A quick rebuttal of some points you made. Not going too in depth as I just want to provide my perspective:
CIA Funding:
This is a non-issue. The OTF also funds: Briar, Tor, Wireguard, Delta Chat, Bind9, CGIProxy, CertBot, K-9 Mail, Tails, NoScript, QubesOS, The Guardian Project, and a host of other essential privacy tools/software. You’re telling me they’re all compromised just because they’re getting funded? I don’t buy it.
A Single, Centralized, US-based service
The Code is open source and Android has reproducible builds, iOS would have them too, but it’s impossible based on the way Apple’s build process works. Lastly, Signal’s devs/infra exist in the US, they have to exist somewhere, why not the country of origin? With the code being open/reproducible, you don’t have to trust them.
Phone # Identifiers
This is to make onboarding easier and minimize spam - I got my grandma to install it and find the rest of the family on Signal VERY easily. Trying to get her onboard with Matrix/Element or even Briar would have been a struggle. I like Briar, but its not ready for mainstream yet. I also like Element, but I don’t believe it’s quite a text/sms replacement like Signal is - in addition to leaking metadata.
Social network graphs
Here you mention metadata, so I’ll ask which other provider goes to the lengths that Signal does to minimize the collection of metadata? And please read over how Sealed sender works before you claim its easy to circumvent. You deride their implementation and claim how easy this is to collect without understanding what’s going on under the hood.
Abandonment of Open source
This is a stretch. Signal is a non-profit. They don’t have the same funding or staffing as their competitors and all their code is current. Yeah, they let it get out of sync for a while, they’re human, not robots. Don’t let perfect be the enemy of good.
Bundling a Cryptocurrency
What does a messaging platform have to do with crypto/payments? I don’t know, you should ask every other big player who is also trying to get in on the game hoping to siphon even more data from everyone’s purchases.
I do want to close by saying that Signal is definitely not the end-all-be-all of secure messaging platforms, but it is currently the best for mass adoption. I’m keeping my eyes on Matrix, Sessions, and Briar, but can’t say they’re ready to “go mainstream” yet.
"Signals database, which we must assume is compromised due to its centralized and US domiciled nature, has a few important pieces of data;
Message dates and times
Message senders and recipients (via phone number identifiers)"
I have a problem with the article’s claims on metadata too, hasn’t there been too many transparency reports and subpeonas that prove that they literally have nothing to offer to the government except the last time someone used signal and the date of joining?
A quick rebuttal of some points you made. Not going too in depth as I just want to provide my perspective:
I do want to close by saying that Signal is definitely not the end-all-be-all of secure messaging platforms, but it is currently the best for mass adoption. I’m keeping my eyes on Matrix, Sessions, and Briar, but can’t say they’re ready to “go mainstream” yet.
"Signals database, which we must assume is compromised due to its centralized and US domiciled nature, has a few important pieces of data;
I have a problem with the article’s claims on metadata too, hasn’t there been too many transparency reports and subpeonas that prove that they literally have nothing to offer to the government except the last time someone used signal and the date of joining?