Signal massively downloaded amid rising tensions, number one in Denmark - AboutSignal.com
aboutsignal.com
Signal most popular communication app in Google Play Store Denmark. People are looking for a safer alternative to WhatsApp.

Granted, the part

The globally recommended app by privacy and security experts, Signal, is now being downloaded massively and tops the Danish Google Play Store

is a little ironic, but you gotta push this winning tide and then work from that.

  • Dionysus@leminal.spaceEnglish
    9·
    2 days ago

    The other party is always the weakest link.

    But also signal’s pins are a little more complicated than that, but you’re right, switch to a passphrase.

    Plus side, even if signal themselves edited the secure enclave, the world would need a new client pushed and probably notice something was off.

    The way signal’s encryption works is really an art in paranoia.

    • plyth@feddit.orgEnglish
      12·
      2 days ago

      the world would need a new client pushed and probably notice something was off.

      Not if the US have the support of Google.

          • Vincent@feddit.nlEnglish
            1·
            1 day ago

            Because there will always people running Signal from a different source, and only one of them is sufficient to notice the server has been tampered with.

            (And I’m not sure if they have reproducible builds yet, but if they do, people can also verify that even the Google Play-provided APK does or doesn’t match the published source code.)

            • plyth@feddit.orgEnglish
              11·
              1 day ago

              notice the server has been tampered with.

              Which server?

              doesn’t match the published source code

              People don’t control their phone. There is no way of knowing if the installed app is the one that is running.

              • Vincent@feddit.nlEnglish
                2·
                12 hours ago

                Which server?

                The server running Signal’s server-side code.

                People don’t control their phone. There is no way of knowing if the installed app is the one that is running.

                Some do, and that’s the point: if there’s an attempt at tampering, interested security researchers can detect it.

                • plyth@feddit.orgEnglish
                  1·
                  11 hours ago

                  The server running Signal’s server-side code.

                  What could a client detect? Signal is a US company and will comply with the government. The server can’t be trusted.

                  Some do, and that’s the point: if there’s an attempt at tampering, interested security researchers can detect it.

                  They can detect if a different app was installed from the store on their phone. That’s not useful for anybody to know if their own app is unaltered. Only people of interest will receive a manipulated client. So there is no security in knowing that some people received the original app.

                  Besides, Google runs the OS. They can change the app at runtime.