0
Signal usage survey, what versions do you use? Wanted for potential Flatpak adoption
(community.signalusers.org)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
SMS is also the common standard for talking to people.
For the vast, vast majority of people, the technical security of, ‘hey, you want to catch a movie next saturday’, is far less important then the message actually getting through.
Qute simply, it is far more important for a communication method to be easy and universal then to be secure against attacks the vast majority of people do not think they will ever encounter. When most people want to tell their neighbor two houses down that the dog has gotten out again being able use the app they already use to communicate is far more important to them then then a bunch of technical jargon about end to end encryption.
Thats email too, which is less bad
Why is email less bad than SMS? It’s about as (in)secure.
Email also fulfills a different role, as it is for longer, more formal, and less time sensitive messages. Nevertheless, more modern and technical encrypted email clients go out of their way to still work with unencrypted messages insteand of being deliberately incompatible as Signal is.
Email uses modern TLS, SMS uses some ancient encryption from the 90s or so, that just doesnt work.
If you trust the servers email is fine.
You can use Deltachat to chat over email. The protocol is universal its just how you use it.
Trust me a signal/xmpp/matrix message could look like an email too.
Email + Encryption is poorly optional yes. But you are asking for an internet chat service to support a different, ancient, insecure and unprivate protocol that has nothing to do with it.
Deku SMS supports encrypted and unencrypted SMS, this makes sense.
Yes, you could technically use email like SMS, while the standard allows for up to five days for the message to go through that’s pretty rare, in practice it’s primarily used to send long messages from one computer to another, not a single sentence or two between phones.
In practice, it is about as secure as SMS, as both require similar levels of dedicated effort to interpret. Most of the actors with the hardware used to intercept and decrypt SMS are the same actors who can compromise a server, or outright have acess to the backdoor they paid 10 million to put in RSA. Not that they need it, as the largest email providers by far do often work with law enforcement anyway. Both SMS and email attacks are seen at about the same rate and scales, which is to say rarely outside of government agencies where both are unfortunately routine.
Signal is primarily designed and marketed to fufill the same basic role as SMS, as evident from just how much of an afterthought anything but the mobile app is, how said app copies the same format as SMS for messages, how it required an phone number to use and sync phone contacts, and how it did support SMS for quite some time. It is emently reasonable for Signal to have continued to have featured the messaging format most of the people it could talk with used.
Agree that in practice SMS are intercepted just as much as Emails. But its entirely different and SMS does not use RSA afaik.
The last paragraph stressed for me how confusing this would be for noobs. A messenger that seems to do exactly the same but differently. People would not get it and think if they use Signal for SMS this would be secure somehow.
Whatsapp never integrated SMS and its used everywhere. Okay, there are video conference platforms that allow to log in via the phone network, but yeah, dont do that.