I'm actively recruiting volunteer devs for a native Signal / Signal-like client in Gtk, in the hopes that we can bring it to the @Purism Librem 5 phone. Please contact firstname.lastname@example.org if interested.
PGP/GPG: FA9D 40F1 5FE1 D8AB 8312 4AAA 77E3 1447 CD1F C3F6
OpenWhisperSystems / the devs behind Signal made the choice to centralize the service and build identity around the phone number system, instead of doing the federated / decentralized approach.
They did this consciously to encourage widespread adoption without the traditional difficulties associated with a decentralized, multiple-client approach.
That makes it different from approaches by Matrix.org, XMPP, and so on. 1/2
From the OWS perspective, it's important to keep the UI/UX consistent; alternative clients degrade the user experience for everyone on the network, and use expensive resources. Security and QC are impossible to verify for apps out of OWS control
The FOSS-y arguments are familiar, and include the fact that centralization is dangerous for freedom. 2/2
As for the OWS perspective, we're going to have to file that under #utterbollocks.
For the record, I have nothing against closed source per se. It's specious arguments, outright lies and #antisocial behaviour that gets in my tits. And that's the things that #signal truly are experts on.
Just for the record.
* First things first, the #wikipedia advertised “Open Whisper Systems” does not actually exist. Prove me wrong with an official incorporation document.
* The also #wikihyped “Signal Foundation”, AFAICT does not exist either, according to people who should know, namely https://www.irs.gov/charities-non-profits/tax-exempt-organization-search
See next message for what *does* exist…
* What does exist is SIGNAL MESSENGER, LLC, a #Delaware company incorporated in January 2018 (yep, date is correct) https://icis.corp.delaware.gov/Ecorp/EntitySearch/NameSearch.aspx
* It is also registered (at a mail drop address) in #California since March 2018 (https://businesssearch.sos.ca.gov/CBS/SearchResults?SearchType=LPLLC&SearchCriteria=Signal+Messenger&SearchSubType=Keyword)
* Previously, when this guy came up with his previous product iteration, he had set up another #Delaware entity, WHISPER SYSTEMS TECHNOLOGIES, INC. This was in 2011.
* In 2012, a #California #LLC (https://businesssearch.sos.ca.gov/CBS/SearchResults?SearchType=LPLLC&SearchCriteria=Riddle+Quiet&SearchSubType=Keyword) was selling his software on the #apple store (https://news.ycombinator.com/item?id=8105849)
@diggity @philippemargery @Purism
For the Delaware entities, if someone wants to shell out $20 you can get the tax returns which should give an idea to what extent the claims made in #wackypedia and the press are true or not, and where any money has been coming from and going to.
For the “foundations”, please someone publish their articles. And obviously, as for any other private non-profit, their finances.
Not even getting into the technical aspects of it. #Security? Your own phone number as your ID, what could possibly go wrong?
But the obvious disparity between the public claims and the hard data that can be found with just a casual search, are no journalists wanting to dig a bit into that? @maxeddy?
@Gorio Interesting read. Generally, however, it's not surprising that people who administer whichever kind of infrastructure also will have access to (meta)data collected all along the way, and be that just for being able to provide a given service. We either need *true* (serverless) peer-to-peer solutions or a way to provide *trustworthy* operations of critical infrastructure. Just to have FLOSS code available to "run your own" doesn't help here.
One of the first Mastodon instances, there is no specific topic we're into, just enjoy your time!