Like the evergreen comic, "How would you like this wrapped?" by John Janik
For decades policymakers have been trying to sell us the same surveillance state they accuse their adversaries of having, wrapped as either security or protecting children.
Signal has a central, proprietary server. It's between impractical and impossible to run your own Signal server like you can with Matrix, Revolt, or Delta Chat for example. BlueSky has a similar approach (compare to Mastodon).
Also Signal requires a phone number to sign-in. It's not exactly private. AFAIK the proprietary server can glean your IP, your phone number, who you talk to, and when you talk to them. This type of metadata is valuable information.
The WhatsApp co-founder gave Signal $105M in 2018. Signal costs ~$50M/year to run. It's also funded by wealthy donors such as Jack Dorsey (Twitter, BlueSky, Square). BTW Jack is now pushing Signal to integrate Bitcoin.
When evaluating the "ethics" of a chat platform, we should factor-in the metadata, soft power, and eventual leverage that centralized (controlled by a few) platforms like BlueSky and Signal afford to wealthy folks who are bankrolling it.
Critical portions of the server are not FOSS. Also the core software forces you to join their servers.
Also we have no proof that they are running the server software published on GitHub. This concern is exacerbated by the fact they didn't publish server code updates for many months.
I mean sure, but also, the client app source code lets us know that unencrypted data is not sent to the server. So at best they could perhaps be collecting some additional metadata, but I don't think it's a whole lot
> AFAIK the proprietary server can glean your IP, your phone number, who you talk to, and when you talk to them. This type of metadata is valuable information.
To the best of my knowledge, so can matrix.org or whatever servers you connect and federate to. This is required to route messages between users. What is your point?
reply