropriate
Room changes
Who enters the room and when
Who leaves the room and when
Who gets promoted/demoted and when
Changes to the room name, avatar, description, etc - when they happened-
I love how I’ve addressed this numerous times but you’re still unable to understand the difference. Trusting that the protocol works correctly is different from trusting people operating a server. Clearly this is a concept that is beyond your comprehension.
I clearly understand the difference, what you fail to address is that at the end of the day you are placing your trust in a third party, whether its the code, the protocols or a back-end server. Matrix removes the server if you host your own and never interact with other instances, but otherwise, you’re still trusting the code and the protocols and that - as I’ve pointed out above - that what you’re recommending isn’t already leaking tons of data. And don’t get it twisted, I’m ROOTING for Matrix, it just has a long way to go to address issues that Signal clearly identified early on would hold back the platform (federation + third party clients).
I know what you’re talking about but you don’t want to bring it up because its all tinfoil hat wearing flat-earth conspiracy theory web of poorly connected dots. Your response is the MAGA equivalent of “do your research”. I’ve done my research. The onus is on you to bring forth the evidence. To quote Carl Sagan, “Extraordinary claims require extraordinary evidence”. Don’t try and connect dots that don’t back up your claim and stand proud behind what’s at best poorly thought out misinformation.
You’re right, Matrix doesn’t ask for a phone number but it damn sure leaks metadata like a sieve. Unless things have significantly changed in the last year, here’s a list of things Matrix can see about you in an encrypted room, that an app like Signal cannot:
None of the thing you listed are personally identifying information. I have to ask at this point, do you even understand what personally identifiable information is?
I clearly understand the difference, what you fail to address is that at the end of the day you are placing your trust in a third party, whether its the code, the protocols or a back-end server.
If you can’t understand the fundamental difference between trusting that an algorithm is provably safe mathematically vs putting trust into some random people then it’s clear that a rational discussion is not possible with you.
I know what you’re talking about but you don’t want to bring it up because its all tinfoil hat wearing flat-earth conspiracy theory web of poorly connected dots.
Imagine saying that without a hint of irony after Snowden revelations. Either you’re a troll or the most gullible person to have ever walked this planet.
I’m going to stop replying to you here because I’ve said all there is to say on the issue and we’re just going in circles. I think that you understand the problems with Signal perfectly well, as will anybody reading this thread. It’s pretty clear that you’re intentionally trolling, and there’s no point continuing to engage with you. People can make their own mind whether they want to put their trust into a CIA outfit or not.
I’m going to stop replying to you here because I’ve said all there is to say on the issue and we’re just going in circles.
Same here, lets end this amicably and find common ground. I think we’re both pushing for what we believe is best in attempts to guide people towards a secure platform, can we both at least agree that SimpleX is superior under more threat models compared to other messengers, even if it does have a few UX issues it needs fix?
Issues being found with technology is perfectly normal, and in fact contradicts your whole previous argument. People do find flaws, and then these flaws get fixed, and things get more secure in the process. That’s how things work. However, the key difference is that Matrix doesn’t harvest metadata like phone numbers by design while Signal does. That’s not a problem that has been identified but cannot be fixed because Signal is central server that’s controlled by a US company.
I love how I’ve addressed this numerous times but you’re still unable to understand the difference. Trusting that the protocol works correctly is different from trusting people operating a server. Clearly this is a concept that is beyond your comprehension.
Maybe go read up on where Signal comes from instead of spending your time trolling here. http://surveillancevalley.com/blog/internet-privacy-funded-by-spies-cia
You’re right, Matrix doesn’t ask for a phone number but it damn sure leaks metadata like a sieve. Unless things have significantly changed in the last year, here’s a list of things Matrix can see about you in an encrypted room, that an app like Signal cannot:
I clearly understand the difference, what you fail to address is that at the end of the day you are placing your trust in a third party, whether its the code, the protocols or a back-end server. Matrix removes the server if you host your own and never interact with other instances, but otherwise, you’re still trusting the code and the protocols and that - as I’ve pointed out above - that what you’re recommending isn’t already leaking tons of data. And don’t get it twisted, I’m ROOTING for Matrix, it just has a long way to go to address issues that Signal clearly identified early on would hold back the platform (federation + third party clients).
I know what you’re talking about but you don’t want to bring it up because its all tinfoil hat wearing flat-earth conspiracy theory web of poorly connected dots. Your response is the MAGA equivalent of “do your research”. I’ve done my research. The onus is on you to bring forth the evidence. To quote Carl Sagan, “Extraordinary claims require extraordinary evidence”. Don’t try and connect dots that don’t back up your claim and stand proud behind what’s at best poorly thought out misinformation.
None of the thing you listed are personally identifying information. I have to ask at this point, do you even understand what personally identifiable information is?
If you can’t understand the fundamental difference between trusting that an algorithm is provably safe mathematically vs putting trust into some random people then it’s clear that a rational discussion is not possible with you.
Imagine saying that without a hint of irony after Snowden revelations. Either you’re a troll or the most gullible person to have ever walked this planet.
I’m going to stop replying to you here because I’ve said all there is to say on the issue and we’re just going in circles. I think that you understand the problems with Signal perfectly well, as will anybody reading this thread. It’s pretty clear that you’re intentionally trolling, and there’s no point continuing to engage with you. People can make their own mind whether they want to put their trust into a CIA outfit or not.
Funny enough, “Edward Snowden has reiterated his faith in the Signal app by saying that he uses it every day.” - published 2021.
Same here, lets end this amicably and find common ground. I think we’re both pushing for what we believe is best in attempts to guide people towards a secure platform, can we both at least agree that SimpleX is superior under more threat models compared to other messengers, even if it does have a few UX issues it needs fix?
I do think we can agree that SimpleX approach is the way to go long term. Cheers.