Bullshit! When you compromise the phone of someone you find out the phone numbers of everyone they talked to. I won't even get into how signal can abuse this willingly or against their will.
Signal is no better than just using imessage or whatsapp. The terribly deceptive thing about it is that it is marketed as a super secure messaging app better than alternatives but in the most important way that matters: not crypto but metadata and plausible deniability it makes such compromises. Explain to me why signal on the desktop can't function without a mobile app?! Governments have complete control over mobile phone infrastructure and can perform targeted compromises by using signal contacts for target selection.
Do not use signal thinking it will protect you better than any other encrypted app. Governments and private partires are not out there cracking the crypto itself.
Do you have something _in evidence_ indicating that Signal is abusing contact information?
The rest of this is scattershot: what matters for the overwhelming majority of use cases is end-to-end encryption between parties that know each others' identities but aren't necessarily technically proficient enough to play key management games. This is the user story that matters for dissidents, journalists, public figures, and ordinary people: if you aren't servicing those people, then it's extremely likely that you're (1) servicing nobody at all, or (2) servicing people who treat security as a LARP rather than a practical concern.
> between parties that know each others' identities
And Signal needs to collect their identities and reveal them to each other despite the risk of one of them getting compromised?
> This is the user story that matters for dissidents, journalists, public figures, and ordinary people
When you are outed as a source, as the romantic partner of an estranged spouse, as the public figure losing an election because of an embarassing message,etc... it matters. And you have not given me a technical reason why Signal can't protect people as they expect it to. None of these people are concerned about the FBI doing a forensic investigation or wiretapping them.
> servicing people who treat security as a LARP rather than a practical concern.
Or normal people who don't know enough to think about security and threat models who simply trust you the tech savvy person recommending them Signal which will protect them, you know, the general population. Matter of fact I would bet good money most signal users don't even know you have to verify each other's codes in person for the e2ee to even mean anything other than false security!
Signal is no better than just using imessage or whatsapp. The terribly deceptive thing about it is that it is marketed as a super secure messaging app better than alternatives but in the most important way that matters: not crypto but metadata and plausible deniability it makes such compromises. Explain to me why signal on the desktop can't function without a mobile app?! Governments have complete control over mobile phone infrastructure and can perform targeted compromises by using signal contacts for target selection.
Do not use signal thinking it will protect you better than any other encrypted app. Governments and private partires are not out there cracking the crypto itself.