The Signal Server repository hasn’t been updated since April 2020. There are a bunch of links about this here but I found this thread the most interesting.

To me, this is unforgivable behaviour. Signal always positioned themselves as “open source”, and the Server itself is under the best license for server software (AGPLv3 – which raises questions about the legality of this situation).

Signal’s whole approach to open source has constantly been underwhelming to say the least. Their budget-Apple attitude (secrecy, i.e. “we can never engage the community directly”, “we will never merge/accept PRs”, etc) has lead to its logical conclusion here, I guess. I have been somewhat of a “Signal apologist” thus far (I almost always defend them & I think a lot of criticism they get it very unfair) but yeah I’m over Signal now.

    • federico3
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      4 years ago

      Tox has a terrible security track record. At the same time, developers are still making wild claims that Tox can protect your from nation-state sponsored attacks:

      Whether it’s corporations or governments, digital surveillance today is widespread. Tox is easy-to-use software that connects you with friends and family without anyone else listening in.

      This is not a code problem.