Signal [Was:] Re: Encrypt files on Linux, decrypt on Windows
On Sun, 23 Aug 2020 14:03:21 +0300
Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> On Vi, 21 aug 20, 13:07:56, Charles Curley wrote:
> > On Fri, 21 Aug 2020 13:31:00 -0500
> > Paul Johnson <baloo@ursamundi.org> wrote:
> >
> > > GnuPG. It's in Debian, there's Windows versions on its website, and
> > > it's not some mystery box like Signal.
> >
> > ++
> >
> > It also has the advantage that the cryptext will stay encrypted on any
> > intermediate servers. WhatsApp and Signal claim their traffic is, but
> > one must take their word for it.
>
> Signal is free and open source software.
>
> Please do feel free to inspect the source code for potential back doors
> or vulnerabilities.
I do use Signal on mobile, and I want to like it, but there are a few
things about it that just really bother me (these may not be relevant
to the OPs situation):
1) The requirement of associating accounts with (real, working) phone
numbers.
2) The (current) refusal [1] to provide an option to export messages
into a format easily accessible by the user. (I know, I can read and
try to understand Signal's code, and then write my own decryptor -
thanks, Signal).
3) The strong encouragement of the use of Google's Play Store to install
the mobile app, and the strong discouragement of other, FLOSS
compatible, methods of installation. [2]
Discussion of these and many other issues with Signal: [3]
I'm just a user, and not a very advanced one at that, but I can't get
away from the feeling that Signal is somewhat user-hostile, with an
attitude of "Trust us - Moxie is a legend, our code is great (and
FLOSS), and we really care." All true, to be sure, but still.
[1] https://github.com/signalapp/Signal-Android/issues/7586
[2] https://signal.org/android/apk/
[3] https://github.com/privacytools/privacytools.io/issues/779
Celejar
Reply to: