Signal

Why WhatsApp is not good



Perks

The perks of Signal are simple:

  1. no data is collected except your phone number
  2. While remaining a super neat and simple messaging app, it uses military-grade encryption by default
  3. Its source code is open and publicly audited, which means that anyone could check how Signal works and verify its actual respect of the user’s privacy
  4. Signal is owned by a nonprofit: anything about Signal has the sole purpose of serving the user, not making money. Signal survives only thanks to donations and investments.


Signal does not solve the real problem

The problem with Signal is that, while being an absolutely perfect solution concerning privacy, the underlying infrastructure supporting it is closed and heavily bounded to the both physical and economical capabilities of Signal.

To synthesize this in one word, the issue is the centralized nature of the whole service. If tomorrow Signal realizes that it cannot afford to keep things running and shut the whole thing down, or in the case somebody wants to plug into the infrastructure their own app or their own messaging server, there is nobody who can do anything about it.

In my opinion, the perfect solution exists. The point is that it is not simple, and, above all, the getting the importance of its implementation requires a quite technical understanding. Using decentralization means a lot of little independent servers can work together using the same protocol. Examples are XMPP and Matrix.



It is a whole different thing with respect to Telegram

Telegram is not encrypted.
Telegram is not encrypted.

When people say Telegram is secure, they actually mean that the connection between your device and Telegram’s servers is encrypted, while in Telegram’s servers, everything is completely accessible by whoever has access to them. The endlessly repeated anthem that mislead people is that Telegram does not intend to look at your stuff, that it does not sell it or use it, but:

  1. You cannot be sure of this, since the source code is not open
  2. If anybody, with any intention, manages to get into Telegram’s servers, everything is there, ready to be stolen and spread who knows where
  3. There still is the problem of centralization, here too

Share

Comments