> includes a cryptocurrency nobody asked for, and I'm definitely not happy about that.
They created a centralized SGX based "cryptocurrency" and some not-publicly-identified person with a phenomenal amount of this entirely premined cryptocurency used the signal integration as a pump to steal a billion dollars from FTX's customers.
This isn't even equivalent to Mozilla integrating something widely used like Bitcoin at all... and Mozilla hasn't done that.
Even if you're utilitarian-consequentialist enough to see enabling/participating in a scam as a justifiable means to fund charitable efforts (like SBF) then you should still see that an encrypted messager with remote update ability really shouldn't be putting itself in a potentially exploitable position. "Ship this backdoor to these targets, or you get prosecuted for your cryptocurrency stunts".
The "Don't Break the Law When You're Breaking The Law" adage doesn't just apply to doing crimes, it also applies when you're doing stuff that powerful entities wished were crimes.
> (Although only in a purely-additive way,
I don't agree. Signal now uploads your contacts and other privacy relevant data to their servers, protected by nothing other than a trivial-to-bruteforce pin and SGX. They used varrious dark patterns to prevent any opt-out from the functionality. Their excuse for the acceptability of protection by trivially weak pins is SGX.
If they were streaming all session keys to the Chinese government protected by ROT13 would we say that it's okay that rot13's dubiousness is okay because its purely additive? No. Signal depends on SGX is a material way, and compromises user confidentiality with it even for users that have no interest in the marginal functionality provided by backing up that data to their servers.
The grandparent poster also missed many other problems with signal. For example, they actively block users from protecting themselves from rogue updates by timebombing every version. They undermined the ability for users to validate identities via other channels by making the comparison fingerprint process functionally pairwise unique (something which originally worked in signal). They've at various times made it extremely difficult to tell when a MITM has replaced your counterparty, e.g. by reencrypting and automatically resending when messages when the key changes (though I'm not sure if they backed off on that) and by noting a key change with a small grey message which the other side can scroll off by sending multiple times.
All that said I think signals weaknesses are kind of moot now in any case, because it no longer acts as an SMS app on android anymore it will likely fade out as more and more people fail to discover that the people they're communicating with have it installed. Signal is dead but it'll take a decade for the body to cool off.
They created a centralized SGX based "cryptocurrency" and some not-publicly-identified person with a phenomenal amount of this entirely premined cryptocurency used the signal integration as a pump to steal a billion dollars from FTX's customers.
This isn't even equivalent to Mozilla integrating something widely used like Bitcoin at all... and Mozilla hasn't done that.
Even if you're utilitarian-consequentialist enough to see enabling/participating in a scam as a justifiable means to fund charitable efforts (like SBF) then you should still see that an encrypted messager with remote update ability really shouldn't be putting itself in a potentially exploitable position. "Ship this backdoor to these targets, or you get prosecuted for your cryptocurrency stunts".
The "Don't Break the Law When You're Breaking The Law" adage doesn't just apply to doing crimes, it also applies when you're doing stuff that powerful entities wished were crimes.
> (Although only in a purely-additive way,
I don't agree. Signal now uploads your contacts and other privacy relevant data to their servers, protected by nothing other than a trivial-to-bruteforce pin and SGX. They used varrious dark patterns to prevent any opt-out from the functionality. Their excuse for the acceptability of protection by trivially weak pins is SGX.
If they were streaming all session keys to the Chinese government protected by ROT13 would we say that it's okay that rot13's dubiousness is okay because its purely additive? No. Signal depends on SGX is a material way, and compromises user confidentiality with it even for users that have no interest in the marginal functionality provided by backing up that data to their servers.
The grandparent poster also missed many other problems with signal. For example, they actively block users from protecting themselves from rogue updates by timebombing every version. They undermined the ability for users to validate identities via other channels by making the comparison fingerprint process functionally pairwise unique (something which originally worked in signal). They've at various times made it extremely difficult to tell when a MITM has replaced your counterparty, e.g. by reencrypting and automatically resending when messages when the key changes (though I'm not sure if they backed off on that) and by noting a key change with a small grey message which the other side can scroll off by sending multiple times.
All that said I think signals weaknesses are kind of moot now in any case, because it no longer acts as an SMS app on android anymore it will likely fade out as more and more people fail to discover that the people they're communicating with have it installed. Signal is dead but it'll take a decade for the body to cool off.