this post was submitted on 10 Nov 2023
110 points (93.0% liked)
Technology
59114 readers
3607 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
All the personal information you mentioned should be hashed or encrypted. For any given phone number, see how little information they have: just an account creation timestamp and a last access timestamp.
There's so much FUD about Signal it's ridiculous. I'm starting to believe those glowie memes are true it's just the "lol like I'd ever trust Signal!!!" folks who I think might be the glowies. 🫣🫣🫣
spoiler
(No I don't actually believe they're glowies lol).My main complaint is that they officially prohibit 3rd party clients including 3rd party builds of their official ones. They also don’t have reproducible builds for their clients. It leaves the door wide open for inserting some telemetry via an update to completely bypass their otherwise good encryption and (lack of) data retention.
Would allowing third parties access to their server API just cause spammers to flood signal users.
They can already do that. You can make custom clients that pretend to be the real one, it’s just against their terms of service. Spammers generally don’t care about the ToS though, so it’s just legitimate users that are affected.