> To add, never rely on products that require you to trust the company respects your privacy.
> Always use apps that are E2EE by default (e.g. Signal)
You are contradicting yourself here. You are required to trust Signal the company to respect your privacy, to trust that it's actually doing end-to-end encryption, doing it properly and doesn't issue an update breaking it because of some secret US government order. Because Signal controls software distribution, it's pretty much just a binary blob that some guy from Signal can update any time.
A proper end-to-end encryption at minimum requires an open source implementations and distribution to avoid trusting the company to respect your privacy, since this is the primary reason for end-to-end encryption to exist. Otherwise incentives are misaligned and it will be broken by the same company it is supposed to protect from as soon as they need your messages for something.
You can read the source, you can compile it yourself, and you can use it.
You can also do a reproducible build and check that it matches the hash of the APK served by the play store.
"Open source distribution?" What is that? If you can't trust the vendor, no F-Droid is going to help there. If you need to verify the source, you need to do it yourself.
>some secret US government order
Explain how that would work on legal level when compelled speech violates the constitution.
> You can read the source, you can compile it yourself, and you can use it.
I can read some source code they provide, not necessarily what everyone has installed at any given moment. Even if I could review it and compile it and run it the other ends of end-to-end won't, so I still have to trust Signal the company to not violate the other ends.
Open source distribution means packages in various open source repositories, not controlled by software vendors.
> If you can't trust the vendor, no F-Droid is going to help there.
F-Droid model is exactly what's going to help with not having to trust the vendor. It's sort of an infrastructure to reduce trust in software vendors. Independent parties maintaining forks and packages are more likely to notice if vendor does something stupid, more likely to have people and tools to verify claims and implementations, provide a way for independent implementations.
> Explain how that would work on legal level when compelled speech violates the constitution.
It doesn't matter, they can come up with plenty of bullshit excuses claiming child porn or whatever. The important thing is you have to trust Signal the company, the US government, the legal system, etc.
>not necessarily what everyone has installed at any given moment
That applies to any distribution mechanism.
>I still have to trust Signal the company to not violate the other ends.
99% of people are going to download the app from Play store, even if F-Droid was available. You're screwed.
>It's sort of an infrastructure to reduce trust in software vendors.
Oh dear god. No. It's just more steps into distribution chain the user needs to trust.
>Independent parties maintaining forks and packages are more likely to notice if vendor does something stupid,
The same people might look at Signal's main repository for the same concern, and notice the same things. Furthermore, Signal is the entity innovating on secure messaging protocols, so I wouldn't say the chances are they're doing stupid things.
>more likely to have people and tools to verify claims and implementations
No. Nobody's looking at some John Smith's Signal fork. Besides, using such fork is an incredibly dangerous weak point, from the maintainer's improper singing key storage and signing process, to just having to trust random maintainers. Absolutely no.
>It doesn't matter, they can come up with plenty of bullshit excuses claiming child porn or whatever.
>The important thing is you have to trust Signal the company
The literal point of the ubiquitous E2EE, FOSS codebase with reproducible builds is to eliminate the need to trust them. The FUD you're spreading is incredibly damaging.
Again, that whole point of end-to-end encryption that allows it to eliminate the need to trust the vendor only works if the vendor isn't the one supplying said end-to-end encryption. Please don't make arguments that "Signal does this or that you can trust them", you do not eliminate the need to trust them this way at all. If you do have to trust them not to spy on you, it's not a proper "end-to-end" encryption, simple as that, it's effectively the same thing as a regular TLS encryption to the servers, where you have to trust them not to spy on you on the servers. And in either case that trust will be eventually violated, because there is no incentive not to, but plenty of pressure and incentives to violate it.
I don't know what's so confusing about it. You like Signal and trust them, that's fine, but I don't trust them or anything coming from the US, I really would like to eliminate such trust. Claiming that I don't have to trust them is unproductive and a lie.
>Again, that whole point of end-to-end encryption that allows it to eliminate the need to trust the vendor only works if the vendor isn't the one supplying said end-to-end encryption.
That doesn't make any sense whatsoever. Vendor supplies the E2EE, users and experts review it, and then if it changes, review changes. Third parties can trivially make edits to their forks and that's the easiest backdoor possible. How can you not see that.
>Please don't make arguments that "Signal does this or that you can trust them", you do not eliminate the need to trust them this way at all.
I already explained there are technical measures in place that allow you to verify the build you're using yourself. You're clearly not a subject matter expert here so I suggest you move on.
> If you do have to trust them not to spy on you, it's not a proper "end-to-end" encryption, simple as that
You're arguing from the wrong premise. You don't have to trust them.
>it's effectively the same thing as a regular TLS encryption to the servers, where you have to trust them not to spy on you on the servers.
if Signal was doing an active MITM attack against their own encryption, that would be eavesdropping which is a felony in the US.
>And in either case that trust will be eventually violated, because there is no incentive not to, but plenty of pressure and incentives to violate it.
And somehow random repository maintainers are immune to pressure and incentives. I get it, you're trolling.
>I don't know what's so confusing about it.
If you really stretch those brain cells of yours you might understand it one day.
>You like Signal and trust them, that's fine, but I don't trust them or anything coming from the US, I really would like to eliminate such trust.
Again, you don't have to trust Signal.
>Claiming that I don't have to trust them is unproductive and a lie.
So you ignore the concept of reproducible builds and just establish an opinion with average-joe level reasoning.
> there are technical measures in place that allow you to verify the build you're using yourself.
There are no technical measures for Signal in place that allow anyone to verify the build all ends of said end-to-end encryption are running nor any technical measures to ensure the software they are running won't be updated with compromised end-to-end encryption by the vendor in the future. The measures I talk about address both points by removing trust from the vendor and distributing it across many independent entities.
> if Signal was doing an active MITM attack against their own encryption, that would be eavesdropping which is a felony in the US.
It's not just legal anywhere in the world, it's what a lot of software already does.
Anyway, if end-to-end encryption requires the exact same level of trust as TLS, there is no point in it. It's only useful in truly open source messengers, not Signal, Whatsapp or other binary blob centralizedly controlled messengers.
>There are no technical measures for Signal in place that allow anyone to verify the build all ends of said end-to-end encryption
There is no technical measure in existence that allows that for any application. This is called a nirvana fallacy.
> nor any technical measures to ensure the software they are running won't be updated with compromised end-to-end encryption by the vendor in the future.
That applies to all software that requires automatic software updates, i.e. networked TCBs. You want something that doesn't require updating, you use stronger model like TFC.
>The measures I talk about address both points by removing trust from the vendor and distributing it across many independent entities.
And users are going to compare diffs of multiple vendors for every update to see nothing malicious was added? Give me a break.
>It's not just legal anywhere in the world, it's what a lot of software already does.
> Always use apps that are E2EE by default (e.g. Signal)
You are contradicting yourself here. You are required to trust Signal the company to respect your privacy, to trust that it's actually doing end-to-end encryption, doing it properly and doesn't issue an update breaking it because of some secret US government order. Because Signal controls software distribution, it's pretty much just a binary blob that some guy from Signal can update any time.
A proper end-to-end encryption at minimum requires an open source implementations and distribution to avoid trusting the company to respect your privacy, since this is the primary reason for end-to-end encryption to exist. Otherwise incentives are misaligned and it will be broken by the same company it is supposed to protect from as soon as they need your messages for something.