Toggle Settings and Themes
Site Preferences




*The preferences are saved using cookies because this website does not use Javascript.
To clear the cookies, select Clear Cookies and click submit, this will also reset all the preferences to default.
The cookies are not used for analytics, read the privacy policy for more details.

Switching to Signal is Not Enough

Switching to Signal is Not Enough, but it's a good step towards the right direction. Protocols help you avoid being locked into a single application or service.

This page was published on , and last updated on .
Tags:


Switching to Signal is a good step towards the right direction, but it is not enough.
We are seeing a massive spike in Signal installations since WhatsApp introduced their new privacy policy.

Though there are many other alternatives available, Signal is getting popular, but the hype is due to A celebrity's tweet to Install Signal.

Unlike WhatsApp, Signal is a non-profit organization, and Signal is a free and open-source client. This makes Signal superior in terms of security as they have gone through multiple audits and anyone can verify that the encryption is done correctly.

There are things in common for both of them, some are good and some are... not so much.

Con: Both are centralized

If Signal goes the wrong way, we cannot just switch a server and continue like what we can do with other decentralized, federated services like Mastodon, PeerTube, or Matrix.

A wide adoption to a centralized service is never a good idea as moving from it means you have to convince everyone else using that service to move with you (isn't this what's happening with WhatsApp?).

But if the service is decentralized, one can just switch from the server they don't like, it's like switching the e-mail, you'll just change the domain, and everyone can still mail you without installing another app or using a new different service.

Edit: on 15th January 2020, Signal had a global outage due to the surge in its usage, this also demonstate how vulnerable Signal is to a takedown.
If a decentralized service had a similar issue, users could have moved on to another server without loosing functionality.

Con: Both are not available on F-Droid or other Foss stores

WhatsApp does not qualify the requirements to be included in the F-Droid store, this is because WhatsApp is a proprietary application and has non-free binaries included in it.

But Signal does qualify (or it used to until Signal devs decided to included Google reCAPTCHA) and the developer Moxie is against having Signal published in F-Droid.

Instead, He decided to provide a link on the website to download the android APK directly.
The link is not mentioned anywhere on the website, instead if you search for Signal APK in your search engine, you will be able to find the link to download the file.
But the page will warn you and try it's best to install the app from the privacy invading Google Play Store.

F-Droid allows anyone to create custom repositories and that would be a much secure way to download the application than a direct link.

Pro: Both uses Signal protocol

Signal protocol is one of the most secure cryptographic protocol that can be used to provide end-to-end encryption for voice, video and text conversations.
WhatsApp claims to use Signal protocol, but by design (proprietary service) there is a way for the user to verify if WhatsApp actually uses it or not.

Instead of relying on applications, one should rely on protocols, this makes sure that anyone can use the app of their choice to contact you.

Update : I used to have a list of alternatives that you can use on this page (archived), I've moved them to my migrating to floss blog as it fits better there, make sure to check it out!


About me

Coding Otaku Logo

I'm Rahul Sivananda (he/him), the Internet knows me by the name Coding Otaku. I work as a Full-Stack Developer (whatever that means) in London.

I care about Accessibility, Minimalism, and good user experiences. Sometimes I write stories and draw things.

Get my cURL card with curl -sL https://codingotaku.com/cc
Find me on Mastodon, Codeberg, or Peertube.
Subscribe to my feeds.

Continue Reading

Next

Tip

All my blogs can be subscribed to using RSS(Atom) or JSON feeds, if you do not know how to use feeds, I have a page with instructions on how to do that.

Comments

Note: All comments are held for moderation before publishing it!

The comments can be deleted if you have not cleared the cookies. If you clear the cookies and want your comment(s) to be deleted, please send me an email from the email address you submitted when commenting (I will also consider the email from your website domain).

Anonymous comments cannot be deleted if you clear the cookies as I have no way of knowing who commented.

The comment forum, a unique id will be stored as a cookie in your browser to save the session.









Recent Blogs

Subscribe via Atom or JSON feeds.