i’ve just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).

if this is true, then i have a few questions:

-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.

-how to explain it to my friends who use signal because i recomended?

-what this means for other apps in general?

  • wildbus8979@sh.itjust.works
    614·
    2 months ago

    Second is that it runs on AWS. This isn’t a problem in the sense that it’s possible for it to still retain privacy while running on AWS. Some people don’t like it because they view the dependence on the infrastructure of an American company to be a risk to availability. They also believe that it would exacerbate a security flaw if one were found.

    Let’s not pretend the hypervisor doesn’t have full access to the VMs memory and execution. The only thing protecting the Signal server is Intel SGX.

    • someacnt@sh.itjust.worksEnglish
      331·
      2 months ago

      I don’t think Signal trusts the AWS server either, that’s the point of E2EE encryption.

      • wildbus8979@sh.itjust.works
        83·
        2 months ago

        I’m not claiming the contents of the messages are at risk here. You’re social graph and metadata though is another story.