this post was submitted on 21 Jul 2023
247 points (86.2% liked)
Technology
59436 readers
3642 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Signal for me personally. I'll never touch WhatsApp. If that's what you use to communicate then we do it the old fashioned way.
But why? For video calls and simple messages what’s the difference? Both use end to end encryption. The interface is clear but WhatsApp has huge advantage in number of users.
can you really verify they use e2ee? it's not like you can look at the source code of their client or servers, all you can do is take their word for it and there have been companies lying about having e2ee before.
plus metadata collection, sure they might not able to collect what you send but who and when you send your messages are probably collected.
But these questions are true for any app. The only one which was verified is iMessage, because of that FBI case.
not really, you can check the source code for signal's client and server. same goes for matrix except you can even host your own matrix server. that is the difference of open source.
Are you compiling and installing compiled version yourself onto your phone?
no but i trust third party security audits and the freedom to do that. for my threat model this is fine.
it is not a matter of if i did it or not, it is a matter of if i could do that.
There is no way for you to check if they add something to or remove from the code before they compile it and put it into store from which you download to your phone. You have to trust company regardless.
you are missing the point, with an open source project you can choose to trust but with a close source project you have to.
it does not matter which i choose in the end as it only effects me.
I do miss your point. In both cases I have to trust that company is not maliciously lying and doing something. If anything, the bigger the company the higher likelihood that if something malicious is going on it becomes known through whistleblowers.
you don't have to trust a company as you are free to compile the app yourself, that is just what i choose to do.
that being said i don't think this conversation is leading anywhere and wasting both of our time, therefore i won't be replying anymore, happy fediversing.