that is why I don't like people recommending moving from #WhatsApp to #Signal, better use messengers that don't depend on US servers and companies, like European messengers like #ArcaneChat
@adbenitez The problem with many #Signal alternatives is that they don't provide Windows / MacOS / Linux desktop versions. Hard as it may be to believe if you are under 30, not everyone walks around with a phone glued to their hip or in their hand all day. Personally, I have NEVER used a messaging client (other than SMS) on a phone, I use my desktop computer for everything, partly because the screens on phone are just too damn hard to read if you don't have perfect vision, but also I just have a terrible time using a modern "smart" phone in general.
One thing I don't like about #Signal is that it only supports one mobile device per account. I know they want to make it easy for the average user. But for someone who has two phones, it's very limiting.
That's why I prefer #Matrix. Adding another device and decrypting all existing messages doesn't even feel so clunky anymore.
The main problem I see isn't finding a good alternative, but finding a person who is willing to abandon #meta I have multiple alternatives(#signal, #element #telegram #discord ) but what to do when I'm the only one using them?
I tried to find when #Signal has published the most recent #security audit, and it turns out they either never published an audit or their code was never audited at all.
The closest thing I found is the list community.signalusers.org/t/ov… which only cites research papers and some evidence that in 2018 Signal paid Doyensec, but nothing got published as the result. Even then, it looks like the apps were not audited for more than 5 years since then.
Let’s collect past security audits here: Formal audits Year Auditor(s) Sponsor App/Component Published Link Last update / extended 2013 iSEC Partners (NCC Group) Open Technology Fund RedPhone and TextSecure ❌ Blog post 2014 Frosch et al.
I tried to find when #Signal has published the most recent #security audit, and it turns out they either never published an audit or their code was never audited at all.
The closest thing I found is the list community.signalusers.org/t/ov… which only cites research papers and some evidence that in 2018 Signal paid Doyensec, but nothing got published as the result. Even then, it looks like the apps were not audited for more than 5 years since then.
Let’s collect past security audits here: Formal audits Year Auditor(s) Sponsor App/Component Published Link Last update / extended 2013 iSEC Partners (NCC Group) Open Technology Fund RedPhone and TextSecure ❌ Blog post 2014 Frosch et al.
If you're still recommending #Signal, you may have missed the tech oligarchs' takeover of the US government. The best time to recommend European alternatives was 8 years ago; the second best is now.
Unfortunately, this year I could not join nor organize any in-person celebration, BUT of course I want to share my gratitude to the many, countless #FreeSoftware services I don’t merely use, but actually depend on.
Last year, I decided to focus only on #YunoHost, because it would have been crazy to list all the projects I use and I love.
This time, even if I will most certainly forget someone, I am challenging myself to mention all the #LibreSoftware my life is powered by.
#Obtainium, for making me directly download apps on my phone, and @fdroidorg for distributing them
#AuroraStore, for proxying the download of apps I am doomed to get from Google Play
@element, for developing #Synapse, even though the new proprietary Synapse Pro is VERY PROBLEMATIC AND DISAPPOINTING
#Fractal, for being the most beautiful and awesome #Matrix client ever
@signalapp, for keeping me connected with the people I love
@Mastodon, for also maintaining a feature-packed experimental fork (#GlitchSoc), that is what Pan runs
#Tuba and #Moshidon, for being the most beautiful and awesome #Mastodon clients ever
#Firefox, for still remaining the best possible #browser choice, despite #Mozilla’s governance messiness
@openstreetmap, for allowing us to find the right path, both literally and metaphorically!
@organicmaps, for being the simplest, cleanest, yet feature-rich #OSM client and navigation app
@protonvpn, for making me browse safely from/to anywhere in the planet and @protonprivacy #ProtonMail, for hosting my email, despite the latest alarming political statements…
@libreoffice, for allowing me to draft documents with ease, the last of which was my #CV
#LanguageTool, for preventing me from making embarassing spelling mistakes
@photoprism, for safely storing and indexing all my photographic memories, on Aby, and for providing stellar and friendly support too!
#Actual, for moderating the very likely risk of ending up completely broke, since it forces me to manage my finances consciously and coherently
@readeck, for storing and sorting ALL my varied and overwhelming inputs
@nextcloud, for storing and synchronizing my data, for its #calendar, its #tasks, and all its awesome apps
#Rustdesk, for preventing my friends and family members from going crazy, by allowing me to remotely connect to their devices and directly address the issues they have
@forgejo, for giving us a chance to truly control and collectively develop the sources of our software, but most importantly @Codeberg, for RESISTING, RESISTING, RESISTING, despite the hatred and attacks nazi assholes throw at them
@musicbrainz for keeping music knowledge open and free, and @ListenBrainz for scrobbling the crazy music I listen to
The @fsfe, for promoting this celebration and fighting the good fight!
Lastly, but most importantly, the biggest thank you goes to all the free software libraries and dependencies the above mentioned #software are made of/built with, including #C, #JavaScript, #Python, #Rust, and all community-maintained programming languages.
To be honest, I unfortunately strongly believe that as example #Signal and #Tuta are in that exact team. Why? Their design leaves gaps for exactly that kind of stealth operation.
Meta gebruikte naar verluidt ruim 80TB aan illegaal verkregen data om het Llama-llm te trainen. Werknemers van het bedrijf zouden onder meer ruim 35TB aan documenten uit Z-Library en LibGen hebben gedownload aan de hand van torrents.
This is what I think about whenever infosec wonks on here start telling people they should use matrix or xmpp+omemo or whatnot instead of signal
To be fair, I understand the arguments and to a large extent I agree with the critiques. However, I think anyone making these recommendations is vastly underestimating the capacity or appetite for most people to deal with the user experiences presented by these alternatives.
User experience is the ultimate force multiplier. For anything that requires network effects to function (ie most anything involving communication), if it doesn't *just work* then you've lost 90% of your audience.
Journalists use #Signal to talk to sources and share tips safely. The app helps protect privacy, but #journalists are often targets. To stay safe, they should secure their Signal account. This article explains how. The tips are also useful for ordinary users.
XMPP is a messaging protocol (among other things) that needs no introduction to any technical audience. Its various implementations have proliferated through technical communities for decades. Many…
📣 Happy #GlobalSwitchDay to all the brave frontrunners out there!
For whom February 1st came a little too soon, don't worry! Just try again on March 1st and celebrate Zero Discrimination Day in the beautiful #fediverse. Alternatively, you can switch on April 1st, as only fools stay behind ;) or join your friends on May 1st and put your ideals to work.
What stands out to me is that #Signal uses secret URLs to distribute encrypted attachments. Given their strong security claims and threat model, I would have anticipated a more robust user authentication mechanism to ensure that only intended recipients can access these files.
Personally, I don’t think the impact of the "which Cloudflare server is this Signal user closest to" attack is that bad. However, it highlights yet another quirky side effect of #Signal being built on cloud infrastructure.
A security researcher made a tool that let them quickly check which of Cloudflare's data centers had cached an image, which allowed them to figure out what city a Discord, Signal, or Twitter/X user might be in.
By popular demand, a single post to boost global switch day across multiple platforms on February 1st 2025.
For those who can no longer get behind Musk or Meta's new policies and feel like switching (e.g. from #Whatsapp to #Signal, from #Instagram to #Pixelfed or from #X to #Mastodon) I made you some graphics to use freely in communicating with your contacts.
Die Welt ist voller Messenger und gefühlt nutzen die allermeisten #WhatsApp, #Telegram oder #Signal.
Alle haben ihre individuellen Vor- und Nachteile und wer sich dann noch die die üblichen Sicherheitsseiten anschaut, z.B. @kuketzblog , wird schnell feststellen: Es gibt nicht DEN einen Messenger, den alle gut finden.
Warum ich unter den verfügbaren Alternativen neben @signalapp @matrix nutze, habe ich hier zusammengefasst:
Dieser Server dient uns als eine Informations- bzw. Austauschs-Plattform für alle Menschen, die sich konstruktiv und kreativ mit den Themen FreeBSD, LINUX, IT-Sicherheit und allgemeinen Netzwerkthemen befassen und austauschen möchten.
V posledních dnech převádím komunikaci s nejbližší rodinou na #Signal. ➡️ Ale donutit k přechodu větší počet lidí je problém, nikdo moc nechce další IM aplikaci a raději zůstane tam, kde většina. 😞
Bohužel v dnešní době, kdy o nás státy, nadnárodní korporace a další subjekty sbírají všemožná data, se začíná soukromí zcela vytrácet. ⚠️ Smutné je, že většině lidí je ztráta soukromí v této podobě úplně ukradená. 🤯
Signal jsem zvolil, hlavně díky jednoduchosti a nativnímu E2E šifrování. Účet si tam zvládne vytvořit a nastavit opravdu každý. signal.org/install
interessant. Ich kämpfe auf meinem #grapheneos auch seit einer Weile mit dem Akkuverbrauch von #signal. Schade, dass in #younohost seit dem Update auf #debian 12 nicht mehr automatisch ein #XMPP Server integriert ist. Das war schon ein sehr bequemer Weg für Laien wie mich, unfallfrei, unkompliziert und günstig einen solchen zu klicken und pflegen.
I installed #Signal and #Conversations_im on a clean install of #GrapheneOS on my Pixel 4a and measured the battery impact. The results are shocking!
Both messengers had only one contact: my regular phone.
I used my regular phone to send messages to the Pixel 4a (which was not used for anything else over the course of the experiment).
I always sent the same message via Signal and #XMPP (mixing up which app went first). In total I sent ~32 messages in intervals of 10mins to a few hours.
I’ve been on Fedi for a year now and have fallen in love with the platform, so here’s my introduction! I studied computer science with a focus on RTOS and FP/PL, but I’m about to start my final semester of law school. I’ll be practicing at a boutique firm that primarily handles IP cases once I’m barred. I foilboard and I play way too many rhythm games in and out of the arcade.
I contribute to open source projects where I can, and I write up my experience in my digital garden which I’ve been maintaining for over a year now. It’s also a good place to find usage tips for projects/tools that you might want to use.
My passion for tech also includes privacy, and I’m an advocate for minimizing your digital footprint. GenAI is a scam and its purveyors are causing real harm while they sell it as hard as they can.
Tip You will own nothing, and you will be happy. On my little corner of the internet, I document my adventures in tech and complain about the internet of shit.
you could be recommending #DeltaChat that is an #e2ee #email client with an UI that looks like #WhatsApp, you could even provide it to your users as a chatting #decentralized solution using your email server, which fits with your business, but instead you prefer to recommend centralized phone-number based apps like #Signal 😭
Werft mal einen Blick auf die Messenger-Matrix. Trotz aller Bemühungen kann es sein, dass nicht alle Informationen zu den Messengern aktuell sind. In diesem Fall bitte ich um Rückmeldung, damit ich die Matrix anpassen kann. ❤️ 👇
Die Messenger-Matrix bietet einen Überblick über die verschiedenen (technischen) Merkmale diverser Messenger.
Die Matrix wird auf www.messenger-matrix.de gehostet.
I've noticed that, for me and my wife at least, #Signal isn't always reliable for time sensitive messages. Even after exempting it from the Android power saving and everything it's almost like it goes to sleep sometimes and notifications don't pop until we open it up. The #XMPP app Conversations.im however is very reliable. Running a packet capture on my phone shows that when switching networks #Conversations immediately reconnects, but Signal doesn't, sometimes for several minutes.
So... #Signal and #Wire, which both have issues, but not #Matrix / #XMPP? And for video, 2 #YouTube front ends and a proprietary YouTube clone, but no direct mention of #Peertube? And for Translation, the proprietary #Deepl, but no mention of the local and #Privacy respecting #Firefox #translate
I appreciate the intent of this post, but the research is... outdated at best.
If you read the recent _Against XMPP+OMEMO_ article, it might be interesting to come back and read its comment section there as well as the following article:
Der Messenger #Telegram ist für eine sichere Kommunikation nicht geeignet - standardmäßig sind die Nachrichten nicht einmal Ende-zu-Ende verschlüsselt. Besser geeignet sind #Signal oder #Threema. Übrigens: Elon Musk ist das Paradebeispiel eines Trolls. Einfach ignorieren. 😉
