The Signal Server repository hasn’t been updated since April 2020. There are a bunch of links about this here but I found this thread the most interesting.
To me, this is unforgivable behaviour. Signal always positioned themselves as “open source”, and the Server itself is under the best license for server software (AGPLv3 – which raises questions about the legality of this situation).
Signal’s whole approach to open source has constantly been underwhelming to say the least. Their budget-Apple attitude (secrecy, i.e. “we can never engage the community directly”, “we will never merge/accept PRs”, etc) has lead to its logical conclusion here, I guess. I have been somewhat of a “Signal apologist” thus far (I almost always defend them & I think a lot of criticism they get it very unfair) but yeah I’m over Signal now.
if Snowden uses Signal why shouldnt i use it?
Cheers
Was that before Signal started exfiltrating your social graph via their “no opt out possible” contact discovery service, if so perhaps they’ve updated their opinion since then?
Warning, the rest of this is a wildly meandering rant against our modern privacy theater. Optional reading…
At least the old app permitted the user to deny access to the device address book. Shame they’re trying to solve a problem that doesn’t need solved: “Very few people want to install a communication app, open the compose screen for the first time, and be met by an empty list of who they can communicate with.”
That’s exactly what I want.
Stating “Clients that wish to perform contact discovery negotiate a secure connection over the network all the way through the remote OS to the enclave” is magic handwaving
Just don’t do it, and the problem is solved. It’s as though no one has ever implemented or used instant messengers before, or have been gaslit into thinking they weren’t an ideal base model (2015 and onwards with Google and Facebook realizing how “foolish” they had been.)
When Signal released the update to force this on users, I delete my address book, created a new one with only my own phone number in it, Erase-All’d Signal, reinstalled it, set it up once to use my new address book to upload that to The Cloud, then uninstalled Signal and never thought of using it again.
I totally get what they’re trying to do (or have been forced to do), but I’m fortunate enough to enjoy just the notion of privacy and I don’t require the protection that it may or may not provide for my personal safety (I assume and hope.) I’m certainly not going to endorse their mini-Apple "my way or the highway forced notion of privacy that they’re implementing with that approach to my social graph.
I get the same vibe from email these days from a lot of discussions. It’s some broken, useless thing when it’s the most useful, effective thing I’ve ever used in my life. 14 Eyes and everyone else endlessly scanning the metadata on email, that shame is firmly on them. No one is pretending that we have any actual privacy (except perhaps the Germany government on paper.) Signal is trying to have their cake and eat it to.
Regarding email being great, except for gmail: one of the most user hostile things I’ve ever used in my life. The spam UI buttons not whitelisting/blacklisting addresses is one of the most FU things I’ve ever experienced. And their spam filters will occasionally just blackhole some valid email without delivering it even into the spam folder (who knows why, the user has no input into that process as the one control surface they do provide, the ability to create filters that on paper whitelist a specific address, doesn’t override this process), in spite of delivering endless piles of obvious spam to my spam folder every day…further cementing the user’s recognition of the unreliability of delivery through the walls of their anti-federated garden…
deleted by creator
You can disable contacts permission on [settings - apps - signal - permissions] to send a message to contact you can use dialler and click message and send the message to the contact number