Signal is safe enough depending on your threat model
If you worry about aws centralization and outages then signal isn’t a good option
If your worried about sgx enclave exploitation then it’s not a good match
If your worried about us intelligence monitoring traffic then it’s not a good fit
So signal is fine for person to person western traffic
Not a good fit for a country needing isolated highly secure messaging… I.e. the french government should NOT use signal, centralized in America, sgx exploits are a concern, and exposing the social and communication graph to the us intelligence services isn’t in the french national interest
US law enables to government to demand a backdoor into any private company and makes it illegal for that company to disclose whether or not this has happened. It is best to assume that any private US company is compromised in this way.
It is best to assume that any private US company is compromised in this way
I would say that’s ridiculous for most people, but I guess it entirely depends on your threat model… if you’re legitimately worried about state-level boogeymen, you’ve probably got bigger problems and already know all of this.
Signal is safe enough depending on your threat model
If you worry about aws centralization and outages then signal isn’t a good option
If your worried about sgx enclave exploitation then it’s not a good match
If your worried about us intelligence monitoring traffic then it’s not a good fit
So signal is fine for person to person western traffic
Not a good fit for a country needing isolated highly secure messaging… I.e. the french government should NOT use signal, centralized in America, sgx exploits are a concern, and exposing the social and communication graph to the us intelligence services isn’t in the french national interest
What it I’m head of the Department of War and I want my war crimes to be secret? Asking for a friend
Then signal probably isn’t for you
There’s a custom app for that, that’s based on Signal.
source:
US law enables to government to demand a backdoor into any private company and makes it illegal for that company to disclose whether or not this has happened. It is best to assume that any private US company is compromised in this way.
I would say that’s ridiculous for most people, but I guess it entirely depends on your threat model… if you’re legitimately worried about state-level boogeymen, you’ve probably got bigger problems and already know all of this.
If you are designing the french government communication systems, would signal work for your requirements?
I block fascists and I can’t see who you’re talking to 🤷♂️