The BBC was full on pushing the propaganda that Iraq had WMDs, were they credible then?
Were they credible when pushing for every single US war and proxy war since?
Are they credible in their full support for Israel, and condemnation of the Palestinian resistance as terrorism?
Remember that time the BBC got caught editing photos of vloggers in China to make it look dystopian, then quietely edited the photos after getting caught?
BBC is not a credible news source, they’re an orientalist rag / tabloid journalism.
There’s a lot of dead accounts downvoting you BTW.
Even with full e2ee, they still have
With this its easy to build social networking graphs, and tag everyone implicated with a targeted account as an accomplice. Reading and trying to build meaning from the e2ee message content is almost less important than social graphs.
They went a whole year without publishing updates to repo a few years back, until there was a big community backlash over it. Also you have no guarantee that’s what they’re running other than: “just trust us”.
Other front ends might not support these settings. We only support lemmy-ui and jerboa.
Matrix, SimpleX, Briar(not a huge fan of this one since its android only), XMPP (only if you have encryption addon).
shouldn’t we focus on making sure everyone can access Signal without issues?
I’d rather ppl not use US-based centralized services, hosted on amazon’s servers, and subject to national security letters.
There are far better self-hostable alternatives that aren’t hosted in burgerland.
A lot of the above have communities in various forms, and they predate lemmy.
Signal is secure, not fully private or anonymous.
Why do people think this secure vs private distinction is in any way meaningful. I don’t want a US service to have my phone number, or spy on me, and have social network graphs, period.
Why is the US government being able to spy on me considered “secure”?
even though the server is open source, it isn’t self hostable
Since its a centralized server that isn’t self hostable, you have no idea whats running on their server. Signal even went a whole year once without publishing any server back end code updates, until it raised a lot of hackles so they started adding to it again.
But the signal foundation is a non profit with external audits and a proven track record with law enforced requesting data and getting basically nothing (If i remember correctly they only have your user to phone number relation and the last time you were online)
You have no idea what they give to authorities: in fact with NSL’s, its illegal for them to tell you. Signal’s response to this is “just trust us”.
The amdocs funding isn’t that concerning to me, because unlike signal (which also had shady funding, via the US DoD / OTF), the matrix back-end can be self-hosted, built from source, and run entirely privately.
I just prefer fediverse, because it refers to the common network of apps and services speaking the same language: activitypub. There’s not really any such thing as the “threadiverse”, because lemmy can talk to mastodon, friendica, peertube, discourse, gnusocial, plerome, wordpress, lotide…
A lot of these have communities just like lemmy, and choosing to layout comments flat vs in a tree, is entirely a UI consideration for many of them. So if the thing distinguishing “threadiverse” is just comment trees and communities, then a lot of fediverse services already have those.
It’s a centralized, US-based service running on AWS, that’s not self-hostable, requires phone numbers, and you have no idea what code their server is running.
Whether the app you use for it is open source, is entirely irrelevant for them building social network graphs, considering they have your real identity via phone numbers.
If the answer is “I just trust them”, then you’re not doing security correctly.
Matrix, simpleX. Both have apps on f-droid, are federated, E2EE, and the servers are self-hostable anywhere in the world. Neither require phone numbers or identifiable info.
So just give up and use signal then?
You’re not going to convince me to use US-domiciled services.
Since I don’t use comms platforms they have jurisdiction over, I lessen the risk.
They store your phone number, and have to route all the messages you created to the other phone numbers / user IDs in their database. This means anyone with access to signal’s centralized database has social network graphs: who talked to who, and when.
If your threat model is “I just trust them”, then its not a good one.
Privacy advocates have been raising the alarms about signal forever, but like apple, their fanbase just feels the security “in their gut”, and think that because it has a shiny interface, it must be secure.
Signal is a US-based entity subject to warrantless NSLs, with all the data hosted on AWS. Its not giving your phone number to your mom. Its giving your phone number to amazon and most likely a US surveillance government agency.
For a threat model you should assume the worst and never trust any US-domiciled data service or platform.
A month ago I just bought a xiaomi tablet for my main work machine. Full android, with no google play / google play services, and it runs f-droid and all the apps fine. Haven’t missed any app on the google play store, or that require play services.
If google keeps on alienating people, people will move over to HarmonyOS, or a lot of the larger chinese companies making android devices will maintain their own AOSP fork, and google will be as irrelevant worldwide as apple is.