Signal is in a weird place where they can do no right by users. It's a team of like 25 developers building extremely complex software criticized by people that don't understand security and trivialize everything. Reddit has a lot of evangelists that can't even program. Their community forums are a dumpster fire where users act like "my way or the world is going to end" (see the current username discussion. Most people are fair but you see[0]). Anything they say on Twitter gets spammed with questions about usernames by people that can't be bothered to see that it is in alpha testing and available for custom builds. And on HN everyone criticizes Signal and compares it to Matrix which is always better for every single purpose.
I do like Signal and I think they have done a lot of good. I do think they have a lot of valid criticism against them but also I think a lot of people aren't providing useful criticism (it is a shame that's happening here, on a forum that should be filled with tech experts). People also aren't realistic. A 25 person team working at a non-profit aren't going to have the same development capacity as a 250 person team.
What do you "Matrix is always better for every single purpose"? Are you saying that you really believe that, or characterizing others as saying that wrongly?
I don't know much about either, but I thought both had somewhat new (less-tested) encryption algos (one is 'double-ratchet' or something? that recently has shown security vulnerabilities?)
I'm saying that people put Matrix/Element in competition with Signal. These used to be dominating voices here. I do think the Matrix == Slack and Signal == Text philosophy has become more prominent now (the philosophy I prescribe to). But there are also major discussions about decentralization and users would suggest Matrix was more secure because of that even though at the time group chats were not encrypted (they are now) and E2EE was not enabled by default.
These are purely my observations of the discourse around Signal and should not be taken as a universal truth. Only my subjective reality.
I'm not aware of any major vulnerabilities in Matrix (but I'm not following) closely. I'm also not aware of any in Signal, which I know is frequently audited. There is an SGX attack, but it is often blown out of proportion (highly technical attack that requires an unlocked phone to be in the physical hands of the attacker).
Pretending like Signal is the second coming of Christ and implying that Telegram and all else is insecure and for dumb idiots and may have had something to do with it
That's far from what is happening. Everyone is complaining about Signal, including me.
Telegram gets a lot of shit because they prop themselves up as a privacy app but aren't. The default is that things are not encrypted. They use a proprietary encryption scheme. They store user data on their servers. These are not the marks of a privacy app.
Thanks for letting me know what I think? And we're all aware of Telegram shortcomings here, it was an example and correct me if im wrong but this thread is about Signal?
I explained how imo Signal has burned the goodwill of a some of its early adopters. Meaning not recommending it to my friends and buying my mom an iPhone. Now there's an argument to be made that it's not very smart to dismiss the app, but that's what happened.
I'd be very surprised if they manage to salvage its image at this point
I do like Signal and I think they have done a lot of good. I do think they have a lot of valid criticism against them but also I think a lot of people aren't providing useful criticism (it is a shame that's happening here, on a forum that should be filled with tech experts). People also aren't realistic. A 25 person team working at a non-profit aren't going to have the same development capacity as a 250 person team.
[0] (maybe go to the bottom) https://community.signalusers.org/t/usernames-in-signal/9157