I heard a rumor it may have been compromised or is a Honey Pot. Anyone have any real info on this? Any inside info that it is legit? I have been using it for years among my inner circle of friends. I find that videos and memes go through to them without any issue, but folks without it don't receive some of the texts. This may be a problem with the app, but other folks without signal get it without any problems.
Comments (8)
sorted by:
Beside this there is Session and Briar.
I particularly like Briar because it lets you send messages over WiFI ad-hoc networks. In other words nothing goes over the internet.
I'll look up both apps and see if either one of those might be more suitable. Thank you!
I'm a software developer and I don't trust software I haven't developed myself ...
I'm not a programmer. I tried coding once, it was definitely not my cup of tea. I'm a hardware guy. I like building physical constructs. I'm grossly ignorant to the complexities of modern code. Basic, pascal and one other machine code that I can't remember were the only programming languages that we had available when I tried writing code. Basic made me want to run away because of the tedium involved. I know that modern languages are far superior and with debuggers, quite a bit easier to learn than line by line code writing, but the bad taste in my mouth never left from the mid 1980's.
I think it is the lesser of two evils because of the encryption, which only works when both ends are using Signal. Just be careful what you say on there.
Any sensitive communications should not even be done over Signal if you are concerned with spying. Use a XMPP server if you want anonymous comm.
We don't communicate any malevolent information, just personal stuff and hobby crap that we share amongst ourselves. Just don't want any out of context info leaking out because that seems to be an excellent way of destroying one's reputation.
Signal, or other rolling-SSL messaging apps are your best bet for privacy. To decrypt anything in the message chain requires the entire message history up to that point, which means you’d have to have already been a target by someone who can reverse SSL certificates (NSA, CIA, etc.,) from the very first message, which if you were, then no amount of encryption is going to do you any good. Or you’d need a man-in-the-middle attack (but again, from the very first message) which is easily known by mis-matching “security codes” in signal.
If you verified each other’s codes, then you have little to worry about. The encryption is strong. If anything leaks, it’s from other apps you’ve installed that read your messages on every app after being decrypted.
Thank you for the response. I am illiterate to software code, but your response makes sense to me. I do work with hardware encryption devices, but the implementation of purely software encryption is foreign to me. Old school hardware crypto devices also require keys to be loaded that match on both ends. The question I always had was the exchanging of encryption keys so that both ends were using the same keycode to match the public encryption. I always looked at it like over-the-air rekey (OTAR), but have not researched the process. It has been an endless series of research over the last few years and network encryption has just not seemed as important compared to many of the other topics.