Agree. To the OP and/or HN mods: please consider changing the link to the Signal server's public repo, which shows the last date on which the repo was updated: https://github.com/signalapp/Signal-Server
Im glad this is being discussed further. I had posted about this a lot.
People will say the clients are open source, it doesnt matter if the server code is not available because the clients share little meta data etc.
do you realize things like reactions etc. dont work with the version of the server on public github ?
It would be nice to be able to have feature parity on git vs prod so you can see to a greater extent what the server is doing vs today where its just a black box.
People have been asking moxie and the team about this for a while and the minute you bring it up silence. They dont like to talk about it all.
Doesnt help with their privacy and transparency message.
I don't see much to complain about it. Most if not all are small non-issues that I wouldn't blame the Signal devs for ignoring to focus on what they view as higher value features.
Signal is free, it's secure, and its source if freely available online. I don't see much to sharpen my pitchfork over in this case...
Given it's confirmed Signal production servers run features not seen in this repository, we can safely label Signal as a closed source application that happens to have an abandonware repository of old code.
No. The clients are open source, and (at least on Android) you are able to verify that the source on Github is the same that was used to compile the client on Google Play with reproducible builds [1].
And even if the servers turn out to be malicious, the clients are designed to expose as little metadata as possible with things like private contact discovery[2], sealed sender[3] and private groups[4]. It's not perfect, but the data a malicious server could collect is limited.
They control the only allowed client binaries and don't let others compile and distribute them.
Those binaries have complete control of your keys.
If they wanted to (or were forced to) release an update that bulk decrypted all messages or those of specific people and sent them to a random server somewhere... They totally could, and likely not get caught until well after every target was exposed, if at all. Huge SPOF.
End to end encryption where only one party controls the software that controls both ends with no accountability is more marketing than security.
On a side note. Has anyone gotten the android client reproducible builds to work recently? I have been unsuccessful but have not spent much time figuring out whats broken so far.
Not liking what signal is becoming. I liked element but I didn't like the reliability of the apps. Are there any other alternatives besides XMPP+OMEMO/matrix for federated messages?
I honestly believe matrix will become the go to for (federated) messaging everywhere. The element client has much improved and matrix is continuing to get better.
Element is my only messaging client and I don't really understand the "reliability" comments.
Sure it has momentary downtime with the official matrix.org servers for maybe a minute but this is why we should pursue setting up smaller servers for our social groups in the long run.
I can't think of anything as unreliable as the multiple days of downtime Signal had.
I'd love to know what reliability metric you're going by, and which platform (Element Web/Desktop, iOS & Android are entirely different codebases). We're currently working hard on Element's UX, but it's always a bit unclear whether complaints like this refer to crashes, or UX papercuts (e.g. the cross-signing UX on login), or performance, or something else.
[+] [-] binarymax|5 years ago|reply
That being said it would be nice to hear why this is the case. It may be a misunderstanding.
[+] [-] cs702|5 years ago|reply
[+] [-] hpb42|5 years ago|reply
[+] [-] bilal4hmed|5 years ago|reply
People will say the clients are open source, it doesnt matter if the server code is not available because the clients share little meta data etc.
do you realize things like reactions etc. dont work with the version of the server on public github ?
It would be nice to be able to have feature parity on git vs prod so you can see to a greater extent what the server is doing vs today where its just a black box.
People have been asking moxie and the team about this for a while and the minute you bring it up silence. They dont like to talk about it all.
Doesnt help with their privacy and transparency message.
[+] [-] blueplanet200|5 years ago|reply
Have a look at the PRs that are have been opened (that have or have not been merged): https://github.com/signalapp/Signal-Server/pulls?q=is%3Apr
I don't see much to complain about it. Most if not all are small non-issues that I wouldn't blame the Signal devs for ignoring to focus on what they view as higher value features.
Signal is free, it's secure, and its source if freely available online. I don't see much to sharpen my pitchfork over in this case...
[+] [-] 0xy|5 years ago|reply
[+] [-] mikece|5 years ago|reply
[+] [-] mfwoods|5 years ago|reply
And even if the servers turn out to be malicious, the clients are designed to expose as little metadata as possible with things like private contact discovery[2], sealed sender[3] and private groups[4]. It's not perfect, but the data a malicious server could collect is limited.
[1] https://github.com/signalapp/Signal-Android/tree/master/repr...
[2] https://signal.org/blog/private-contact-discovery/
[3] https://signal.org/blog/sealed-sender/
[4] https://signal.org/blog/signal-private-group-system/
[+] [-] lrvick|5 years ago|reply
Those binaries have complete control of your keys.
If they wanted to (or were forced to) release an update that bulk decrypted all messages or those of specific people and sent them to a random server somewhere... They totally could, and likely not get caught until well after every target was exposed, if at all. Huge SPOF.
End to end encryption where only one party controls the software that controls both ends with no accountability is more marketing than security.
[+] [-] doomrobo|5 years ago|reply
[+] [-] Tajnymag|5 years ago|reply
[+] [-] sschueller|5 years ago|reply
[+] [-] gramakri|5 years ago|reply
[+] [-] bilal4hmed|5 years ago|reply
https://community.signalusers.org/c/development/server-devel...
[+] [-] sodality2|5 years ago|reply
[+] [-] banger180|5 years ago|reply
[+] [-] lrvick|5 years ago|reply
Sure it has momentary downtime with the official matrix.org servers for maybe a minute but this is why we should pursue setting up smaller servers for our social groups in the long run.
I can't think of anything as unreliable as the multiple days of downtime Signal had.
[+] [-] Arathorn|5 years ago|reply