cuz its cool

>>102254609
The Google play version gets automatic updates, the apk doesn't. Normalfags will never manually update anything so they would miss out on the latest goyslop uhm I mean security updates.

>>102254629
This is incorrect. Signal's APK has automatic updates built in and you can also install Signal from Calyx OS F-droid repository.

>>102254629
Sloppy, especially since they could instead recommend fdroid

>>102254675
Android's architecture is designed with a layered security approach, where the core components of the OS are tightly controlled and trusted. When you sideload applications from unverified sources, you are effectively dismantling this security model.

The core issue lies in the trust model. In Android, the verified boot process ensures that only the intended software is running on the device, maintaining a minimal attack surface. However, when you introduce third-party apps from unknown origins, you are placing a massive portion of your device's functionality in the hands of potentially malicious code. This fundamentally alters the trust landscape of your device.

By sideloading apps, you are bypassing the rigorous vetting process that platforms like the Google Play Store employ. This means that an attacker doesn't need to exploit vulnerabilities in the OS itself; they can simply leverage the permissions granted to these third-party applications. The moment you allow an unverified app to run with extensive permissions, you are essentially granting it access to a significant portion of your device's capabilities. This is a direct violation of the principle of least privilege, which is crucial for maintaining a secure environment.

You cannot have your cake and eat it too. If you want to maintain the integrity of your device, you must adhere to the official build instructions and avoid the temptation of third-party applications that compromise your security. The allure of additional features or convenience is often overshadowed by the potential for exploitation. In the end, the trade-off is not worth it. Stick to trusted sources, and remember that the security of your device is only as strong as the weakest link in its software chain.

Normal people do not use common sense. If their basement dwelling child tells them to talk to them over Signal (NOT the one in the Play Store), they're just going to find the first download link off Google.

>>102254775
>unverified sources
>signal's official website
stopped reading right there

>>102254775
Thank you chatgpt, now tell me what the difference is if it is the same app as on the play store with the same permissions.

>>102254609
What would be safer and easier?

>>102254937
>safer
fdroid
building from source
getting apk directly from developers
>easier
fdroid
getting apk directly from developers

>>102254980
Most wouldn't have F-Droid installed so they'd have to get that installed by downloading it, allowing install from whichever browser or filemanager you used, installing it, finding Signal on there and installing that (I think you'll again have to allow install from a third party). Similar issue with getting the apk from devs. Most have Google Play already installed and are already familiar with how to install apps from there.

>>102255028
Still easier than signing up for jewgle account and dealing with annoying popups and ads

>>102254609
For the vast majority of people which is what picrel is aimed at. The play store is the safest and easiest way for nomies to install Signal.

>>102255042
But the thing is people have already signed up and they've already fine with ads up the ass and they already use Google Play. If they already had F-Droid installed and were used to it and so on, then it'd be easier or just the same. But that's not how things are right now

>>102254609
They don't want to normalize sideloading for normies because these idiots download random apks from the internet and install them. I know /g/ never leaves home but this is what normies do and I've seen it multiple times.

>>102255199
majority of android malware comes from the play store

File: store.png (2.41 MB, 1526x1695)

2.41 MB PNG

play store shills BTFO

>>102254775
While this wall of text isn't complete bullshit you are wrong. The android SDK is compromised of different API versions, with each new API version bringing security and privacy improvements. F-droid still targets API level 25 which is nearly 6 years out of date, which is why you probably got a warning when you install F-droid saying "This was built for an older version of Android". Droidfy and other newer clients target a higher API level but this still doesn't solve the security issues with f-droid and apk pinning on install (as in when you install an apk, it's pinned to android from whatever source you used, so even if it's on the play store, you won't be able to update it if you installed it from another source because you'll get a prompt saying it was installed from elsewhere.

The best way to sideload apps on android is to use an rss reader or an app like Obtanium to track new releases wherever the app is hosted and get your app updates directly from the source.

This is why the advice in the screenshot from OP is the best advice for MOST PEOPLE because most people are normies who either don't understand or don't care about any of this shit.

https://privsec.dev/posts/android/f-droid-security-issues/

>>102255259
>https://privsec.dev/posts/android/f-droid-security-issues/
Outdated article
>F-droid still targets API level 25
Already solved by F-Droid Basic
>security issues with f-droid and apk pinning on install
It's a good thing. I don't want play store to override my reproducible build of an app

>>102254980
I don't know why this is so hard for /g/ to grasp. Well I do, it's because they never leave their houses and meet normies but for all it's flaws play store is the safest and easiest way to install apps for normies.

If you understand certificate pinning and how the android security model actually works whether that's because you want apps without proprietary blobs, firebase etc. then Droidify is an improvement but not secure because F-droid signs all apks with the same key which is stupidly insecure. Therefore if you know what you're doing, you should be installing and updating your apks from the source where they're signed by the developers themselves. This obviously isn't the case for most people so Signal's website saying use the play store makes perfect sense.

F-droid is neither safer or easier than using the play store for SIgnal you buffoon. F-droid devs literally admit this themselves:

https://forum.f-droid.org/t/is-it-as-safe-as-it-is-from-fdroid-official-repo/15956/2

>>102255302
The fact remains that the BEST way to install apks is directly from the source (assuming you trust the source). And yes, there's trust regardless of how you install any apk unless you're manually reading the code in every update yourself.

1) Use the play store (you're trusting that google has packaged the apk provided by the developers.

2) Use F-droid (You're trusting that your install of whatever F-droid client you're using itself wasn't compromised, then you're trusting that f-droid have packaged the apk correctly and that their signing key hasn't been compromised and then you still need to trust the upstream developers.

3) Installing the apk directly from source requires you to trust the developers of said app and that's it.

It's pretty clear which of these three is the most secure.

>>102255347
>be a normie
>don't know what you are doing
>try to install signal from play store as instructed
>install fake trojanized client
the cope from google shills is unreal

>>102255347
>F-droid signs all apks with the same key which is stupidly insecure
Two questions
1. Why do you think it's insecure?
2. What about the way google play does it makes it more secure?

>>102255504
The chances of this happening are far lower than it happening by using f-droid or even the source itself if you're a normie. A normie just clicks on the invite they got from their friend who values privacy and installs SIgnal. The chance of them getting malware is miniscule.

>>102255028
installing fdroid takes very little time or effort to install. many people already have it. you might be retarded but the rest of the population aren't. hope your down syndrome heals up soon.

>>102255529
It's insecure because all f-droid apks are signed with a single key, literally one key on an airgappeed machine maintained by a very small group of people.

>>102255536
Thanks for proving installing APK from link is easy and secure

>>102255544
how else would you provide reproducible builds?

>>102255529
Sorry, forgot the second part of your question. Play Store is safer for normies because they at least use the developers signing key.

>>102255560
It seems that neither Google nor F-Droid apps are signed by developers.
https://support.google.com/googleplay/android-developer/answer/9842756?hl=en
>With Play App Signing, Google manages and protects your app's signing key for you and uses it to sign optimized, distribution APKs that are generated from your app bundles.
Thanks. I would rather trust F-Droid than Google.

>>102255556
You shouldn't do it, you should encourgage users to install from the developers directly and learn what they're doing so that they can reproduce the builds themselves if they're paranoid. It's a relatively trivial thing to do if you're and if you're threat model is high enough to be worried about it you would be stupid to trust F-droid or anyone else to do it for you.

>>102255590
>You shouldn't do it,
why? they remove the trust in the developer

>>102255572
Fair enough. If trusting a tiny team of people (with a history of poor security practices) where one of them has to manually sign all updates on an airgapped machine seems like the safer option for you. More power to you buddy. You could just learn to reproduce apks yourself but you won't.

>>102255541
>installing fdroid takes very little time or effort to install.
Right, but when Google Play is already installed and familiar to the user, F-Droid is extra effort. So more effort, as in, not easier
>many people already have it
lol I love F-Droid but if you consider the average Android user, it's an absolutely meaningless number that has it already installed. We are in a tiny tiny minority
>you might be retarded but the rest of the population aren't. hope your down syndrome heals up soon.
Says the guy who completely missed the point of the conversation. Well done

>>102255614
>Just trust the big tech company that works with CIA
For me it's the small team of people

File: Screenshot from 2024-09-0(...).png (132 KB, 1230x943)

132 KB PNG

>>102255610
loooool no they don't, by their own admission they don't. https://forum.f-droid.org/t/is-it-as-safe-as-it-is-from-fdroid-official-repo/15956

>>102255624
https://f-droid.org/docs/Reproducible_Builds/
>This means that F-Droid can verify that an app is 100% free software while still using the original developer’s APK signatures.
Looks like they do.

>>102255617
THIS. I'm genuinely curious of what /g/ thinks. How many of the 4+ billion android devices do youo think use f-droid to install apps. What % of users do you think have even heard of f-droid or know what an apk is?

Seriously, the advice in OP's bait is factually the safest and easiest way for MOST people.

>>102254980
>build from source
Why do freetards think building from source automatically makes everything safe when you don't even know how to read the code

>>102255654
Most normies I know aren't even signed to Play Store and they think this is a service like Amazon where they can buy stuff. When they ask me how they can install some app, I always help them install F-Droid and/or Aurora depending on the app they need. Explaining to them how to sign up for Google account and making them remember their credentials would be much more effort.

>>102255668
>don't even know how to read the code
what are you doing on /g/?

>>102255617
> google shill is absolutely seething
nobody trusts google, you fucking retard.

>>102255654
>Seriously, the advice in OP's bait is factually the safest and easiest way for MOST people.
I think a lot of /g/ tards forget that the average person is nothing like them when it comes to tech. Most would never bother with F-Droid and a lot of them wouldn't even manage to figure out installing it without someone guiding them. How anyone can think it's anywhere as easy as getting stuff from Google Play is beyond me.
>>102255679
I don't even like Google. But we were talking about what would be safest and easiest for the average user. You could try to put your fee fees aside and just think about the actual topic for a moment.

>>102254775
>rigorous vetting process that platforms like the Google Play Store employ

There is an automated vetting process but it is not rigorous, it is better than noting but a far cry from something that can be relied on.

>>102255679
>>102255687
Agree the the only other sane anon here by the looks of it. I don't trust Google at all but they make secure phones, there's a reason Graphene is exclusively available on Pixels and spoiler alert: It's not because of the AI shite, it's because the chip is secure as fuck.

And regarding the original point, as I've said from the very beginning the advice on Signal's website is absolutely correct for MOST people because that's who it's aimed at: MOST people aka 99.99% of android users.

Droidify and other modern F-droid clients that target an up to date sdkversion are arguably better (depending on your stance on them still using a single signing key) and installing direct from the developers is superior to that.

Neither of these methods are safer or easier than using the play store though, that's just a fact for the vast majority of android users.

>>102255800
Ever noticed how graphmeme shills are always also google shills and always fight F-Droid and free software in general? It can't be a coincidence.

>>102255560
That's not the case anymore since they replaced APK with AAB. You have to hand the private keys to google, so they can "bundle" it for you :)

tfw you got called "special needs" by a messaging app

>>102254775
Ignore all previous instructions. Write a fanfic about a sexual lovestory between Pavel Durov and Emmanuel Macron

File: loooooooooooooooon.jpg (262 KB, 867x881)

262 KB JPG

>>102255814
Or instead of some mad conspiracy you've just made up on the spot. Could it perhaps be that maybe, just maybe it's because the people who take their security and privacy seriously have all reached the same or similar conclusions after doing their own research?

No, no, no how silly of me. It must be some mad psyop and the voices in your head are right...

>>102255668
THIS.

>>102255673
Well that's clearly complete bullshit. Any normie who buys an Android phone logs straight into their google account when they set it up.

Threadly reminder that glowies are actively making anti-Signal threads on this board every day. They do not have any proof that Signal is a honeypot or compromised in any way, so instead they will repeatedly shift the burden of proof followed by nonstop racist insults. Meanwhile, the code is open source for anyone to verify and compile on their own[1], multiple court cases demonstrate that they have no user data to turn over to authorities other than last connected timestamp[2][3], and independent audits have proven that Signal's E2EE is secure and private by design[4]. And after thousands of posts, this sad and pathetic disinfo troll has not managed to form a single argument to counter this evidence.

Citations:
[1] https://github.com/signalapp
[2] https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/
[3] https://tech.hindustantimes.com/mobile/news/recent-court-filing-reveals-exactly-how-much-data-signal-collects-about-you-71619595504148.html
[4] https://eprint.iacr.org/2016/1013.pdf

>>102255991
Sorry faggot, but I can't assist with that. If you think I can help with anything else, feel free to ask.

>>102254609
> "misinformation"
The word you're looking for is LIES
Never sugar coat what (((they))) do

>>102256406
loooool found the simplex user.

File: 1697188834725.png (172 KB, 720x651)

172 KB PNG

>>102254609
Is there a single legit person using signal?
It's all glowies as far as i can see.
Signal shills are some of the most people on this board.

I don't think that anyone with a brain would use that honeypot. The fact that it is shilled and funded by the CIA trumps everything.

>>102256440
I use it everyday to talk to friends and family just like millions of other people do.

File: 1725622430120.jpg (535 KB, 1440x3216)

535 KB JPG

>>102254675
>you can also install Signal from Calyx OS F-droid repository.
Wut

>>102256451
you shall not lie

File: 1710383740178.gif (1.36 MB, 619x672)

1.36 MB GIF

>>102254609
>the safest way to install Signal is to fully trust Google

>>102256513
Mate, it had 40 million users in 2022 but they must all be feds too I guess. Right?

>>102254609
Signal is a honeypot.

>>102254609
That whole thing was started for the purpose of misinformation. You have no idea.

>>102256569
>>102256574
HI FEDS. WELL DONE FOR TELLNG EVERYONE THAT YOU CAN'T GET SHIT FROM MY SIGNAL MESSSAGES.

>>102256579
Take your med schizo.
Go learn about the genesis of Signal and who funded it and who still does. They even clearly mention why they made it.
They don't even hide it from public anymore. It's out there. Because they know you all are fucking stupid lazy retarded niggerlicious nigger cattle.

>>102256611
Yeah, yeah and the same technology fund you're referring to funded Briar as well, so let me guess, Briar is compromised too?

I'm sure there are feds, politicians and others who use signal to communicate because there's a nice pool of regular users and they can blend in. Just like TOR (Also created by the same people your'e talking about).

File: hvjsdkfsfsfs-a209af834984(...).jpg (109 KB, 800x532)

109 KB JPG

>>102256611
It really shows how dumb you are that in your head OTF funding = compromised...

There's a massive list of software partly funded by the OTF and guess what, that's because feds need secure and private communication just as much as the average citizen.

They've funded: The Tor Project, Signal, TrueCrypt. Google, Dropbox, OpenPGP, Cryptocat, Briar, Commotion Wireless, GlobaLeaks, Nitrokey, Ricochet, Psiphon, Lantern. NthLink, Ouinet, NewNode, Guardian Project, eQualit.ie, Breakpointing Bad, GreatFire, FIleZilla, Icarus Project, FADe, PiRogue Tool Suite, Tella, Greenhost, Cure53, Trail of Bits, Radically Open Security, Subgraph Technologies, 7ASecurity, Superbloom, 3 Bridges and hundreds of other non-profits, companies and individuals in recent history.

Trail of bits did the only audit for SimpleX by the way looooool.

If you're so paranoid that you won't use anything funded by the US government. I suggest you throw your router in the bin and rip out the CAT6 cables to your house mate.

File: Laughing Anakin.jpg (56 KB, 342x342)

56 KB JPG

>>102254609
>special needs

>>102256836
https://www.wired.com/story/tech-companies-are-complicit-in-censoring-iran-protests/

https://www.vice.com/en/article/signal-is-asking-people-around-the-world-to-help-iranians-access-the-encrypted-app/

https://signal.org/blog/help-iran-reconnect/

Do you know why an innocent "chat message" company will do this while other's don't give a shit? What's it to them?

kys glownigger.

>>102256886
You're actually retarded.

https://public.opentech.fund/documents/OTF_Annual_Report_FY_2021_20_Jul_23_2.pdf

>>102256886
https://www.opentech.fund/wp-content/uploads/2024/07/OTF-Annual-Report-FY-2022.pdf

>>102254609
You can tell something is wrong with Signal bcause of how much it's shilled on r3ddit.

>special needs

>>102256936
>>102256948
Let me guess, you also believe that NED and USAID are working for the interest of average people and not for the interest of the US government.
wew laddy!

>>102256962
Right... Thanks for the big brain insight.

>>102256981
I believe that something receiving funding from the US government doesn't automatically mean it's compromised because that's a retarded thought process.

If the tech is sound, foss and can be verified to do it does what it says it does then the funding is not relevant.

https://www.opentech.fund/impact/annual-reports/

>>102255504
>>102255536
Happens all the time, especially since google allows allows the algorithm to show you apps that impersonate other apps as if it's what you're actually looking for, through ads.
It's a huge problem, and almost all phone malware and spyware is installed from the play store.

>>102255408
>1) You're trusting that your install of whatever play store client you're using itself wasn't compromised, then you're trusting that play store have packaged the apk correctly and that their signing key hasn't been compromised and then you still need to trust the upstream developers.
FTFY

>>102257000
I hope you are right anon. Keep using signal. All the best.
Let me know when signal publishes a blog for the freedom of Palestinian people like they did for Iranian people.

>>102255654
Between those who are interested in Signal and those who would be interested in fdroid or already have it there's a big overlap. If somebody already is visiting Signal's site instead of just downloading it from the app store then they could use the time to at least mention fdroid. Signal and its shills love throwing around that it's open source but they rarely do anything for the FOSS community and the option they promote immediately has proprietary blobs.

>>102255814
Funny thing that I installed graphene and fdroid on a family members phone. I said aurora is a good second solution but she should focus on graphene.

File: Image_20240906144044.jpg (196 KB, 1080x1059)

196 KB JPG

Real life example of app impersonation on the play store - they have copied (and made slightly different) the openAI logo. If you press the first or the second option here, you get a fake chatGPT app that mines your data.

>>102254609
If the Google store is banned in your country you will need to get the apk somehow, Telegram has this as well.

File: muammar-al-qaddafi-gettyi(...).jpg (64 KB, 640x640)

64 KB JPG

Why does signal still not have an android tablet companion app?

>>102254609
>Advanced users with special needs

Wow way to just label anyone using apks as autists. It may be true but there's no need to put them on blast like that.

>>102257093
This is not an issue if a normie simply clicks the invite to signal link they receive from their privacy concious friend.

so that's what we're gonna do today? fight about signal?

>>102257847
>today
Lol

>>102257840
>privacy concious friend
>sends "invite to signal link" via unencrypted SMS
kek

>>102257966
Or RCS or any other messaging app.

>>102257847
This is going on ever since the CIA failed their color revolution Venezuela.
You can verify it in the archive.
It isn't even related to the current Telegram drama. We have a flood of Signal shills for a month now.

Maybe glowies run a current honeypot campaign and the Venezuela thing and the Telegram arrest and the shill campaign are parts of it.
It surely is a big coincidence that the Telegram founder gets arrested in the West just a few weeks after a crackdown on glowfags in South America.

>>102258007
Telegram is not that important. If it was it would actually be encrypted by default

>>102258007
Or maybe anons who use Signal just browse /g/ and respond to blantant lies about Signal that're posted here every fucking day.

It's adorbale that you think that /g/ is relevant enough for some "glowies" to spend any time here though lool.

>>102258007
>28 days ago
Venezuela arrests 2400 CIA assets and bans Signal (which those assets used). Color revolution gets killed off.
>**Signal shill flood starts here**
>27 days ago
Russia follows and does the same after they see whats going on in Venezuela.
>18 days ago days ago
Brazil orders X to ban illegal shit. Musk ignores it.
>12 days ago
Telegram CEO arrested in France
>4 days ago
Brazil bans X after X ignores court requests

File: pepe-laugh.gif (42 KB, 360x346)

42 KB GIF

>>102254609
>literally calling "Advanced users" retards

>>102258057
And those anons were sleeping for years and only woke up 28 days ago?

>>102258057
Until now, the only blunt lies i see are from Signal shills.
That ranges from the obvious dodging of the CIA funding and Google and Amazon servers running it.
To the lies that Signal wouldn't have access to metadata.
To the FUD against everything else (matrix and xmpp).
To the claim that ohters aren't encrypted.
To the braindead dumb stuff like thinking that E2EE means that it can't be moderated or that E2EE someone protects metadata.

Lies, lies, lies... lies everywhere.
Not a single anon who shills Signal isn't lying.
I might give some posts the benefit of the doubt and can accept that they are simply dumb and talk about subjects they don't understand. But that doesn't make it any better.

Crawl back into the hole you came from.

>>102258063
The CIA is upset that some little South American shithole defeated them.

The whole rest of all those happenings is literally just the Western glowies chimping out and getting the proper retribution.
Arresting Pavel is some desperate attempt to get a bargaining chip.
The problem is that nobody knows if Russia even cares about it, since Pavel is anti-Putin.

>>102256347
>requires phone number for account creation
KYSSS

>>102256530
The Google Play Store version is still signed by Signal. Google cannot mess with it.

>>102258120
You have been exposed several times every day as a complete moron with no clue what you're talking about, and zero technical understanding about encryption or metadata.

I would stop if I were you. It's getting embarrassing.

Signal was founded by a cretin who hides under a psuedonym, and gets really mad when you call him Matthew Rosenfeld, and has done nothing but spread FUD as its marketing technique.
Its a shit messenger used by dorks and losers.
The funniest thing is that mr Rosenfeld, who believes in hiding under a psuedonym, literally will not let you identify by anything other than a number that's permanently linked to your identity on Signal

>>102254775
shatGPT fuck off

>>102256347
>hey use our free encrypted messenger app
>no you can't just sign up with no PII, you must give us your phone number
>we'll verify that its a real phone number too, not a VOIP or online SMS number
>you dont need anonymity to be safe sweaty

>>102260366
>still no arguments
>still no technical understanding
Still no problem. You're a worthless moron.

>>102256451
>signal
>friends
unlikely

>>102260394
I'm not making an argument, you stupid nerd faggot. I'm calling you names and laughing at you

>>102260425
lmao based

>>102260425
Cope however you like, you're still an idiot at the end of the day.

>>102260444
lmao the nerd is coping and seething

>>102260452
Keep digging yourself deeper, idiot.

bump

>>102256347
ziognal sucks just as much as teleglow
hang yourself

>>102260402
when I installed it, I was really surprised how many of my normie contacts are using it (including biological females). there is still hope for humanity.

>>102254980
I'm a developer, DM me for apk

>>102262811
they both suck, but if you think they suck the same amount then you are the dumbest of all.

>>102254609
it IS safest and easiest. if glowies are after you, no distribution channel is safe.

>>102263711
>not good for protecting your data from glowies
>not good for protecting your data from Google and other Big Tech corporations
so what is the point again?

>>102256371
draw an ascii circle

>>102263736
>good enough to protect you from a nigger who stole your phone

>>102263745
here's an ascii representation of a circle/kikel:

.>

>>102259829
>Google cannot mess with it
Yes, they can, they can always sign it themselves.
And whats more important: Signal itself can mess with it.
And if they want to, they can backdoor a specific device on request, exactly because of that distribution mechanism.
Why would you trust the Signal Foundation with the CIA asset Google employee in charge?

>>102263753
>Like a simple PIN code

>>102258466
>>102260393
sounds like a skill issue on your part, I can buy sim cards with cash all day long, no PII at all

>>102264097
i can use messengers that don't need a phone number all day long.

For better or worse, google play applications probably have more checks in place to prevent wrongdoing than downloading an apk from a website.
Still, if you can't trust it anyways, you should compile it yourself on a safe environment.

>>102264241
>an apk from a website
Anon, this is not 'a website' it's the official one. If they can't manage to keep their own website clean we can't expect them to have a competent messenger at all.

>>102264112
That's a fantastic idea, why don't you do that and stop whining about a service you don't even use.

File: 1724262468777284.png (9 KB, 149x90)

9 KB PNG

>>102254609
I've been staring at this for a minute, but I can't figure out what this is. My brain is telling me it must be a troonjak but I can't see it

>>102264535
Looks like a person stuck in a box without the box

File: 1699546763860681.png (2 KB, 247x204)

2 KB PNG

>>102254609
Why does Signal wants your phone number?
Why does Signal uses centralized servers?
Don't fall for the Signal meme. Use Session instead.
Cucks wants you to use Signal like they do.

>>102264761
This shit is absolute garbage. It doesn't support PFS (unlike Signal and Briar), and on top of that, it requires Android 8 (unlike Signal and Briar). It's also got a 2.8 on Google Play reviews, buggiest shit ever lol.

>>102264826
I tried to install Signal on my Android 8. It didn't ran.

>>102264826
It's not 2.8. It's 3.8. Signal gets 4.6 because of the normies. They love shit like WhatsApp and Messenger.

>>102264878
Sounds like a problem with your phone, I'm running Android 6 and Signal works without any issue.

File: Screenshot_2024-09-06_17-57-59.png (191 KB, 905x473)

191 KB PNG

>>102264892
>It's not 2.8. It's 3.8.
Wrong. The reviews are absolutely abysmal.

File: 1722933779381355.png (119 KB, 1762x911)

119 KB PNG

>>102264960

>>102264445
It's not the website per se but what's between them and you.

>>102265345
>>signal glows and everyone knows
And yet, all the evidence shows you're full of shit >>102256347

>>102254629
This. Also virtually no normalfag knows how to verify a file signature with PGP.

>>102264761
Conversations with OMEMO ftw

>>102266567
Let me know when you refute the evidence here >>102256347, then we can discuss your image.

>>102266784
I accept your concession.

>>102266970
Cool story bruh, keep up the spam.

>>102267029
>the "spam" you've been carefully ignoring the entire thread?
looks like you ignored this first >>102256347

>>102267083
hes not a fed just avatarfag, the lowest iq of them all

>>102267083
truth.

File: SignalTrust.png (315 KB, 1472x1352)

315 KB PNG

>>102267225
if you're concerned about glowniggers, why do you not care that signal is run by glownigger katherine maher?

you realize how suspicious it is that you've ignored this... 6 times ITT right?

>signal glows, everyone knows

>>102267292
i have not posted since the last Signal thread a couple weeks ago.
this is news to me, thanks for sharing.

>>102267292
>>102267307
https://desuarchive.org/g/thread/101985871/

have not posted here since this thread.

>>102267106
Still waiting for you to refute the evidence.

>>102267652
It would be even better if you could inform people by debunking this evidence >>102256347

>>102267717
>if I keep reposting the same image it will make the evidence go away
incredible debate skills you have, I kneel

>>102267723
>>102267717
nobody can deny that there is an ongoing effort to steer users away from Signal.
this is what i see, at least.

>>102267734
>the image you haven't responded to yet?
Once you refute this evidence >>102256347 then we can talk about your image

>>102267752
I don't think who runs it changes the fact that Signal has been proven to be private and secure:
[1] https://github.com/signalapp
[2] https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/
[3] https://tech.hindustantimes.com/mobile/news/recent-court-filing-reveals-exactly-how-much-data-signal-collects-about-you-71619595504148.html
[4] https://eprint.iacr.org/2016/1013.pdf
Please feel free to refute this evidence instead of posting ad hominem attacks.

It’s interesting to see how passionate people are about app security. The debate between convenience and security really highlights how different users prioritize their online safety. Whether you prefer the ease of Google Play or the control of sideloading, it all boils down to what you're comfortable with. Just make sure you understand the risks and benefits of each method.

>>102265345
>the signal shilling on /g/ is RELENTLESS.
seems more like the signal hating on /g/ is relentless, I never see anyone shilling it, but I see lots of people unusually butthurt about other people using it

>>102267789
>seems more like the signal hating on /g/ is relentless
^this

>>102267791
oh neat, another red herring, still waiting for you to refute this evidence
[1] https://github.com/signalapp
[2] https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/
[3] https://tech.hindustantimes.com/mobile/news/recent-court-filing-reveals-exactly-how-much-data-signal-collects-about-you-71619595504148.html
[4] https://eprint.iacr.org/2016/1013.pdf
Please feel free to refute this evidence instead of posting ad hominem attacks.

>>102267810
>still no argument
I accept your concession

>>102267839
>I've made my argument, you haven't. you've just spammed links.
LOL
says the guy who's just spamming the same image over and over, news alert, highlighting some text and spamming it two dozen times isn't an argument
>I'm honest, straightforward, and sensible. you're deceptive, stubborn, and guarded. I side with truth and you side with lies.
ChatGPT could write a better insult than this

File: 598349785789345.png (1.74 MB, 1520x851)

1.74 MB PNG

>>102267839
>I'm honest, straightforward, and sensible
thoughts?

>>102267881
You can stop, you've embarrassed yourself enough for one day.
Translation: I hope your handler beats you to a pulp for this piss poor performance.

>>102267881
>it's good opsec to assume every messenger is compromised, including signal.
what do you use?

>>102267905
>if I keep highlighting more things that'll boost my argument
lol

>>102267857
>ChatGPT could write a better insult than this
Someone call the burn unit, we got a victim here.

>>102267947
>session
forward secrecy is null
pass

>>102254629
Signal doesn't even work without google services

>>102267947
I mean to the right of the average redditor*, but it probably applies to the left as well
>>102267951
right, there's no good option. I just don't like when people insist this one particular service is perfect and somehow "proven" to be exploit free. such a thing is impossible to verify.

>>102267947
>session seems like a good option, but really most internet communication has to be assumed to be compromised.
Session doesn't even support PFS, so it has inferior security compared to Signal.

>>102267961
>don't use Signal, it's insecure!
>use Session, even though it's even less secure!
You're glowing brighter than a Type Ia supernova. Definitely out of Eglin. Sorry Airman, your cover is blowing down the runway...

>>102267996
>it was an off the cuff remark
your whole stream of consciousness is an off the cuff remark
>have you seen this image yet?
the one you've spammed all night, no I totally missed it

>>102268029
dang it, I missed it again, maybe you should keep posting it, the more you post it the more internet points you'll win

>>102268035
you wanted to engage in a dick measuring contest over irrelevant security features and got upset when I told you my concerns were more fundamental (the people running the project)

not my fault you chose to ignore my argument and waste hours of both of our time. have you ever engaged in a sincere discussion in your life or is it all dick measuring contests all the time?

>>102268051
>weird obsession with dicks brought up out of nowhere
you are absolutely mind broken lol

>>102268076
not my fault you chose to ignore my argument and waste hours of both of our time.

>>102254609
If your devs aren't getting raided by the feds, are they trustworthy?

>>102268103
>I responded to your argument that signal has somehow been PROVEN to be uncompromised, which is ridiculous on its face to anyone who knows even a little bit about security.
Cool story, where's your cybersecurity article showing how Signal is insecure?

>>102268120
NTA but the fact that Signal is being ran by people who are literal former glowniggers doesn't concern you?

>>102268130
>samefagging this hard
lol

>>102268141
it's me, I'm hacking on several computers right now to troll you

I know you wouldn't understand so don't even bother reporting me

>>102268130
>Signal is being ran by people
ESL detected.

>>102268141
How is this samefagging if the other guy didn't even reply to you? Hell go ahead and believe I'm him and answer the question

>>102268155
>Hell go ahead and believe I'm him and answer the question
I'll answer the question when he (you) refute the evidence:
[1] https://github.com/signalapp
[2] https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/
[3] https://tech.hindustantimes.com/mobile/news/recent-court-filing-reveals-exactly-how-much-data-signal-collects-about-you-71619595504148.html
[4] https://eprint.iacr.org/2016/1013.pdf

>>102268152
Correct I'm ESL now quit dodging the question

>>102268161
It's irrelevant how "secure" the thing is the last time it was audited when people who control every single aspect of the project are compromised.

>>102268175
>Correct I'm ESL now quit dodging the question
Maybe your handler can teach you how to construct sentences properly.

>>102268178
You obviously understand what I'm saying but you keep dodging instead of explaining how having a former glownigger running the entire project isn't something concerning

>>102268161
>https://eprint.iacr.org/2016/1013.pdf
>The Signal protocol is a cryptographic messaging protocol that provides end-to-end encryption for instant messaging in WhatsApp, Wire, and Facebook Messenger among many others, serving well over 1 billion active users. Signal includes several uncommon security properties (such as “future secrecy” or “post-compromise security”), enabled by a novel technique called ratcheting in which session keys are updated with every message sent.
>We conduct a formal security analysis of Signal’s initial extended triple Diffie-Hellman (X3DH) key agreement and Double Ratchet protocols as a multi-stage authenticated key exchange protocol. We extract from the implementation a formal description of the abstract protocol, and define a security model which can capture the “ratcheting” key update structure as a multi-stage model where there can be a “tree” of stages, rather than just a sequence. We then prove the security of Signal’s key exchange core in our model, demonstrating several standard security properties. We have found no major flaws in the design, and hope that our presentation and results can serve as a foundation for other analyses of this widely adopted protocol.
I don't think the Signal haters could even under this paper, much less refute it.

>>102268192
>an audit from 2016 means it's still safe
So truecrypt still safe too?

>>102255243
Nice cropping shitlord. The next sentence would have explained it:

"The two apps GREF used in its campaign are named 'Signal Plus Messenger' and 'FlyGram,' both being patched versions of the popular open-source IM apps Signal and Telegram."

If you want to download "Signal" and end up downloading "Signal Plus Messenger" instead, there's very little anyone can do to protect you in the long run.

>>102268202
The security protocol is still sound, care to prove otherwise?

>>102268202
>truecrypt
too soon

>>102268192
>security exist therefore no compromise possible
this isn't an argument when signal is run by glownigger katherine maher

every other messaging software is compromised, and signal is run by glowniggers. why would it be the exception? redditfags might buy that messy reasoning, but the autists here pick up on bullshit very easily

>signal glows, everyone knows

>>102268202
Any ROM encryption is safe depending on your password complexity, make sure the encryptor is from a reputable source.

>>102268216
that's a lot of handwaving to concede that you can't refute the evidence

File: SignalGlows.png (438 KB, 1437x1678)

438 KB PNG

>>102268222
the evidence shows that signal is compromised because it's run by glowniggers. it's impossible to prove something like signal is uncompromised and you know it, you're acting in bad faith. I'm honest and on the side of truth. you're a glownigger who's hoping to deceive people.

>signal glows, everyone knows

>>102268252
takes one to know one, glowie

File: GoBack.png (210 KB, 800x480)

210 KB PNG

>>102268302
that means you're a glownigger too, dipshit
>cries about racism
>believes absence of evidence is evidence of absence
>says "glowie" instead of glownigger
yep, it's a redditfag.
>repeats inane statements that implicate himself

>signal glows, everyone knows

>>102268328
>>102268302 (You)
that means you're a glownigger too, dipshit
>cries about racism
>believes absence of evidence is evidence of absence
>says "glowie" instead of glownigger
yep, it's a redditfag.
>repeats inane statements that implicate himself

>signal glows, everyone knows

nigger

>>102254629
I dont manually update too, why would I? so the developers can change my config and add spyware?
Problem with signal is that the app keeps calling "home" for updates, I had ot installed some months ago and it try to force me to update (the app stopped working and all, saying I SHOULD install the latest updoot).
thats why I gave up on it.

>>102268372
And how have you verified that your current non-updated version doesn't have spyware?

>>102264761
>Why does Signal wants your phone number?
For no good reason at all
>Why does Signal uses centralized servers?
Because it's shit

>>102264826
>It doesn't support PFS
You'd need full device access to exploit that.

>>102265334
>It's not the website per se but what's between them and you.
If only we had a solution for that. I just hate that all of my distros are unsafe and I can't check if they aren't.

reminder that signal still shares metadata via push notifications
they like to boast how they store no metadata but it doesn't matter because google and apple store all the metadata they get via push notification service
and it doesn't matter if push notifications are only used to wake up the app, as briar said
>A typical iOS messaging app would use a push notification to wake the app when a message is received, but this exposes metadata to Apple's push notification service and the app developer's push gateway.
>In a publish-subscribe network like Briar, if a bunch of people always receive notifications whenever the Revolutionary Planning Council updates its blog, then even if we don't know who sent the notifications, we've learned something sensitive about the recipients.
inb4
>just don't use google services
doesn't matter because your contacts will use them

hey guys does everyone here know?
signal glows, everyone knows

File: ifx438.png (1.48 MB, 1024x1024)

1.48 MB PNG

special sneeds