Signal Is Finally Bringing Its Secure Messaging to the Masses https://www.wired.com/story/signal-encrypted-messaging-features-mainstream/
@micahflee I like the warning about adding more complexity to Signal, and I especially like the example of the Intel feature. That is probably too proprietary to be aided by free software hackers in the event of an exposed vulnerability. Even before exposing a vulnerability, there are probably less people allowed to study the Intel code, so there's less chance of someone finding vulnerabilities.
@micahflee *coughs* Signal Is Finally Bringing Its Centralized Messaging with Goggle Surveillance™† blobs in its APK to the Masses.
It's still up to the user if they want to use Signal on a phone that utilises Google's infrastructure. Signal works just fine without FCM/GSF.
And i would be very surprised if Signal actually ships any proprietary blobs. I'm pretty sure it simply talks to a proprietary API, which 99% of users have on their phones anyway (Google Play Services).
[Sarcasm] of course don’t worry, tapping into a centralized infra of security providers is not a thing. Nothing suspicious in those blobs.
Don’t verify, just trust.
@fll @micahflee That’s your reasoning?—Ignoring linked resources, explanation what ‘implementation’ (former ‘compile’) does in Gradle, direct links to code and the easy task of downloading APK and de‑compiling it?
Providing a verifiable resources is FUD? Maybe I assumed too much from an account on infosec.exchange.
25b7b627614d9351332e3d8d4ed1726e1979317bce6dc09bdf3a966c1ba9471f Signal-website-universal-release-4.55.8.apk → Signal-website-universal-release-4.55.8/smali/com/google/*
@micahflee Really looking forward seeing more people use it and ditch Whatsapp.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!