undefined | Better HN

0 pointsgruez9mo ago0 comments

>Like checking out Signlas Open Source code.

What's preventing them from serving a backdoored version? xz was open source as well, that didn't stop the backdoor. There might be reproducible builds on android, but you can't even inspect the executable on iOS without jailbreaking.

0 comments

mos_65029mo ago

Signal designs their systems from the ground up to deliver verifiable trust mechanisms (via remote attestation) along with data minimization/zero-access encryption techniques.

Here’s one such example, which is also an interesting technical deep dive: https://signal.org/blog/building-faster-oram/

cherryteastain9mo ago

You can instead install a FOSS fork of Signal like Molly [1] built by F-Droid directly from the source code

[1] https://molly.im/

Tijdreiziger9mo ago

Isn’t that against Signal’s terms of service? Won’t they ban you?

sneak9mo ago

It is neither against the signal software’s license, nor it is against the signal service’s terms of service.

This is a false meme spread because the Signal founder (who is no longer with the company) didn’t like people making forks without changing the API server URL and running their own servers.

Open source software doesn’t work like that, however.

2 more replies

j / k navigate · click thread line to collapse