Signal CEO paid $735K/year while Signal Foundation 'begged' for donations

Molly is a good option. They’re planning a lot of cool stuff like:

• Text-only mode (reduces attack surface substantially)
• Remote attestation

These are planned as well but later:

• Molly server (aims to reduce metadata, get rid of the phone number requirement, enable federation and will have the option to self-host)
• Monero integration

Link for donation: Molly - Open Collective

I wish they left the signal donation link in the app instead of replacing it with theirs. They are still running on Signal’s network.

True, they could have kept both. Ultimately, Molly users still know it is a Signal client that uses Signal’s network and can donate to Signal if they want to.

• I have no problems with for profit corporations. Why would I? I’d rather give money to an unapologetically for profit corp that produces good products than a non profit that reeks corruption. It’s the free market and I am voting with my wallet.
• Their protocol seems genuinely good.
• They are working on making their apps better instead of letting them rot like Signal Desktop or their TLS Proxy.
• I haven’t seen their execs going around trying to bury problems under the rug while calling people drawing attention to issues that have been known for years “irresponsible”.
• I haven’t seen their execs going around virtue signal against Google (without a real threat model in mind) or Microsoft (while commiting the same sins that they do and pretending like its fine).
• I haven’t seen a million or 3/4 million dollars being spent on said execs.

TLDR: There is nothing wrong with being for profit. But there is everything wrong with doing what Meredith is doing and the state of Signal products in general.

Because none of the issues brought up in this thread or the IP being PII is a valid issue they’re misleading about or trying to hide. Also, think about how they’re planning to make money because it’s going to have to happen at some point and they haven’t made their monetization plans clear at all.

No, they just go around actively spreading misinformation about Signal being insecure and virtue signalling against their competition in a market that they are financially obligated to compete and return profit in.

spreading misinformation about Signal being insecure

Where is that? I’d like to see that if true.

All I know for a fact is both the Signal desktop app and the TLS Proxy are botched, and the desktop app is so bad that I wouldn’t install it on my host system (or have it installed anywhere at all). I also know that the TLS proxy is not censorship resistant like they advertise for a multitude of reasons and wouldn’t touch it if I were actually at risk. It is trivially detectable and blocked.

https://www.reddit.com/r/SimpleXChat/comments/1afgrcj/comments_on_comparisons_of_simplex_with_other/

The founder of SimpleX states here that Signal has the technical ability to MitM messages that are locally encrypted on your device and decrypt them while in transit through their servers.

Edit: If this was the case why has every court order for Signal resulted in nothing beyond the bare minimum being disclosed. They’re not Apple, they don’t have the funding to tell the US government to screw off we won’t backdoor our software for you.

I haven’t read the whole thread but the claim about the server being able to MITM conversations that have not been verified is correct. I don’t see how you think they are lying there. Let me try and break it down in simpler terms for ya:

• Alice and Bob tries to connect to each other through Bob’s server.
• Alice sends the server her public key to be passed to Bob. Bob sends the server his public key to be passed to Alice.
• A malicious server generates 2 new public-private keypairs. Let’s call them Fake-Alice and Fake-Bob.
• The malicious server passes Fake-Bob’s public key to Alice. It also passes Fake-Alice’s public key to Bob.
• Alice communicates with Fake-Bob (the malicious server), while thinking that she has e2ee. Bob communicates with Fake-Alice (the malicious server), while thinking that he has e2ee.
• The server just decrypts the messages, reads it, then re-encrypts the messages and pass them along.

This is why with Signal (and similar platforms like Matrix), end-to-end encryption is security theatre UNTIL YOU VERIFY EACH OTHER’S PUBLIC KEY.

Edit: If this was the case why has every court order for Signal resulted in nothing beyond the bare minimum being disclosed.

Maybe because their server isn’t actually malicious? But that’s the point here - your end-to-end encryption entirely depends on the server being not malicious, until you have verified each’s other public key (by comparing the safety code out of band). Without the verification step, you are about as private as if you were using Snapchat - crossing your fingers and praying that the server will keep its pinky promise to not snoop on you.

Isn’t that fallacious as 99.99999999% of the time the keys are valid and so even if you verify them out of band, they were already secure before you verified them? Meaning it’s not security theater because you were secure the whole time and all put of band did is take time. Also, you can have someone send you their side of the key in band and immediately know if the chat is secure or not at that point as it will either match or not match.

Can someone from the mod team lock this thread? It is thouroughly off topic now as the discussion is now about whether simplex is better than signal.

Isn’t that fallacious as 99.99999999% of the time the keys are valid and so even if you verify them out of band, they were already secure before you verified them? Meaning it’s not security theater because you were secure the whole time and all put of band did is take time.

No. Until you verify that the keys are real, you are entirely trusting the server on its good will. At which point you may as well just use Snapchat because you are just blindly trusting the server to not snoop on you.

Also, you can have someone send you their side of the key in band and immediately know if the chat is secure or not at that point as it will either match or not match.

No. This is literally security theatre. The malicious server is not limited to just reading your messages - it can modify them and swap your real key with its fake keys as well. There is no alternative to out of band verification in Signal or Matrix.

Just because you don’t know how encryption works doesn’t mean like SimpleX was lying in that instance.

That’s inaccurate, since you will be notified of a key change on Signal regardless of whether you’ve completed out of band verification.

Edit: [added quote to show I was only responding to one specific claim]

Classic. I like it.

You jumped in and made a blatantly false claims. If I say nothing about it, “ohhh SimpleX are liars”. If I prove that you are obviously wrong and do not understand how encryption works like I did, then “ohhh mods please lock the thread”.

The server can snoop on you from the beginning without initiating a key change. Nothing can be trusted until the keys have been verified.

Yes, if you don’t perform the key verification initially the keys could be malicious, but if you perform a key verification later it should assure you that your past conversations were secure unless you received a safety number change notification at some point prior.

Yes, that is correct. And SimpleX wasn’t lying in the thread. @Rasta just doesn’t understand how the attack works and claimed that they lied.

Ok, assume I was wrong, did you refer at all to the thread on simplex vs cwtch and the issues raised there and pitifully addressed by the ceo?

No, because I was busy explaining the directory server attack to you. I’d have to read through the whole thing before making a comment.

I know nothing about the Cwtch protocol so I would have to pull up their documentation and read as well.

Nothing about cwtch in that thread is relavent here, theres multiple technical flaws in simplex brought up that are not adequately addressed by epo in that same thread.