• a Kendrick fan
    link
    fedilink
    -355 months ago

    Please don’t use Signal, the US government has all the keys. Self host XMPP, Matrix and SimpleX servers and make sure encryption is properly configured. If you’re not generating your encryption keys, why should you use them?

    • Timber
      link
      fedilink
      335 months ago

      Source? And fyi, if you use Signal you are generating your own encryption keys. Your private keys are generated on your phone and stay on it. So what gives you the idea that

      the US government has all the keys

      ?? Sounds a lot like a conspiracy theory

      • Jolteon
        link
        fedilink
        35 months ago

        Plus, the signal client is open source. You can literally be 100% sure that your keys are being securely generated.

    • @[email protected]
      link
      fedilink
      85 months ago

      I don’t think Signal is unsafe, but agree that it is a weird middle ground. Depends on threat model, of course, but overall I would prefer something selfhostable - for the sake of independence, easier anonymity and censorship resistance. Plus, Signal by default doesn’t allow desktop registration (and desktops are much easier to make private than phones), so you’d need either a VM or a command-line application for it, which is a big pet peeve of mine.

      • Possibly linux
        link
        fedilink
        English
        25 months ago

        I think the best option is to communicate about alternatives. Maybe get a few close friends on each and then decide