Episode 165 - Can Signal survive without billionaire support?
Added 2023-12-09 14:24:01 +0000 UTCSignal costs $14 million a year to run. Can it survive on user donations alone?
Signal blog: https://signal.org/blog/signal-is-expensive/
Comments
Client-side encryption is a must. No service that requires users trust it with their keys should be considered private. Irrespective of the developer's intentions, motives or security level. Anything that can be breached will be breached.
The Hated One
2023-12-21 16:17:01 +0000 UTCI like how you mention plausible deniability as it constantly gets overlooked. In places where getting your phone contents searched, in public transport or at a workplace, is a reality and considered "legal" people have to resort to using things like Telegram. The logic is simple: - it's commonly used in the area and doesn't bring suspicion; - transport encryption is good enough as the service is not known to be sharing with the adversary; - metadata leaks could be worked around with careful opsec, while getting found with a rock solid e2e encrypted messenger used by no one except for security experts will very likely get you in trouble (interrogated, searched). On the topic I wanted to add a recording of a QnA by Meredith W on Signal's sustainability and its challenges: https://yewtu.be/watch?v=HIhLQrldq0s.
wurdfcon
2023-12-10 01:32:50 +0000 UTC