Don’t recommend Voyager as a desktop client to new users. It just looks like a stretched mobile app, and the UX on desktop is piss poor. Just go with the default Lemmy UI, or Photon.

Sail the seven seas! 🏴‍☠️

Would Mexico and Panama be the 53rd and 54th then?

The first step would probably be to try and revoke their tax exempt non profit status. But I’m confident the Signal Foundation would at that point just move to another jurisdiction. Maybe Canada, Switzerland or something like that.

That’s what I thought when I first saw this

I agree

Absolutely

Reasonable choice

They should really use SecureDrop

Bad choice, many new users specifically came here because of [email protected], which can’t be accessed from lemmy.world.

There was a period where they didn’t push changes to the repo, but all the code was released afterwards and it’s been getting regular updates ever since. But it also doesn’t matter at all, since the Signal client is designed in a way that avoids putting trust in the server. Signal servers could literally be run by the NSA and it wouldn’t matter, as everything is fully end-to-end encrypted, including metadata. The Signal protocol was also updated to use post-quantum cryptography in 2023.

below a large bold warning that discourages people from actually using it

Yeah, because an APK downloaded from the web isn’t automatically verified. You need to perform the verification of the package manually, which most users probably won’t do. So it’s safer to download a build from the Play Store, which does this automatically in the background.

Signal’s default, well-supported installations use Google services

Signal only uses FCM for notifications, with a fallback mechanism (WebSockets) being available in all builds of the app, as well as Google Maps for location sharing (which most people probably don’t use anyway).

so unless you’re an extremely atypical user, those services are present on most of your contacts’ devices

Google Play services being present on people’s devices has nothing to do with Signal including the library. They are present on almost every Android device, because Google pressures OEMs to include them and grant them system level privileges.

Let’s also remember that E2EE doesn’t protect the endpionts

Yeah, but that’s the case with EVERY messenger app, so I really don’t know what your point is here?

As far as I know moxie, signals lead dev, considers only the use of the officially build and distributed client authorized to use their servers.

Moxie has resigned a few years ago. The article you linked to is 9 years old, Signal leadership has changed a bunch of times since. Signal can’t detect that you’re running an alternative client, because that check would require them to include some new code in the official client. Even if they did this, they couldn’t just ban anyone who’s client doesn’t pass the check, since it could just be an older version of the official client. They could force everyone to use the official app, but they really have no reason to invest time and effort into enforcing this. Molly is only available for Android, and it isn’t even on the Play Store or the official F-Droid repo, so the user base naturally won’t be as big.

You don’t even need to piss on it, a splash of water is enough for the cybertruck

sudo finger

No it’s not: https://github.com/signalapp/signal-server

Have you been using this one?

I tried it out once, but I currently don’t use it, because I just run mollysocket on my own server.

On my app I don’t get rich notifications only “you may have a new message”.

That should only be the case while your Molly database is locked, because the actual messages can’t be decrypted, so no message preview can be shown in the notification.

Oh that’s the only one I know of. I thought that this is what you’re referring to.

We are still in a trust me bro situation

No we’re not. You don’t have to trust Signal, everything is open source, you can actually verify it.