More evidence that Signal is just a glorified WhatsApp for privacy normies, the Mozilla of instant messaging platforms.
If Signal really valued their users and their privacy, they would:
Allow all search engines to index their site (including lesser-known search engines like Mojeek), not just Google
Release a 100% FOSS version of their Android app with no Google Play Services for F-Droid and Github releases (for Obtainium), maybe even Accrescent
Not require a phone number or any other PII for registration (not like it matters if you use it to chat with real people you know under your real name)
Allow more third-party clients
Allow their users to self-host their own servers for decentralization or federation
With all that said, it’s still a good “private” messenger for normies who don’t care about freedom or control.
They could host their own third-party repositories and this wouldn’t be an issue.
This is ridiculous. It’s like saying Google Chrome should stay proprietary because releasing the source code leads to insecure browsers like Firefox, Ungoogled-chromium, Pale Moon, every browser that uses QtWebEngine, etc.
You are misunderstanding their point. The point is that you already have to trust the developers releasing the app; therefore, it is better to also trust them to sign a build of the app. F-droid adds/is a third party to trust since they build the app from source and sign it themselves. There is also the issue of the single point of failure that creates.
To be fair Fdroid does give an option to developers to use reproductible builds.
For the longest time signal did not do github releases until few versions ago. The website release was also not very clearly visible and wasn’t linked to from their main landing page.
Allowing the app to be easily be downloaded from alternate source would be beneficial in countries where signal could be banned. Imagine if all signal domains were banned in a country and people could not even find official apks from alternate sources. (until now somewhat)
With all flaws, Mozilla and Signal have an important place in this sphere. Signal gives us a breathing place where telegram and ehatsapp dominate the market. Other niche alternatives will stay niche, and you won’t be able to text your mommy or neighbour using threema or session or other alternatives.
As for Mozilla, it’s the same, really curious to see the browser market at the moment they shut down Gecko.
its a fact . Its nothing to agree or disagree on. Why did they suddenly decided to do github releases after so many years of asking them to do so ?
Was github unsafe earlier according to them ? or it was just a bad decision from them or ignorance ?
Not doing GitHub releases, not using the keychain for MacOS when the PR was delivered to them on the silver platter, not updating Signal TLS when the PR was delivered on a silver platter and was rotting there for years, not fixing all the leaks of Signal TLS—all of those things are just ignorance, I have no other way to explain it.
What are you trying to defend here , if yourself don’t know what was the reason behind it ?
would be better if you would investigate yourself and reply us with some actual reasons ,than blaming us not investigating.
its funny for you to compare signal with hypatia and molly app (which is literally a single devs project).
How do their decisions relate to what signal can do or not ?
Signal has lot more resources at its disposal and probably has to be answerable to a lot more people and listen to users needs than a single dev running it as a side project.
(If you had ever asked a foss dev , you’ll know the shenanigans google puts you through to keep their app listed on the playstore ,which they may not have the time to deal with)
I don’t think signal lacked any resources to have multiple distribution channels including automating github releases.
Unless you could provide any other actual reason for not doing so , it would be waste to trying to convince you otherwise.
A lot of people don’t trust fdroid , which is fine. No one is forcing you to use fdroid. Its an option to the user.I would still regard it as a good marketplace to get your foss apps from.
Maybe for the apps highly sensitive to you , you could chose to get the apps directly from the developer.
The reproducible build process would not be very convenient but there were several other options available to signal.
