SAN FRANCISCO — Developers behind the encrypted messaging app Signal updated their terms of service to forbid users from organizing and executing targeted military strikes,…
I trust open source more than I do something like WhatsApp that is owned by Meta/Facebook. The source code is on Github and I assume if there ware any concerns we would know about it. Also there’s safety numbers.
For Android they have reproducible builds to verify that they are using the source code from their public repo for the app distributed via Google’s Play Store.
Regarding the server software, it’s not that easy but because of the Signal protocol you can be sure that messages are e2e encrypted and authenticated. They also have the sealed sender feature which hides the identity of the sender. So it shouldn’t really matter what software a server is using.
I trust open source more than I do something like WhatsApp that is owned by Meta/Facebook. The source code is on Github and I assume if there ware any concerns we would know about it. Also there’s safety numbers.
You can breath now 😊
How do you know the source code on GitHub is what is being ran in production?
For Android they have reproducible builds to verify that they are using the source code from their public repo for the app distributed via Google’s Play Store.
Regarding the server software, it’s not that easy but because of the Signal protocol you can be sure that messages are e2e encrypted and authenticated. They also have the sealed sender feature which hides the identity of the sender. So it shouldn’t really matter what software a server is using.