Sander Venema has published a cool article on why he won't recommend Signal anymore.
My article on why I won't recommend #Signal anymore: https://t.co/aqYi7otoiM— Sander Venema (@VenemaSander) November 5, 2016
Very interesting read for anybody with basic tech background and who is interested in having a reliable infrastructure which is prone to mass-surveillance.
For this blog post, I now assume you've read the article.
Sander is absolutely right about the disadvantages of Signal:
- Lack of federation
- Dependency on Google Cloud Messaging
- Your contact list is not private
- The RedPhone server is not open-source
Although I totally copy Sander's arguments, I still recommend using Signal. I strongly do.
I also would like to see an alternative that offers the same level of security and usability while being federated, independent of any central instance and is (also) open source to verify those things.
Unfortunately, I don't see such an alternative yet for the average user.
Please, do work on alternative solutions. Please, do think of federated or at least decentralized services.
But: until there is a viable alternative, I will continue recommending Signal to people. In my opinion, it's the best of the very few solutions we have so far. Switch to Signal now, in case you are still using insecure messengers such as simple text messaging, WhatsApp, SnapChat, iMessage, AIM, facebook, or most others.